Photo by marcos mayer on Unsplash

Configuring SNMPv3 can be a daunting task compared to earlier questions, just from the copious amount of authentication parameters compared to earlier SNMP versions. In this short primer I’ll walk you through the steps necessary to set it up to get the same functionality as earlier SNMP versions, but with real (at least compared to SNMPv2c) security. I’m totally skipping the lesser security models, and moving directly to the Auht/Priv model.

First we need to enter the configuration context

Switch1>enable
Password:
Switch1# conf t
Switch1(config)#

Then we need to create a user group with the right SNMP version, privacy and authentication settings, as well as the right read and write views

Switch1(config)#snmp-server group SNMPV3Group v3 priv read V3Read write V3Write

Then we need to create the user that belongs to this group, feel free to use a higher AES level if you so desire (128, 192 or 256 bits)

Switch1(config)#snmp-server user SNMPV3User SNMPV3Group v3 auth sha [auth password] priv aes 128 [priv password]

Then we need to assign the read and write views the right privileges to actually read and write to the SNMP objects.

Switch1(config)#snmp-server view V3Read iso included
Switch1(config)#snmp-server view V3Write iso included

Exit the configuration context

Switch1(config)#exit
Switch1#

Test that everything works, and write the configuration to memory

Switch1# copy running-config startup-config

Categories: Networks, Tech

Tags: cisco, cisco switch, network, network friday, networking, networking friday, snmp, snmpv3, switch, switches