Dell Command Line Reference Guide for the S4048–ON System 9.14.2.5

PDF

snmp-server user

Configure a new user to an SNMP group.

Syntax
snmp-server user name {group_name remote ip-address vrf vrf-name udp-port port-number} [1 | 2c | 3] [encrypted] [auth {md5 | sha} auth-password] [priv {des56 | aes128} priv password] [access access-list-name | ipv6 access-list-name | access-list-name ipv6 access-list-name]

To remove a user from the SNMP group, use the no snmp-server user name {group_name remote ip-address udp-port port-number} [1 | 2c | 3] [encrypted] [auth {md5 | sha} auth-password] [priv {des56 | aes128} priv password] [access access-list-name | ipv6 access-list-name | access-list-name ipv6 access-list-name] command.

Parameters
name
Enter the name of the user (not to exceed 20 characters), on the host that connects to the agent.
group_name
Enter a text string (up to 20 characters long) as the name of the group. The following groups are created for mapping to read/write community/security-names (defaults):
  • v1v2creadu — maps to a community with ro permissions.
  • 1v2cwriteu — maps to a community rw permissions.
remote ip-address
Enter the keywords udp-port then the user datagram protocol (UDP) port number on the remote device. The range is from 0 to 65535. The default is 162.
vrf vrf-name
Enter the keywords vrf and then the name of the VRF this is used to connect to the SNMP server.
NOTE: Use this attribute to specify a VRF name that is used to connect to the remote host. If no VRF is specified, then the default VRF is used.
udp-port port-number
Enter the keywords udp-port then the UDP (User Datagram Protocol) port number on the remote device. The range is from 0 to 65535. The default is 162.
1 | 2c | 3
(OPTIONAL) Enter the security model version number (1, 2c, or 3):
  • 1 is the least secure version.
  • 3 is the most secure of the security modes.
  • 2c allows transmission of informs and counter 64, which allows for integers twice the width of what is normally allowed.

The default is 1.

encrypted
(OPTIONAL) Enter the keyword encrypted to specify the password appear in encrypted format (a series of digits, masking the true characters of the string).
auth
(OPTIONAL) Enter the keyword auth to specify authentication of a packet without encryption.
md5 | sha
(OPTIONAL) Enter the keyword md5 or sha to designate the authentication level.
  • md5 — Message Digest Algorithm
  • sha — Secure Hash Algorithm
auth-password
(OPTIONAL) Enter a text string (up to 20 characters long) password that enables the agent to receive packets from the host. Minimum: eight characters long.
priv
(OPTIONAL) Enter the keywords priv to initiate a privacy authentication level setting.
des56 | aes128
(OPTIONAL) Enter the keyword des56 or aes128 to specify the encryption mode.
  • aes128 — Use 128 bit AES algorithm in CFB mode for encryption.

  • des56 — Use 56 bit DES algorithm in CBC mode for encryption.

priv password
(OPTIONAL) Enter a text string (up to 20 characters long) password that enables the host to encrypt the contents of the message it sends to the agent. Minimum: eight characters long.
access access-list-name
(Optional) Enter the standard IPv4 access list name (a string up to 16 characters long).
ipv6 access-list-name
(Optional) Enter the keyword ipv6 then the IPv6 access list name (a string up to 16 characters long).
access-list-name ipv6 access-list-name
(Optional) Enter both an IPv4 and IPv6 access list name.
Defaults
As above.
Command Modes
CONFIGURATION
Command History

This guide is platform-specific. For command information about other platforms, see the relevant Dell EMC Networking OS Command Line Reference Guide.

Version
Description
9.10(0.1)
Introduced on the S6010-ON and S4048T-ON.
9.10(0.0)
Introduced on the S3148.
9.10(0.0)
Introduced on the S6100–ON.
9.8(2.0)
Introduced on the S3100 series.
9.8(1.0)
Introduced on the Z9100–ON.
9.8(0.0P5)
Introduced on the S4048-ON.
9.8(0.0P2)
Introduced on the S3048-ON.
9.7(0.0)
Introduced on the S6000-ON.
9.6.(0.0)
Added aes 128 encryption algorithm parameter. 
9.4.(0.0)
Added support for VRF.
9.2(1.0)
Introduced on the Z9500.
9.0.2.0
Introduced on the S6000.
8.3.19.0
Introduced on the S4820T.
8.3.11.1
Introduced on the Z9000.
8.3.7.0
Introduced on the S4810.
7.6.1.0
Introduced on the S-Series.
Usage Information
NOTE: For IPv6 ACLs, only IPv6 and UDP types are valid for SNMP. TCP and ICMP rules are not valid for SNMP. In IPv6 ACLs port rules are not valid for SNMP.

No default values exist for authentication or privacy algorithms and no default password exists. If you forget a password, you cannot recover it; the user must be reconfigured. You can specify either a plain-text password or an encrypted cypher-text password. In either case, the password is stored in the configuration in an encrypted form and displayed as encrypted in the show running-config command.

If you have an encrypted password, you can specify the encrypted string instead of the plain-text password. The following command is an Example of how to specify the command with an encrypted string.

NOTE: The number of configurable users is limited to 16.
Example
DellEMC# snmp-server user privuser v3group v3 encrypted auth md5
9fc53d9d908118b2804fe80e3ba8763d priv des56 d0452401a8c3ce42804fe80e3ba8763d
Usage Information
The following command is an example of how to enter a plain-text password as the string authpasswd for user authuser of group v3group.
Example
DellEMC#conf
DellEMC(conf)# snmp-server user authuser v3group v3 auth md5 authpasswd
Usage Information
The following command configures a remote user named n3user with a v3 security model and a security level of authNOPriv.
Example
DellEMC#conf
DellEMC(conf)# snmp-server user n3user ngroup remote 172.31.1.3 udp-port 5009 3
auth md5 authpasswd
Related Commands
  • show snmp user — displays the information configured on each SNMP user name.

Rate this content

Accurate
Useful
Easy to understand
Was this article helpful?
0/3000 characters
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please select whether the article was helpful or not.
  Comments cannot contain these special characters: <>()\