SNMP Communities

Access rights in SNMPv1 and SNMPv2 are managed by defining communities in the Communities page. The community name is a type of shared password between the SNMP management station and the device. It’s used to authenticate the SNMP management station.

Communities are only defined in SNMPv1 and v2 because SNMPv3 works with users instead of communities. The users belong to groups that have access rights assigned to them. The Communities page associates communities with access rights, either directly (Basic mode) or through groups (Advanced mode):

  • Basic mode—The access rights of a community can configure with Read Only, Read Write, or SNMP Admin. In addition, you can restrict the access to the community to only certain MIB objects by selecting a view (defined in the SNMP Users).

  • Advanced Mode—The access rights of a community are defined by a group (defined in the SNMP Groups). You can configure the group with a specific security model. The access rights of a group are Read, Write, and Notify.

To define the SNMP communities, complete the following steps:

Procedure

Step 1

Click SNMP > Communities.

Step 2

Click Addto define and configure new SNMP community.

Step 3

Configure the following fields:

Community String

Enter the community name used to authenticate the management station to the device.

Basic

In this community type, there’s no connection to any group. You can only choose the community access level (Read Only, Read Write, or SNMP Admin) and, optionally, further qualify it for a specific view. By default, it applies to the entire MIB. If this is selected, enter the following fields:

  • Access Mode—Select the access rights of the community. The options are:

    Read Only—Management access is restricted to read-only. Changes can’t be made to the community.

    Read Write—Management access is read-write. Changes can be made to the device configuration, but not to the community.

    SNMP Admin—User has access to all device configuration options, and permissions to modify the community. SNMP Admin is equivalent to Read Write for all MIBs except for the SNMP MIBs. SNMP Admin is required for access to the SNMP MIBs.

  • View Name—Select an SNMP view (a collection of MIB subtrees to which access is granted).

Advanced

Select this type for a selected community.

  • Group Name—Select an SNMP group that determines the access rights.
Step 4

Click Apply. The SNMP Community is defined, and the Running Configuration is updated.