Friday, October 21, 2011

SNMP view



Setup SNMP View

The Setup SNMP view command can block the user with only access to limited Management Information Base (MIB). By default, there is no SNMP view entry exists. This command is configured at the global configuration mode and first introduced in Cisco IOS Software version 10.3. It works similar to access-list in that if you have any SNMP View on certain MIB trees, every other tree is denied inexplicably. However, the sequence is not important and it goes through the entire list for a match before it stops.

To create or update a view entry, use the snmp-server view global configuration command. To remove the specified SNMP server view entry, use the no form of this command.

Syntax:

    snmp-server view view-name oid-tree {included | excluded}

    no snmp-server view view-name


Syntax Description:

    * view-name—Label for the view record that you are updating or creating. The name is used to reference the record.
    * oid-tree—Object identifier of the Abstract Syntax Notation One (ASN.1) subtree to be included or excluded from the view. To identify the subtree, specify a text string consisting of numbers, such as 1.3.6.2.4, or a word, such as system. Replace a single sub-identifier with the asterisk (*) wildcard to specify a subtree family; for example 1.3.*.4.
    * included | excluded—Type of view. You must specify either included or excluded.


      This is a complete example for how to apply the MIB with community string and the output of the snmpwalk with view in place. This configuration defines a view that denies the SNMP access for the Address Resolution Protocol (ARP) table (atEntry) and allows it for MIB-II and Cisco private MIB:

          snmp-server view myview mib-2 included


          snmp-server view myview atEntry excluded


          snmp-server view myview cisco included


          snmp-server community public view myview RO 11


          snmp-server community private view myview RW 11


          snmp-server contact pvanderv@cisco.com
 
Ref:
http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a0080094489.shtml
http://www.netcraftsmen.net/resources/archived-articles/370-configuring-snmp-in-cisco-routers.html
Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)