CISCO SNMPv3 配置及snmpwalk命令信息获取

snmp v3安全级别有三种,分别为noAuthNoPriv(不认证也不加密)、authNoPriv(认证但是不加密)、authPriv(既认证又加密)
一、CISCO SNMPv3配置代码:

snmp-server contact zhangsan
snmp-server location chengdu
snmp-server view MIB-2 mib-2 included

1)如果设置安全级别为authPriv

snmp-server group READONLY v3 priv read MIB-2
snmp-server user admin READONLY v3 auth sha mypass123 priv aes 128 myaes123

 

2)如果设置安全级别为authNoPriv

snmp-server group READONLY v3 auth read MIB-2
snmp-server user admin READONLY v3 auth sha mypass123

 

3)如果设置安全级别为noAuthNoPriv

snmp-server group READONLY v3 noauth read MIB-2
snmp-server user admin READONLY v3

注意:上述密码设置长度必须大于等于八位,否则在linux上使用snmpwalk命令时,会报错提示

Error: passphrase chosen is below the length requirements of the USM (min=8).
snmpwalk: (The supplied password length is too short.)
Error generating a key (Ku) from the supplied privacy pass phrase.

其中sha可改成md5,

md5 Use HMAC MD5 algorithm for authentication
sha Use HMAC SHA algorithm for authentication

aes可改成:3des,des。

3des Use 168 bit 3DES algorithm for encryption
aes Use AES algorithm for encryption
des Use 56 bit DES algorithm for encryption

2、snmpwalk获取信息命令

1)安全级别为authPriv时,snmpwalk获取信息方式:

snmpwalk -v 3 -u admin -l authPriv -a sha -A mypass123 -x aes -X myaes123 192.168.0.80 ".1.3.6.1.2.1"

 

2)安全级别为authNoPriv时,snmpwalk获取信息方式:

snmpwalk -v 3 -u admin -l authNoPriv -a sha -A mypass123 192.168.0.80 ".1.3.6.1.2.1"

 

3)安全级别为noAuthNoPriv时,snmpwalk获取信息方式:

snmpwalk -v 3 -u admin -l noAuthNoPriv 192.168.0.80 ".1.3.6.1.2.1"
snmp-server contact zhangsan
snmp-server location chengdu
snmp-server view MIB-2 mib-2 included

你可能感兴趣的:(网络技术)