Configuration Topology Case
Case configuration requirements
1, IP-Internet XY.XY.XY.X / 24, Loopback IP 0 to XXXX, where X oriented device ID, Y for the remote device ID;
2, Rl, R2, R3 of between OSPF is used as the IGP route;
3, using the R1 group "ccie" Configuring the SNMPv3, read access to the group "read" defined by ISO MIB, write access "write" is defined by the System the MIB;
. 4, group "ccie" use highest authority authentication, group members can only be 1.1.1.1;
. 5, the user as a group member CISCO "the ADMIN", which is connected to the user via SNMPv3 MD5 key "Cisco";
. 6, arranged in the SNMPv2 R3, using the " NMS "as a community, permissions to read;
case configuration Roadmap
1. configure three routers in the IP
R1(config)#interface fastEthernet 0/0
R1(config-if)#ip address 12.1.1.1 255.255.255.0
R1(config-if)#no shutdown
R1(config)#interface loopback 0
R1(config-if)#ip address 1.1.1.1 255.255.255.0
R2(config)#interface fastEthernet 0/0
R2(config-if)#ip address 12.1.1.2 255.255.255.0
R2(config-if)#no shutdown
R2(config)#interface fastEthernet 0/1
R2(config-if)#ip address 23.1.1.2 255.255.255.0
R2(config-if)#no shutdown
R3(config)#interface fastEthernet 0/1
R3(config-if)#ip address 23.1.1.3 255.255.255.0
R3(config-if)#no shutdown
2. Run OSPF on the 3 routers
R1(config)#router ospf 100
R1(config-router)#router-id 91.1.1.1
R1(config-router)#network 12.1.1.0 0.0.0.255 area 0
R1(config-router)#network 1.1.1.0 0.0.0.255 area 0
R2(config)#router ospf 100
R2(config-router)#router-id 92.2.2.2
R2(config-router)#network 12.1.1.0 0.0.0.255 area 0
R2(config-router)#network 23.1.1.0 0.0.0.255 area 0
R3(config)#router ospf 100
R3(config-router)#router-id 93.3.3.3
R3(config-router)#network 23.1.1.0 0.0.0.255 area 0
3. R1 on the SNMPv3
access-list 1 permit 1.1.1.1
snmp-server group ccie v3 priv read read write write access 1
/创建SNMP组 ccie,使用版本V3,进行V3认证,读权限为read,写权限为write/
snmp-server view read iso included /创建SNMP权限视图read,权限由ISO定义/
snmp-server view write system included
/创建SNMP权限视图write,权限由system定义/
snmp-server user ADMIN CISCO v3 auth md5 cisco
/创建SNMP组CISCO内的用户ADMIN,版本为V3,使用MD5认证,密码为cisco/
4. R3 in the SNMPv3
access-list 1 permit 1.1.1.1
snmp-server community NMS ro
/创建SNMPv2和SNMPv1组NMS,权限为只读/
no snmp-server group NMS v1
/删除SNMPv1组NMS/
Case Test Results
1. After the configuration, view the group of SNMP on Rl:
2, After the configuration, see SNMPv3 user on Rl
. 3, the configuration, see SNMPv2 user information on R3
Summary and other
1 , SNMP is a simple network management protocol that provides a graphical interface to network management software network management capabilities;
2, SNMP network management to provide when users read and write permissions divided, it can be set separately;
3, SNMP has three versions v1, v2c and v3, which v1 and v2c and v3 only with a password to provide authentication with a user name and password;
4, the SNMP group in some of the same strategies can be unified user operation;