Cisco Nexus Training – Go from Beginner to Advanced!
VDC, VPC, OTV, FRX, and many more…

SNMP helps to gather and organize device information in an IP network. Currently, it has three main versions – v1, v2c, v3. The problem with the version v1 and v2c, there is almost no security. So, SNMP v3 was introduced to add security.

How to configure SNMP v3 in Cisco IOS Devices

Earlier, we have configured SNMP v2c, and today we will learn to configure SNMP v3 in Cisco IOS devices. So, let’s get started.

Example: Configure SNMP v3 in Cisco

SNMPv3 support three (3) modes. These are-

  • noAuthNoPriv
  • authNoPriv
  • authPriv

We will configure all the modes one by one. Let’s start with noAuthNoPriv first.

noAuthNoPriv

This mode has no authentication and no encryption services.

snmp-server view OUR-MIB-VIEW mib-2 included
snmp-server group OUR-SNMP-GROUP v3 noauth read OUR-MIB-VIEW
snmp-server user SNMPuser OUR-SNMP-GROUP v3

Explanation:
SNMPuser is the username for SNMP.
OUR-SNMP-GROUP is our Security Model group.
OUR-MIB-VIEW is the name of our MIB-Tree view group.
mib-2 is a part of MIB where all the interfaces and system information can be found. Below are the reference for MIB.

MIB-2

authNoPriv

In this mode, authentication will be there, but no encryption services.

snmp-server view OUR-MIB-VIEW mib-2 included
snmp-server group OUR-SNMP-GROUP v3 auth read OUR-MIB-VIEW
snmp-server user SNMPuser OUR-SNMP-GROUP v3 auth md5 LetsConfig_AUTH

Explanation:
SNMPuser is the username and LetsConfig_AUTH is the authentication code.

authPriv

In this mode, authentication and encryption services will be there.

snmp-server view OUR-MIB-VIEW mib-2 included
snmp-server group OUR-SNMP-GROUP v3 auth read OUR-MIB-VIEW
snmp-server user SNMPuser OUR-SNMP-GROUP v3 auth md5 LetsConfig_AUTH priv 3des LetsConfig_PRIV

Explanation:
SNMPuser is the username, LetsConfig_AUTH is the authentication code and LetsConfig_PRIV is encryption code.

If you want, you can watch this video on SNMP v3 to know how it works.

Written by Rajib Kumer Das

I am Rajib Kumer Das, a network engineer with 8+ years of experience in multi-vendor environment. In my current position, I am responsible to take care critical projects and it's support cases. I do have several vendor certificates and have plans to go further.

Leave a Comment

Your email address will not be published. Required fields are marked *