Configure SNMPv3 on Cisco Switch

Pre-requisites:

  • SNMPv3 works only with Cisco IOS version 15.2 and higher for Cisco switches
  • SNMPv3 works only with Cisco IOS version 12.0.3T for Cisco routers.

In this guide, we follow below parameters

  • User account: Zabbix_READ
  • Group name: GP_READ
  • Hash Method: MD5
  • Encryption Method: DES
  • SNMP Manager Host: 10.10.10.10

Step by Step Procedure to configure SNMPv3 with READ ONLY ACCESS

Step 1: Create ‘Read Only Access’ to view all iso tree

By default, you don’t need to configure any view.  The default view, v1default, has all of the regular MIB branches included.

# snmp-server view Full-Access iso included

 

Step 2: Create Group with name ‘GP_READ’ with read access

#snmp-server group GP_READ v3 priv read Full-Access

 

Tips:

If you want to provide write access as well, command would be like

#snmp-server group GP_READ v3 priv read Full-Access write Full-Access

 

All in One WordPress Hosting Starts at 30$ per month
All in One WordPress Hosting
WordPress
High optimized WordPress hosting, secure firewall, HTTPS, Backup, hack-fix guarantee and many others at 30$ per month

Step 3: Create User with name ‘Zabbix_READ’ in group ‘GP_READ’ with MD5 hash password “15Access” and DES encryption password “15Encrypt”

#snmp-server user Zabbix_READ GP_READ v3 auth md5 15Access priv des 15Encrypt access 12

 

Step 4: Create ACL for SNMP Manager

#access-list 12 permit 10.10.10.10

 

Step 5: Associate to IP address of SNMP Manager with READ ONLY access user

#snmp-server host 10.10.10.10 version 3 priv Zabbix_READ

 

Step 6: Enable SNMP service to send traps of linkdown linkup

#snmp-server enable traps snmp linkdown linkup

 

Troubleshooting Commands

# show snmp user

# show snmp group