SNMPv3 Groups

The SNMPv3 groups allow you to combine users into groups of different authorization and access privileges. Each group is associated with one of three security levels:

  • noAuthNoPriv

  • authNoPriv

  • authPriv

Access to MIBs for each group is controlled by associating a MIB view to a group for read or write access, separately.

By default, the WAP device has two groups:

  • RO — A read-only group using authentication and data encryption. Users in this group use the SHA key or password for authentication and a DES or AES128 for encryption. The SHA, DES and AES128 keys or passwords must be defined. By default, users of this group have read access to the default all MIB view.

  • RW — A read/write group using authentication and data encryption. Users in this group use the SHA key or password for authentication and a DES key or AES128 for encryption. The SHA, DES and AES128 keys or passwords must be defined. By default, users of this group have read and write access to the default all MIB view.

Note

The default groups RO and RW cannot be deleted. The WAP device supports a maximum of eight groups.

To add and configure the SNMP group, perform the following steps:

Procedure

Step 1

Select Management > SNMPv3.

Step 2

Click ✚ to add a new row to the SNMPv3 Groups table.

Step 3

Check the box for the new group and configure the following parameters:

  • Group Name — Enter the name of the group. The default group names are RO and RW. Group names can contain up to 32 alphanumeric characters.

  • Security Level — Choose the security level for the group, from the following options:

    • noAuthNoPriv — No authentication and no data encryption (no security).

    • authNoPriv — Authentication, but no data encryption. With this security level, users send SNMP messages that use the SHA key or password for authentication, but not a DES key or AES128 for encryption.

    • authPriv — Authentication and data encryption. With this security level, users send the SHA key or password for authentication and a DES or AES128 for encryption. For groups that require authentication, encryption, or both, you must define the SHA, DES and AES128 keys or passwords on the SNMP Users page.

  • Write Views — Choose the write access for the group's MIBs from one of the following options:

    • view-all — The group can create, alter, and delete MIBs.

    • view-none — The group cannot create, alter, or delete MIBs.

  • Read Views — Choose the read access to MIBs for the group, from one of the following options:

    • view-all — The group is allowed to view and read all MIBs.

    • view-none — The group cannot view or read MIBs.

Step 4

Click Save to add the group to the SNMPv3 Groups list.

Note

To delete a group, check the group in the list and click Delete. To edit a group, check the group in the list and click Edit.