SNMP Users

An SNMP user is defined by its login credentials (user name, passwords and authentication method), and also by the context/scope in which it operates by association with a group and an Engine ID.

After a user is authenticated, it takes on the attributes of its group and can then see/not see the views associated with this group.

The SNMP Users Page enables creating SNMPv3 users. An SNMPv3 user is the combination of a user along with a method that is used to authenticate the user and a password.

Groups enable network managers to assign access rights to specific device features, or feature aspects to an entire group of users instead of to a single user.

A user can only be a member of a single group.

To create an SNMPv3 user the following must first exist:

An engine ID must first be configured on the device. This can be done in the Engine ID Page.
An SNMPv3 group must be available. An SNMPv3 group can be defined in the SNMP Groups Page.

To display SNMP users and define new ones:

Click SNMP > Users. The SNMP Users Page opens.

This page displays existing users.

Adding an SNMP Group Profile

Click Add in the SNMP Users Page. The Add SNMP Group Membership Page opens.

This page provides information for assigning SNMP access control privileges to SNMP groups and contains the following fields.

User Name — Enter a name for the user.
Engine ID — Select either the local or remote SNMP entity to which the user is connected. Changing or removing the local SNMP Engine ID deletes the SNMPv3 User Database. To receive both informs and request information, you must define both a local and remote user.
Local — User is connected to a local SNMP entity. The user can request information but does not receive informs.
Remote — User is connected to a remote SNMP entity. If the remote Engine ID is defined, remote devices receive inform messages. Enter the remote engine ID but cannot make requests for information.
Group Name — Select the SNMP groups to which the SNMP user belongs. SNMP groups are defined in the Add SNMP Group Profile Page.
Authentication Method— Select the Authentication method used. The possible options are:
None — No user authentication is used.
MD5 Password — Users must enter a password that is encrypted using the MD5 authentication method.
SHA Password — Users must enter a password that is encrypted using the SHA authentication method.
MD5 Key — Users are authenticated using a valid MD5 key.
SHA Key — Users are authenticated using a valid SHA key.
Password — If the authentication method is either MD5 or SHA password, enter the local user password. Local user passwords can contain up to 159 characters.
Authentication Key — If the authentication method is either MD5 or SHA key, enter the MD5 or SHA authentication key. If the MD5 key is selected, then16 bytes are required and if the SHA key is selected then 20 bytes are required.
Privacy Key — If the Authentication Method is either MD5 or SHA key, enter the MD5 or SHA privacy key. If the MD5 key is selected, then 16 bytes are required and if the SHA key then 20 bytes are required.