Skip to content

Belajar Mengkonfigurasi SNMP V3

Kali ini saya belajar bagaimana mengkonfigurasi SNMP V3
di Device cisco, mengapa V3, apa sih kelebihannya ?
ini dia perbandingannya dengan versi-versi sebelumnya :

Secara Umum cara mengkonfigurasi SNMP V3 adalah sebagai berikut:

1. Configuring the SNMP-server engine ID
2. Configuring the SNMP-server group names
3. Configuring the SNMP-server users
4. Configuring the SNMP-server hosts

*******************************************
*1. Configuring the SNMP-server engine ID *
*******************************************
--------------------------------------------------------
cnc3(config)#
snmp-server engineID [local engineid-string] | [remote
ip-address udp-port port-number engineid-string]
--------------------------------------------------------
cnc3(config)#snmp-server engineID ?
 local   engineID of the local agent
 remote  engineID of the remote agent

cnc3(config)#
cnc3(config)#snmp-server engineID local ?
 WORD  engine ID octet string

cnc3(config)#snmp-server engineID local 9876543210
cnc3(config)#

********************************************
*2. Configuring the SNMP-server group names*
********************************************
--------------------------------------------------------
cnc3(config)#
snmp-server group groupname {v1 | v2c | v3 {auth | noauth
| priv}} [read readview] [write writeview] [notify
notifyview] [access access-list]
--------------------------------------------------------

cnc3(config)#snmp-server group datakomgroup ?
 v1   group using the v1 security model
 v2c  group using the v2c security model
 v3   group using the User Security Model (SNMPv3)

cnc3(config)#snmp-server group datakomgroup v3 ?
 auth    group using the authNoPriv Security Level
 noauth  group using the noAuthNoPriv Security Level
 priv    group using SNMPv3 authPriv security level

cnc3(config)#snmp-server group datakomgroup v3 auth
cnc3(config)#snmp-server group datakomgroup v3 priv
cnc3(config)#
**************************************
*3. Configuring the SNMP-server users*
**************************************
--------------------------------------------------------
cnc3(config)#
snmp-server user username groupname [remote ip-address
[udp-port port]] {v1 | v2c | v3 [encrypted] [auth {md5 |
sha} auth-password [priv des56 priv-password]]} [access
access-list]
--------------------------------------------------------

cnc3(config)#snmp-server user ?
 WORD  Name of the user

cnc3(config)#snmp-server user datakom ?
 WORD  Group to which the user belongs

cnc3(config)#snmp-server user datakom datakomgroup ?
 remote  Specify a remote SNMP entity to which the user belongs
 v1      user using the v1 security model
 v2c     user using the v2c security model
 v3      user using the v3 security model

cnc3(config)#snmp-server user datakom datakomgroup v3 ?
 access     specify an access-list associated with this group
 auth       authentication parameters for the user
 encrypted  specifying passwords as MD5 or SHA digests
 <cr>

cnc3(config)#snmp-server user datakom datakomgroup v3 auth ?
 md5  Use HMAC MD5 algorithm for authentication
 sha  Use HMAC SHA algorithm for authentication

cnc3(config)#snmp-server user datakom datakomgroup v3 auth md5 ?
 WORD  authentication pasword for user

cnc3(config)#snmp-server user datakom datakomgroup v3 auth md5 datakom123
cnc3(config)#$ user datakom datakomgroup v3 auth md5 datakom123 priv ?
 3des  Use 168 bit 3DES algorithm for encryption
 aes   Use AES algorithm for encryption
 des   Use 56 bit DES algorithm for encryption

cnc3(config)#$ user datakom datakomgroup v3 auth md5 datakom123 priv des ?
 WORD  privacy pasword for user

cnc3(config)#$kom datakomgroup v3 auth md5 datakom123 priv des datakom123 ?
 access  specify an access-list associated with this group
 <cr>
cnc3(config)#$kom datakomgroup v3 auth md5 datakom123 priv des datakom123
cnc3(config)#
*May 13 05:03:08.463: Configuring snmpv3 USM user, persisting snmpEngineBoots. Please Wait...

cnc3(config)#
**************************************
*4. Configuring the SNMP-server hosts*
**************************************
--------------------------------------------------------
cnc3(config)#snmp-server host ?
 WORD                                                  Hostname or IP address
 of SNMP notification
 host
 http://<Hostname or A.B.C.D>[:<port number>][/<uri>]  HTTP address of XML
 notification host
--------------------------------------------------------
cnc3(config)#snmp-server host 192.168.70.2 ?
 WORD     SNMPv1/v2c community string or SNMPv3 user name
 informs  Send Inform messages to this host
 traps    Send Trap messages to this host
 version  SNMP version to use for notification messages
 vrf      VPN Routing instance for this host

cnc3(config)#snmp-server host 192.168.70.2 version 3 ?
 auth    Use the SNMPv3 authNoPriv Security Level
 noauth  Use the SNMPv3 noAuthNoPriv Security Level
 priv    Use the SNMPv3 authPriv Security Level

cnc3(config)#snmp-server host 192.168.70.2 version 3 auth ?
 WORD  SNMPv1/v2c community string or SNMPv3 user name

cnc3(config)#snmp-server host 192.168.70.2 version 3 auth datakom 
cnc3(config)#snmp-server host 192.168.70.2 version 3 priv datakom
cnc3(config)#snmp-server contact iwingganteng
cnc3(config)#snmp-server location dayeuhkolot
--------------------------------------------------------
****************
*5.How to check*
****************
cnc3#show snmp user datakom

User name: datakom
Engine ID: 9876543210
storage-type: nonvolatile        active
Authentication Protocol: MD5
Privacy Protocol: DES
Group-name: datakomgroup

cnc3#
-------------------------------------------------------- 




ref:
Cisco IOS Network Management Configuration Guide
Release 12.4T, url: http://www.cisco.com, (mei 2010)
2 Comments leave one →
  1. albert permalink
    16 October 2012 12:20 AM

    thx iwing..
    mengenai readview, writeview, dan notifyview, apakah tidak dibahas?

  2. @brar permalink
    16 September 2016 6:43 PM

    Artikelnya bagus, ditunggu tulisan2 berikutnya ….

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: