SNMP communities:
1. private, and the privilege is read-write
2. public, and the privilege is read-only
0 SNMP packets input
0 Bad SNMP version errors
0 Unknown community name
0 Illegal operation for community name supplied
0 Encoding errors
0 Number of requested variables
0 Number of altered variables
0 Get-request PDUs
0 Get-next PDUs
0 Set-request PDUs
0 SNMP packets output
0 Too big errors
0 No such name errors
0 Bad values errors
0 General errors
0 Response PDUs
0 Trap PDUs
Use this command to define the community access string for the Simple Network
Management Protocol. Use the no form to remove the specified community
string.
Syntax
snmp-server communitystring [ro|rw] no snmp-server communitystring
string - Community string that acts like a password and permits
access to the SNMP protocol.
(Maximum number of strings: 5; Maximum string length: 32 characters, case
sensitive)
ro - Specifies read-only access. Authorized management stations
are only able to retrieve MIB objects.
rw - Specifies read-write access. Authorized management stations
are able to both retrieve and modify MIB objects.
Default Setting
public - read-only access. Authorized management stations are only able
to retrieve MIB objects.
private - with read-write access. Authorized management stations are able
to both retrieve and modify MIB objects.
Command Mode
Global Configuration
Command Usage
The first snmp-servercommunity command you enter enables SNMP
(SNMP v1 and SNMP v2c). The no snmp-server community command disables
all versions of SNMP.
Example
Console(config)#snmp-server
community private rw Console(config)#
Use this command to specify the recipient of a Simple Network Management Protocol
notification operation. Use the no form to remove the specified host.
host-addr - Name or Internet address of the host (the targeted
recipient).
(Maximum host addresses: 5 trap destination IP address entries)
community-string - Password-like community string sent with the
notification operation. Though you can set this string using the snmp-server
host command by itself, we recommend you define this string using the
snmp-server community command prior to using the snmp-server host
command. (Maximum length: 32 characters)
version - Specifies whether to send notifications as SNMP v1 or
SNMP v2c traps.
Default Setting
Host Address: None
SNMP Version: 1
Command Mode
Global Configuration
Command Usage
If you do not enter an snmp-server host command, no notifications
are sent. In order to configure the switch to send SNMP notifications, you
must enter at least one snmp-server host command. In order to enable
multiple hosts, you must issue a separate snmp-server host command
for each host
The snmp-server host command is used in conjunction with the snmp-server
enable traps command. Use the snmp-server enabletraps command
to specify which SNMP notifications are sent globally. For a host to receive
notifications, at least one snmp-server enable traps command and the
snmp-server host command for that host must be enabled.
The switch can send SNMP version 1 or version 2c traps to a host IP address,
depending on the SNMP version that the management station supports. If the
snmp-server host command does not specify the SNMP version, the default
is to send SNMP version 1 traps.
Some notification types cannot be controlled with the snmp-server enable
traps command. For example, some notification types are always enabled.
Use this command to enable this device to send Simple Network Management Protocol
traps (SNMP notifications). Use the no form to disable SNMP notifications.
authentication - Keyword to issue authentication failure traps.
link-up-down - Keyword to issue link-up or link-down traps.
Default Setting
Issue all traps.
Command Mode
Global Configuration
Command Usage
If you do not enter an snmp-server enable traps command, no notifications
controlled by this command are sent. In order to configure this device to
send SNMP notifications, you must enter at least one snmp-server enable
traps command. If you enter the command with no keywords, all notification
types are enabled. If you enter the command with a keyword, only the notification
type related to that keyword is enabled.
The snmp-server enable traps command is used in conjunction with
the snmp-server host command. Use the snmp-server host command
to specify which host or hosts receive SNMP notifications. In order to send
notifications, you must configure at least one snmp-server host command.
The notification types used in this command all have an associated MIB object
that allows them to be globally enabled or disabled. Not all of the notification
types have notificationEnable MIB objects, so some of these cannot be controlled
using the snmp-server enable traps command.
Sets the IP addresses of clients that are allowed management access to the
switch via SNMP. Use the no form of this command to remove an IP address.
Syntax
snmp ip filterip_address subnet_mask no snmp ip filterip_address subnet_mask
ip_address - An IP address indicating a client or group of clients
that are allowed SNMP access to the switch.
subnet_mask - An address bitmask of decimal numbers that represent
the address bits to match.
Default Setting
None
Command Mode
Global Configuration
Command Usage
You can create a list of up to 16 IP addresses or IP address groups that
are allowed access to the switch via SNMP management software.
Address bitmasks are similar to a subnet mask, containing four decimal integers
from 0 to 255, each separated by a period. The binary mask uses “1”
bits to indicate “match” and “0” bits to indicate “ignore.”
If the IP is the address of a single management station, the bitmask should
be set to 255.255.255.255. Otherwise, the IP address group is specified by
the bitmask.
The default setting is null, which allows all IP groups SNMP access to the
switch. If one IP address is configured, the IP filtering is enabled and only
addresses in the IP group will have SNMP access.
IP filtering does not affect management access to the switch using the Web
interface or Telnet.
Example
The following example enables SNMP IP filtering on the switch and allows
SNMP management access to client IP 10.1.2.3, and client IP group 10.1.3.0
to 10.1.3.255.
Console(config)#snmp ip filter
10.1.2.3 255.255.255.255
Console(config)#snmp ip filter 10.1.3.0 255.255.255.0
Console(config)#
