You are on page 1of 70

SNMP Configuration Guide, Cisco IOS XE

Release 3SE (Catalyst 3850 Switches)

Americas Headquarters

Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 527-0883

THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS,
INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED
WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED
WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.
The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public domain version
of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.
NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH ALL
FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE
PRACTICE.
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING,
WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR
ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL:
www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship
between Cisco and any other company. (1110R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output,
network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content
is unintentional and coincidental.
© 2013 Cisco Systems, Inc. All rights reserved.

CONTENTS
Simple Network Management Protocol 1
Finding Feature Information 1
Information About Configuring SNMP Support 1
Components of SNMP 1
SNMP Manager 2
SNMP Agent 2
MIB 2
SNMP Operations 3
SNMP Get 3
SNMP Set 3
SNMP Notifications 3
Traps and Informs 3
Versions of SNMP 5
How to Configure SNMP Support 7
Configuring System Information 7
Enabling the SNMP Agent Shutdown Mechanism 9
Defining the Maximum SNMP Agent Packet Size 10
Limiting the Number of TFTP Servers Used via SNMP 11
Troubleshooting Tips 12
Configuring SNMP Versions 1 and 2 12
Creating or Modifying an SNMP View Record 12
Creating or Modifying Access Control for an SNMP Community 13
Configuring a Recipient of an SNMP Trap Operation 15
Disabling the SNMP Agent 16
Configuration Examples for SNMP Support 17
Example: Configuring SNMPv1 Support 17
Example: Show SNMP View 18
Example Configuring SNMP Community Access Strings 19
Example Configuring Host Information 19

SNMP Configuration Guide, Cisco IOS XE Release 3SE (Catalyst 3850 Switches)
iii

Cisco IOS XE Release 3SE (Catalyst 3850 Switches) iv .Contents Additional References 19 Feature Information for Simple Network Management Protocol 22 SNMP Inform Request 25 Finding Feature Information 25 Information About SNMP Inform Requests 25 SNMP Inform Request 25 How to Configure SNMP Inform Requests 25 Configuring Devices to Send Traps 26 Changing Inform Operation Values 27 Configuration Examples for SNMP Inform Request 28 Example: Configuring SNMP Inform Request 28 Additional References 29 Feature Information for SNMP Inform Request 31 SNMPv2c 33 Finding Feature Information 33 Information About SNMPv2c 33 Security Features in SNMPv2c 33 How to Configure SNMPv2c 34 Configuring the SNMP Server for SNMPv2c 34 Verifying SNMPv2c 36 Configuration Examples for SNMPv2c 37 Example: Configuring the SNMP Server for SNMPv2c 37 Additional References for SNMPv2c 38 Feature Information for SNMPv2c 39 SNMP Version 3 41 Finding Feature Information 41 Information About SNMP Version 3 41 Security Features in SNMP Version 3 41 Cisco-Specific Error Messages for SNMP Version 3 42 How to Configure SNMP Version 3 44 Configuring the SNMP Server 44 Verifying SNMP Version 3 46 Configuration Examples for SNMP Version 3 47 Example: Configuring SNMP Version 3 47 Additional References for SNMP Version 3 47 SNMP Configuration Guide.

Cisco IOS XE Release 3SE (Catalyst 3850 Switches) v .Contents Feature Information for SNMP Version 3 49 AES and 3-DES Encryption Support for SNMP Version 3 51 Finding Feature Information 51 Prerequisites for AES and 3-DES Encryption Support for SNMP Version 3 51 Information About AES and 3-DES Encryption Support for SNMP Version 3 52 How to Configure AES and 3-DES Encryption Support for SNMP Version 3 52 Adding a New User to an SNMP Group 53 Verifying the SNMP User Configuration 53 Additional References for AES and 3-DES Encryption Support for SNMP Version 3 54 Feature Information for AES and 3-DES Encryption Support for SNMP Version 3 56 Cisco Enhanced Image MIB 59 Finding Feature Information 59 Information About Cisco Enhanced Image MIB 59 Cisco Enhanced Image MIB Overview 59 Image Installable Table 60 Image Location Table 60 Image Table 61 Sample Output from the Cisco Enhanced Image MIB Query 61 Additional References 62 Feature Information for Cisco Enhanced Image MIB 63 SNMP Configuration Guide.

Cisco IOS XE Release 3SE (Catalyst 3850 Switches) vi .Contents SNMP Configuration Guide.

and to see a list of the releases in which each feature is supported.cisco. page 3 Versions of SNMP. page 17 Additional References. page 22 Finding Feature Information Your software release may not support all the features documented in this module. go to www. Use Cisco Feature Navigator to find information about platform support and Cisco software image support. Information About Configuring SNMP Support • • • Components of SNMP.com/go/cfn. page 1 How to Configure SNMP Support. This module describes how to enable an SNMP agent on a Cisco device and how to control the sending of SNMP notifications from the agent. SNMP provides a standardized framework and a common language used for monitoring and managing devices in a network. see the feature information table at the end of this module. page 1 Information About Configuring SNMP Support. For the latest caveats and feature information. To access Cisco Feature Navigator. SNMP provides a standardized framework and a common language that is used for monitoring and managing devices in a network. The SNMP framework has the following components.Simple Network Management Protocol The Simple Network Management Protocol (SNMP) is an application-layer protocol that provides a message format for communication between SNMP managers and agents. page 1 SNMP Operations. page 5 Components of SNMP The Simple Network Management Protocol (SNMP) is an application-layer protocol that provides a message format for communication between SNMP managers and agents. page 19 Feature Information for Simple Network Management Protocol. page 7 Configuration Examples for SNMP Support. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 1 . which are described in the following sections: SNMP Configuration Guide. For information about using SNMP management systems. • • • • • • Finding Feature Information. To find information about the features documented in this module.com is not required. An account on Cisco. see Bug Search Tool and the release notes for your platform and software release. see the appropriate documentation for your network management system (NMS) application.

Commands that an agent needs to control the SNMP process are available through the Cisco CLI without additional configuration. access server. or switch). The agent gathers data from the MIB. page 2 SNMP Agent. Note Although many Cisco devices can be configured to be an SNMP agent. the repository for information about device parameters and network data. this practice is not recommended. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 2 . for example. The agent can also respond to manager requests to get or set data. page 2 SNMP Manager The SNMP manager is a system that controls and monitors the activities of network hosts using SNMP. A manager sends an agent requests to get and set MIB values. the Interfaces Group MIB (IF-MIB) is a MIB module within the MIB on your system. The figure below illustrates the communications between the SNMP manager and agent. MIB A MIB is a virtual information storage area for network management information and consists of collections of managed objects. Figure 1 Communication Between an SNMP Agent and Manager SNMP Configuration Guide. Several network management applications are available for use with SNMP and range from simple command line interface applications to applications such as the CiscoWorks2000 products that use GUIs. page 2 MIB. Within a MIB are collections of related objects defined in MIB modules. RFC 2579. to managing systems. the agent can send the manager unsolicited notifications (traps or informs) to notify the manager about network conditions. you must define the relationship between the manager and the agent.Simple Network Management Protocol SNMP Manager • • • SNMP Manager. Independent of this interaction. SNMP Agent The SNMP agent is the software component within a managed device that maintains the data for the device and reports this data. MIB modules are written in the SNMP MIB module language. Individual MIB modules are also referred to as MIBs. A manager can get a value from an agent or store a value in that agent. The most common managing system is a network management system (NMS). as needed. The agent resides on the routing device (router. whose values the SNMP manager can request or change through GET or SET operations. RFC 2578. To enable an SNMP agent on a Cisco routing device. The term NMS can be applied either to a dedicated device used for network management or to the applications used on such a device. The agent responds to these requests. and RFC 2580 (see the “MIBs and RFCs” topic in the “Simple Network Management Protocol” module for an explanation of RFCs and Standard documents). An SNMP agent contains MIB variables. as defined in STD 58.

GETBULK—Retrieves a large amount of object variable data. If it is important that the SNMP manager receives every notification. page 3 SNMP Get The SNMP GET operation is performed by a Network Management Server (NMS) to retrieve SNMP object variables. GETNEXT—Retrieves the next object variable. Traps are less reliable than informs because the receiver does not send an acknowledgment when it receives a trap. The following figures illustrate the differences between traps and informs. Unlike a trap. Traps are often preferred even though they are less reliable because informs consume more resources in the device and in the network. page 3 SNMP Notifications. informs are more likely to reach their intended destination. There are three types of get operations: • • • GET—Retrieves the exact object instance from the SNMP agent. If the sender never receives a response. traps are sent only once. or other significant events. Informs are traps that include a request for confirmation of receipt from the SNMP manager. whereas an inform may be resent several times. without the need for repeated GETNEXT operations. SNMP Set The SNMP SET operation is performed by a Network Management Server (NMS) to modify the value of an object variable. an inform must be held in memory until a response is received or the request times out. acknowledges the message with an SNMP response protocol data unit (PDU).SNMP Operations SNMP Get SNMP Operations SNMP applications perform the following operations to retrieve data. and send notifications: • • • SNMP Get. SNMP Notifications A key feature of SNMP is its capability to generate unsolicited notifications from an SNMP agent. The retries increase traffic and contribute to higher overhead on the network. modify SNMP object variables. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 3 . loss of connection to a neighboring device. the closing of a connection. the inform can be sent again. An SNMP manager that receives an inform. • Traps and Informs. which is a lexicographical successor to the specified variable. Notifications can indicate improper user authentication. Also. use traps. The sender does not know if the trap was received. use informs. but if traffic volume or memory usage are concerns and the receipt of every notification is not required. SNMP Configuration Guide. page 3 Traps and Informs Unsolicited (asynchronous) notifications can be generated as traps or inform requests (informs). Traps are messages alerting the SNMP manager to a condition on the network. page 3 SNMP Set. Use of traps and informs requires a trade-off between reliability and resources. restarts. which is discarded as soon as it is sent. Thus.

Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 4 . The manager receives the inform from the second transmission and sends a reply. Notice that in this example. Figure 2 Trap Successfully Sent to SNMP Manager In the figure below. Figure 4 Trap Unsuccessfully Sent to SNMP Manager The figure below shows an agent sending an inform to a manager that does not reach the manager. the traffic generated is twice as much as in the interaction when the agent sends traps to the manager. the agent successfully sends an inform to the manager. The agent has no way of knowing that the trap reached its destination. When the manager receives the inform. Although the manager receives the trap. The agent has no way of knowing that the trap did not reach its destination. After a period of time. the agent resends the inform. The manager never receives the trap because traps are not resent. a response is sent to the agent and the agent knows that the inform reached its destination. Because the manager did not receive the inform. In SNMP Configuration Guide. it does not send a response. Figure 3 Inform Request Successfully Sent to SNMP Manager The figure below shows an agent sending a trap to a manager that the manager does not receive. it does not send an acknowledgment.Simple Network Management Protocol Traps and Informs The figure below shows that an agent successfully sends a trap to an SNMP manager.

SNMPv3 is an interoperable standards-based protocol defined in RFCs 3413 to 3415. Authentication—Determines that the message is from a valid source. The SNMPv2c improved error handling SNMP Configuration Guide. SNMPv2c (the “c” is for “community”) is an experimental Internet protocol defined in RFC 1901. SNMPv2c—The community string-based Administrative Framework for SNMPv2. Both SNMPv1 and SNMPv2c use a community-based form of security. Encryption—Encodes the contents of a packet to prevent it from being learned by an unauthorized source. minimizing the number of round trips required. defined in RFC 1157. and uses the community-based security model of SNMPv1. RFC 1905.) Security is based on community strings. and RFC 1906. The community of SNMP managers able to access the agent MIB is defined by a community string. SNMPv2c is an update of the protocol operations and data types of SNMPv2p (the “p” is for “party-based” security) or SNMPv2 Classic. SNMPv2c support includes a bulk retrieval mechanism and detailed error message reporting to management stations. (RFC 1157 replaces the earlier versions that were published as RFC 1067 and RFC 1098. SNMPv3—Version 3 of SNMP. The security features provided in SNMPv3 are as follows: • • • Message integrity—Ensures that a packet has not been tampered with in transit.Versions of SNMP Traps and Informs this example. The bulk retrieval mechanism supports the retrieval of tables and large quantities of information. SNMPv3 provides secure access to devices by authenticating and encrypting packets over the network. Figure 5 Inform Unsuccessfully Sent to SNMP Manager Versions of SNMP The Cisco software supports the following versions of SNMP: • • • SNMPv1—Simple Network Management Protocol version 1 is a full Internet standard. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 5 . more traffic is generated than in the scenario shown in the figure above but the notification reaches the SNMP manager.

A security level is the permitted level of security within a security model. You can configure the Cisco software to support communications with one management station using the SNMPv1 protocol. and end of MIB view. and SNMPv3. You must configure an SNMP agent to use the version of SNMP supported by the management station. these conditions are reported through a single error code in SNMPv1. one using the SNMPv2c protocol. v2c noAuthNoPriv Community String No Uses a community string match for authentication.Simple Network Management Protocol Traps and Informs support includes expanded error codes that distinguish different types of errors. SNMP Configuration Guide. A combination of a security model and a security level determines which security mechanism is employed when handling an SNMP packet. Table 1 SNMP Security Models and Levels Model Level Authentication Encryption What Happens v1 noAuthNoPriv Community String No Uses a community string match for authentication. SNMPv3 is a security model in which an authentication strategy is set up for a user and the group in which the user resides. SNMPv2c. v3 authPriv MD5 or SHA Data Encryption Standard (DES) Provides authentication based on the HMAC-MD5 or HMAC-SHA algorithms. no such instance. The following three types of exceptions are also reported: no such object. v3 noAuthNoPriv Username No Uses a username match for authentication. Three security models are available: SNMPv1. and another using SMNPv3. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 6 . Provides DES 56bit encryption in addition to authentication based on the Cipher Block Chaining (CBC) CBC-DES (DES-56) standard. v3 authNoPriv Message Digest 5 (MD5) or Secure Hash Algorithm (SHA) No Provides authentication based on the HMAC-MD5 or HMAC-SHA algorithms. The table below lists the combinations of security models and levels and their meanings. An agent can communicate with multiple managers.

snmp-server location text 5. the first snmp-server command that you issue enables SNMP on the device. page 11 Configuring SNMP Versions 1 and 2. In addition. Example: Device> enable SNMP Configuration Guide.Configuring System Information How to Configure SNMP Support SNMPv3 supports RFCs 1901 to 1908. see RFC 2570. All other configurations are optional. The first snmp-server command that you enter enables supported versions of SNMP. page 16 Configuring System Information You can set the system contact. 2213. • Enter your password if prompted. Introduction to Version 3 of the Internet-standard Network Management Framework (this is not a standards document). and serial number of the SNMP agent so that these descriptions can be accessed through the configuration file. show snmp contact 8. 2214. page 9 Defining the Maximum SNMP Agent Packet Size. How to Configure SNMP Support There is no specific command to enable SNMP. snmp-server chassis-id number 6. • • • • • • Configuring System Information. end 7. page 10 Limiting the Number of TFTP Servers Used via SNMP. location. For additional information about SNMPv3. 2104. Perform this task as needed. page 7 Enabling the SNMP Agent Shutdown Mechanism. enable 2. configure terminal 3. snmp-server contact text 4. show snmp location 9. page 12 Disabling the SNMP Agent. Although the configuration steps described in this section are optional. 2206. SUMMARY STEPS 1. show snmp chassis DETAILED STEPS Command or Action Step 1 enable Purpose Enables privileged EXEC mode. and 2271 to 2275. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 7 . configuring the basic information is recommended because it may be useful when troubleshooting your configuration.

Example: Device# show snmp location SNMP Configuration Guide. Example: Device# configure terminal Step 3 snmp-server contact text Sets the system contact string. Example: Device(config)# end Step 7 show snmp contact (Optional) Displays the contact strings configured for the system. Example: Device(config)# snmp-server location LocationOne Step 5 snmp-server chassis-id number Sets the system serial number.Simple Network Management Protocol How to Configure SNMP Support Command or Action Step 2 configure terminal Purpose Enters global configuration mode. Example: Device# show snmp contact Step 8 show snmp location (Optional) Displays the location string configured for the system. Example: Device(config)# snmp-server chassis-id 015A619T Step 6 end Exits global configuration mode and returns to privileged EXEC mode. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 8 . Example: Device(config)# snmp-server contact NameOne Step 4 snmp-server location text Sets the system location string.

the SNMP request that causes the message to be issued to the users also specifies the action to be taken after the message is delivered. Example: Device# show snmp chassis Enabling the SNMP Agent Shutdown Mechanism Using SNMP packets. snmp-server system-shutdown 4. SUMMARY STEPS 1. Perform this task to enable the SNMP agent shutdown mechanism. the system is protected by the snmp-server system-shutdown global configuration command. enable 2. If you do not issue this command. Example: Device# configure terminal Step 3 snmp-server system-shutdown Enables system shutdown using the SNMP message reload feature. a network management tool can send messages to users on virtual terminals and on the console. however. Example: Device(config)# snmp-server system-shutdown SNMP Configuration Guide. This facility operates in a similar fashion to the send EXEC command. One possible action is a shutdown request. typically. • Enter your password if prompted. it is reloaded. the shutdown mechanism is not enabled. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 9 . Example: Device> enable Step 2 configure terminal Enters global configuration mode. configure terminal 3. After a system is shut down. Because the ability to cause a reload from the network is a powerful feature. end DETAILED STEPS Purpose Command or Action Step 1 enable Enables privileged EXEC mode.Enabling the SNMP Agent Shutdown Mechanism How to Configure SNMP Support Command or Action Purpose Step 9 show snmp chassis (Optional) Displays the system serial number.

SUMMARY STEPS 1. snmp-server packetsize byte-count 4. Example: Device> enable Step 2 configure terminal Enters global configuration mode. end DETAILED STEPS Command or Action Step 1 enable Purpose Enables privileged EXEC mode. Example: Device(config)# end Defining the Maximum SNMP Agent Packet Size You can define the maximum packet size permitted when the SNMP agent is receiving a request or generating a reply. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 10 . Perform this task to set the maximum permitted packet size. Example: Device# configure terminal Step 3 snmp-server packetsize byte-count Establishes the maximum packet size. • Enter your password if prompted. Example: Device(config)# snmp-server packetsize 512 SNMP Configuration Guide.Defining the Maximum SNMP Agent Packet Size How to Configure SNMP Support Command or Action Step 4 end Purpose Exits global configuration mode and returns to privileged EXEC mode. configure terminal 3. enable 2.

configure terminal 3. Limiting the use of TFTP servers in this way conserves system resources and centralizes the operation for manageability.Limiting the Number of TFTP Servers Used via SNMP How to Configure SNMP Support Command or Action Step 4 end Purpose Exits global configuration mode and returns to privileged EXEC mode. Example: Device(config)# snmp-server tftp-server-list 12 SNMP Configuration Guide. Perform this task to limit the number of TFTP servers. snmp-server tftp-server-list number 4. end DETAILED STEPS Purpose Command or Action Step 1 enable Enables privileged EXEC mode. • Enter your password if prompted. Example: Device> enable Step 2 configure terminal Enters global configuration mode. Example: Device# configure terminal Step 3 snmp-server tftp-server-list number Limits the number of TFTP servers used for configuration file copies via SNMP to the servers in an access list. Example: Device(config)# end Limiting the Number of TFTP Servers Used via SNMP You can limit the number of TFTP servers used for saving and loading configuration files via SNMP by using an access list. SUMMARY STEPS 1. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 11 . enable 2.

Configuring SNMP Versions 1 and 2
Troubleshooting Tips

Command or Action
Step 4 end

Purpose
Exits global configuration mode and returns to privileged EXEC
mode.

Example:
Device(config)# end

Troubleshooting Tips, page 12

Troubleshooting Tips
To monitor SNMP trap activity in real time for the purposes of troubleshooting, use the SNMP debug
commands, including the debug snmp packet EXEC command. For documentation of SNMP debug
commands, see the Cisco IOS Debug Command Reference.

Configuring SNMP Versions 1 and 2
When you configure SNMP versions 1 and 2, you can optionally create or modify views for community
strings to limit the MIB objects that an SNMP manager can access.
Perform the following tasks when configuring SNMP Version 1 or SNMP Version 2.


Creating or Modifying an SNMP View Record, page 12
Creating or Modifying Access Control for an SNMP Community, page 13
Configuring a Recipient of an SNMP Trap Operation, page 15

Creating or Modifying an SNMP View Record
You can assign views to community strings to limit which MIB objects an SNMP manager can access. You
can use a predefined view or create your own view. If you are using a predefined view or no view at all,
skip this task.
Perform this task to create or modify an SNMP view record.

SUMMARY STEPS
1. enable
2. configure terminal
3. snmp-server view view-name oid-tree {included | excluded}
4. no snmp-server view view-name oid-tree {included | excluded}
5. end
6. show snmp view

SNMP Configuration Guide, Cisco IOS XE Release 3SE (Catalyst 3850 Switches)
12

Simple Network Management Protocol
Creating or Modifying Access Control for an SNMP Community

DETAILED STEPS
Command or Action

Purpose

Step 1 enable

Enables privileged EXEC mode.

Enter your password if prompted.

Example:
Device> enable

Step 2 configure terminal

Enters global configuration mode.

Example:
Device# configure terminal

Step 3 snmp-server view view-name oid-tree {included |
excluded}

Example:

Creates a view record.

In this example, the mib2 view that includes all objects in
the MIB-II subtree is created.

Note You can use this command multiple times to create the

Device(config)# snmp-server view mib2 mib-2
included

Step 4 no snmp-server view view-name oid-tree {included |
excluded}

same view record. If a view record for the same object
identifier (OID) value is created multiple times, the
latest entry of the object identifier takes precedence.
Removes a server view.

Example:
Device(config)# no snmp-server view mib2 mib-2
included

Step 5 end

Exits global configuration mode and returns to privileged
EXEC mode.

Example:
Device(config)# end

Step 6 show snmp view

(Optional) Displays a view of the MIBs associated with
SNMP.

Example:
Device# show snmp view

Creating or Modifying Access Control for an SNMP Community

SNMP Configuration Guide, Cisco IOS XE Release 3SE (Catalyst 3850 Switches)
13

Simple Network Management Protocol
Creating or Modifying Access Control for an SNMP Community

Use an SNMP community string to define the relationship between the SNMP manager and the agent. The
community string acts like a password to regulate access to the agent on the device. Optionally, you can
specify one or more of the following characteristics associated with the string:


An access list of IP addresses of the SNMP managers that are permitted to use the community string to
gain access to the agent.
A MIB view, which defines the subset of all MIB objects accessible to the given community.
Read and write or read-only permission for the MIB objects accessible to the community.

Perform this task to create or modify a community string.

SUMMARY STEPS
1. enable
2. configure terminal
3. snmp-server community string [view view-name] [ro | rw] [ipv6 nacl] [access-list-number]
4. no snmp-server community string
5. end
6. show snmp community

DETAILED STEPS
Command or Action
Step 1 enable

Purpose
Enables privileged EXEC mode.

Enter your password if prompted.

Example:
Device> enable

Step 2 configure terminal

Enters global configuration mode.

Example:
Device# configure terminal

Step 3 snmp-server community string [view view-name] [ro | rw] [ipv6
nacl] [access-list-number]

Defines the community access string.

You can configure one or more community
strings.

Example:
Device(config)# snmp-server community comaccess ro 4

Step 4 no snmp-server community string

Example:
Device(config)# no snmp-server community comaccess

SNMP Configuration Guide, Cisco IOS XE Release 3SE (Catalyst 3850 Switches)
14

Removes the community string from the
configuration.

you must issue a separate snmp-server host command for each host. the second command will replace the first. SUMMARY STEPS 1. enable 2. Example: Device# show snmp community Configuring a Recipient of an SNMP Trap Operation To enable multiple hosts. To see what notification types are available on your system. For example. Perform this task to configure the recipient of an SNMP trap operation. show snmp host SNMP Configuration Guide. Some notification types cannot be controlled with the snmp-server enable command. The snmp-server host command is used in conjunction with the snmp-server enable command. You can specify multiple notification types in the command for each host. configure terminal 3. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 15 . For example. if you enter an snmp-server host inform command for a host and then enter another snmp-server host inform command for the same host. at least one snmp-server enable command and the snmp-server host command for that host must be enabled. Only the last snmp-server host command will be in effect. For example. the Cisco software does not support the envmon notification type.Simple Network Management Protocol Configuring a Recipient of an SNMP Trap Operation Command or Action Purpose Step 5 end Exits global configuration mode. When multiple snmp-server host commands are given for the same host and kind of notification (trap or inform). the linkUpDown notifications are controlled by the snmp trap link-status interface configuration command. These notification types do not require an snmp-server enable command. end 5. some notification types are always enabled and others are enabled by a different command. For example. each succeeding command overwrites the previous command. snmp-server host host-id [traps | informs][ version {1 | 2c | 3 [auth | noauth | priv]}] communitystring [udp-port port-number] [notification-type] 4. Use the snmp-server enable command to specify which SNMP notifications are sent globally. For a host to receive most notifications. A notification-type option’s availability depends on the device type and Cisco IOS software features supported on the device. use the command help (?) at the end of the snmp-server host command. Example: Device(config)# end Step 6 show snmp community (Optional) Displays the community access strings configured for the system.

end SNMP Configuration Guide. Example: Device(config)# snmp-server host 172. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 16 . and the host IP address of the notifications. Example: Device(config)# end Step 5 show snmp host (Optional) Displays the SNMP notifications sent as traps.1. Example: Device# show snmp host Disabling the SNMP Agent SUMMARY STEPS 1. Example: Device> enable Step 2 configure terminal Enters global configuration mode. Example: Device# configure terminal Step 3 snmp-server host host-id [traps | informs][ version {1 | 2c | Specifies whether you want the SNMP notifications sent 3 [auth | noauth | priv]}] community-string [udp-port port.27 version 2c public Step 4 end Exits global configuration mode. • Enter your password if prompted.16. the security level of the notifications (for SNMPv3). and the number] [notification-type] recipient (host) of the notifications. the version of SNMP to use. enable 2. configure terminal 3. no snmp-server 4.as traps or informs.Disabling the SNMP Agent Configuring a Recipient of an SNMP Trap Operation DETAILED STEPS Command or Action Step 1 enable Purpose Enables privileged EXEC mode. the version of SNMP.

The community string named public is sent with the traps.16. The configuration permits any SNMP manager to access all objects with read-only permissions using the community string named public. page 19 Example: Configuring SNMPv1 Support The following example shows how to enable SNMPv1. no snmp-server Example: Device(config)# no snmp-server Step 4 Exits global configuration mode. configure terminal Example: Device# configure terminal Step 3 Disables SNMP agent operation.16. end Example: Device(config)# end Configuration Examples for SNMP Support • • • • Example: Configuring SNMPv1 Support.33 using SNMPv1. The router also will send BGP traps to the hosts 172. Example: Device> enable Step 2 Enters global configuration mode.Example: Configuring SNMPv1 Support Configuration Examples for SNMP Support DETAILED STEPS Step 1 Command or Action Purpose enable Enables privileged EXEC mode. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 17 . • Enter your password if prompted. This configuration does not cause the router to send traps. Device(config)# snmp-server community public SNMP Configuration Guide.1. page 17 Example: Show SNMP View. page 19 Example Configuring Host Information.111 and 172. Device(config)# snmp-server community public The following example shows how to permit SNMP access to all objects with read-only permission using the community string named public.1. page 18 Example Configuring SNMP Community Access Strings.

Device(config)# Device(config)# Device(config)# Device(config)# snmp-server snmp-server snmp-server snmp-server view readview internet included view readview iso included group group1 v3 noauth read readview user abcd group1 v3 auth md5 abcdpasswd Example: Show SNMP View The following example shows the SNMP view for the system OID tree: Device> enable Device# configure terminal Device(config)# snmp-server view test system included Device(config)# end Device# show snmp view test system .included read-only active cac_view ospf . The BGP traps are enabled for all hosts. The user is specified as abcd and the authentication password is abcdpasswd.included read-only active cac_view ip .2.160: Device(config)# snmp-server enable traps Device(config)# snmp-server host 172.16. . v1default iso .30.included permanent active SNMP Configuration Guide.com informs version 2c public The following example shows how to enable the SNMP manager and set the session timeout to a value greater than the default: Device(config)# snmp-server manager Device(config)# snmp-server manager session-timeout 1000 The following example shows how to enable the SNMP manager to access all objects with read-only permissions.160 public snmp envmon The following example shows how to enable the router to send all traps to the host example.included nonvolatile active cac_view pimMIB . .33 public The following example shows how to send the SNMP and Cisco environmental monitor enterprise-specific traps to address 172. To obtain the automatically generated default local engine ID. Device(config)# snmp-server enable traps bgp Device(config)# snmp-server host host1 public ospf The following example shows how to enable a router to send all informs to the host example.com using the community string named public: Device(config)# snmp-server enable traps Device(config)# snmp-server host example.included read-only active cac_view msdpMIB .111 version 1 public Device(config)# snmp-server host 172.16. but only the OSPF traps are enabled to be sent to a host.1.1.2.30. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 18 .com using the community string public: Device(config)# snmp-server enable traps Device(config)# snmp-server host example. use the show snmp engineID command.Example: Show SNMP View Configuration Examples for SNMP Support Device(config)# snmp-server enable traps bgp Device(config)# snmp-server host 172.included read-only active .included read-only active cac_view interfaces .com public The following example shows a configuration in which no traps are sent to a host.

excluded permanent active ciscoMgmt.excluded permanent active snmpVacmMIB .excluded permanent active ciscoTap2MIB .28.2.2. .28. All Releases SNMP Configuration Guide.Example Configuring SNMP Community Access Strings Additional References v1default v1default v1default v1default v1default v1default v1default .excluded permanent active Example Configuring SNMP Community Access Strings The following example shows the community access strings configured to enable access to the SNMP manager: Device> enable Device# configure terminal Device(config)# snmp-server community public ro Device(config)# snmp-server community private rw Device(config)# end Device# show snmp community Community name: private Community Index: private Community SecurityName: private storage-type: nonvolatile active Community name: public Community Index: public Community SecurityName: public storage-type: nonvolatile active Example Configuring Host Information The following example shows the host information configured for SNMP notifications: Device> enable Device# configure terminal Device(config)# snmp-server host 10.1 inform version 2c public Device(config)# end Device# show snmp host Notification host: 10. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 19 .included permanent active snmpUsmMIB .395 .excluded permanent active ciscoIpTapMIB .1 udp-port: 162 user: public security model: v2c type: inform Additional References Related Documents Related Topic Document Title Cisco IOS commands Cisco IOS Master Command List.excluded permanent active snmpCommunityMIB . . internet .

RIP Version 2 MIB Extensions RIPv2 Monitoring with SNMP Using the RFC 1724 MIB Extensions feature module DSP Operational State Notifications for notifications to be generated when a digital signaling processor (DSP) is used DSP Operational State Notifications feature module Standards and RFCs Standard/RFC Title CBC-DES (DES-56) standard Symmetric Encryption Protocol STD: 58 Structure of Management Information Version 2 (SMIv2) RFC 1067 A Simple Network Management Protocol RFC 1091 Telnet terminal-type option RFC 1098 Simple Network Management Protocol (SNMP) RFC 1157 Simple Network Management Protocol (SNMP) RFC 1213 Management Information Base for Network Management of TCP/IP-based internets:MIB-II RFC 1215 Convention for defining traps for use with the SNMP RFC 1901 Introduction to Community-based SNMPv2 RFC 1905 Common Management Information Services and Protocol over TCP/IP (CMOT) RFC 1906 Telnet X Display Location Option RFC 1908 Simple Network Management Protocol (SNMP) RFC 2104 HMAC: Keyed-Hashing for Message Authentication RFC 2206 RSVP Management Information Base using SMIv2 RFC 2213 Integrated Services Management Information Base using SMIv2 RFC 2214 Integrated Services Management Information Base Guaranteed Service Extensions using SMIv2 RFC 2271 An Architecture for Describing SNMP Management Frameworks SNMP Configuration Guide. usage guidelines. command history. command mode.Simple Network Management Protocol Additional References Related Topic Document Title SNMP commands: complete command syntax. defaults. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 20 . and examples Cisco IOS SNMP Command Reference Cisco implementation of RFC 1724.

releases.cisco. and Aggregation Interfaces Group MIB (IF-MIB) Interfaces Group MIB Enhancements MIB Enhancements for Universal Gateways and Access Servers MSDP MIB NTP MIB Response Time Monitor MIB Virtual Switch MIB To locate and download MIBs for selected platforms.Simple Network Management Protocol Additional References Standard/RFC Title RFC 2570 Introduction to Version 3 of the Internet-standard Network Management Framework RFC 2578 Structure of Management Information Version 2 (SMIv2) RFC 2579 Textual Conventions for SMIv2 RFC 2580 Conformance Statements for SMIv2 RFC 2981 Event MIB RFC 2982 Distributed Management Expression MIB RFC 3413 SNMPv3 Applications RFC 3415 View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP) RFC 3418 Management Information Base (MIB) for the Simple Network Management Protocol (SNMP) MIBs MIBs Link MIB • • • • • • • • • • • • Circuit Interface Identification MIB Cisco SNMPv2 Ethernet-like Interfaces MIB Event MIB Expression MIB Support for Delta. Wildcarding. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 21 .com/go/mibs SNMP Configuration Guide. and feature sets. use Cisco MIB Locator found at the following URL: http://www.

Third-party trademarks mentioned are the property of their respective owners. SNMP enables network administrators to manage network performance. 15.com/go/trademarks.com/cisco/web/support/ index. http://www. To access Cisco Feature Navigator. To view a list of Cisco trademarks.cisco.com user ID and password. go to www. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 22 . and tools.S.2(1) The Simple Network Management Protocol (SNMP) feature provides an applicationlayer protocol that facilitates the exchange of management information between network devices.com/go/cfn. (1110R) SNMP Configuration Guide. SNMP is part of the TCP/IP protocol suite.html Feature Information for Simple Network Management Protocol The following table provides release information about the feature or features described in this module. The use of the word partner does not imply a partnership relationship between Cisco and any other company. software. go to this URL: www. subsequent releases of that software release train also support that feature.Simple Network Management Protocol Feature Information for Simple Network Management Protocol Technical Assistance Description Link The Cisco Support and Documentation website provides online resources to download documentation. Use Cisco Feature Navigator to find information about platform support and Cisco software image support. An account on Cisco. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Table 2 Feature Information for Simple Network Management Protocol Feature Name Releases Feature Information SNMP (Simple Network Management Protocol) 11. Unless noted otherwise. and other countries.cisco. Access to most tools on the Cisco Support and Documentation website requires a Cisco.cisco. and plan for network growth. This table lists only the software release that introduced support for a given feature in a given software release train.com is not required.0(1)S Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U. find and solve network problems.

SNMP Configuration Guide. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 23 . network topology diagrams. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental. Any examples. and other figures included in the document are shown for illustrative purposes only.Simple Network Management Protocol Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. command display output.

Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 24 .Example Configuring Host Information SNMP Configuration Guide.

com/go/cfn. Use Cisco Feature Navigator to find information about platform support and Cisco software image support. Information About SNMP Inform Requests • SNMP Inform Request.com is not required. To access Cisco Feature Navigator. page 28 Additional References. page 29 Feature Information for SNMP Inform Request. go to www. and to see a list of the releases in which each feature is supported. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 25 . page 25 How to Configure SNMP Inform Requests. an SNMP manager that receives an inform acknowledges the message with an SNMP response PDU. page 31 Finding Feature Information Your software release may not support all the features documented in this module. however. page 25 Configuration Examples for SNMP Inform Request. To find information about the features documented in this module. the inform can be sent again. page 25 SNMP Inform Request The SNMP Inform Request feature supports sending inform requests. Traps are less reliable than informs because an acknowledgment is not sent from the receiving end when a trap is received.cisco. An account on Cisco. If the sender does not receive a response for an inform. SNMP asynchronous notifications are usually sent as SNMP traps. • • • • • • Finding Feature Information.SNMP Inform Request The Simple Network Management Protocol (SNMP) Inform Requests feature allows devices to send inform requests to SNMP managers. page 25 Information About SNMP Inform Requests. For the latest caveats and feature information. How to Configure SNMP Inform Requests SNMP Configuration Guide. see Bug Search Tool and the release notes for your platform and software release. see the feature information table at the end of this module.

page 27 Configuring Devices to Send Traps Perform the following task to configure the device to send traps to a host in global configuration mode: SUMMARY STEPS 1. Example: Device# configure terminal Step 3 snmp-server host host[version {1| 2c}]community-string[udp-port port] [notification-type] Specifies the recipient of the trap message.10 version 1 public udpport 2012 SNMP Configuration Guide. Example: Device> enable Step 2 configure terminal Enters global configuration mode. enable 2.10. Example: Device(config)# snmp-server host 10. configure terminal 3. snmp-server enable traps[ notification-type] [notification-option] 5. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 26 .10. page 26 Changing Inform Operation Values.Configuring Devices to Send Traps How to Configure SNMP Inform Requests • • Configuring Devices to Send Traps. end DETAILED STEPS Command or Action Step 1 enable Purpose Enables privileged EXEC mode. • Enter your password if prompted. snmp-server host host[version {1|2c}]community-string[udp-port port][notification-type] 4.

In order for a host to receive a trap. such as ISDN interfaces. SNMP link traps are sent when an interface goes up or down. For interfaces expected to go up and down during normal usage. Example: Device(config)# end Changing Inform Operation Values Perform the following optional task in global configuration mode to change inform operation values: SUMMARY STEPS 1. end DETAILED STEPS Command or Action Step 1 enable Purpose Enables privileged EXEC mode. Note Some traps are not controlled by the snmp-serverenabletraps command. snmp-server informs [retries retries] [timeout seconds] [pending pending] 4. enable 2. such as snmptrapslink-status. These traps are either enabled by default or controlled through other commands. snmp-server trap-source interface 5. by default. For example. an snmp-serverhost command must be configured for that host. the output generated by these traps may not be useful. and the trap must be enabled globally through the snmp-serverenabletraps command. Example: Device> enable SNMP Configuration Guide. through a different command. or by default. Step 5 end Exits global configuration mode. Use the nosnmptrapslink-status interface configuration command to disable these traps. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 27 .Changing Inform Operation Values How to Configure SNMP Inform Requests Command or Action Step 4 snmp-server enable traps[ notificationtype] [notification-option] Example: Device(config)# snmp-server enable traps alarms 3 Purpose Globally enables the trap production mechanism for the specified traps. • Enter your password if prompted. configure terminal 3.

2. • This example sets the maximum number of times to resend an inform.example. and the maximum number of informs waiting for acknowledgments at any one time. port 1 as the source for all SNMP notifications. page 28 Example: Configuring SNMP Inform Request The following configuration example shows how to configure the SNMP Inform Request feature for SNMPv1 or SNMPv2: The following example sends the SNMP and Cisco environmental monitor enterprise-specific traps to address 172.2. Example: Device(config)# snmp-server trap-source FastEthernet 2/1 Step 5 end Exits global configuration mode.com public SNMP Configuration Guide. Example: Device# configure terminal Step 3 snmp-server informs [retries retries] [timeout seconds] [pending pending] Example: Configures inform-specific operation values. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 28 .Example: Configuring SNMP Inform Request Configuration Examples for SNMP Inform Request Command or Action Step 2 configure terminal Purpose Enters global configuration mode. Device(config)# snmp-server informs retries 10 timeout 30 pending 100 Step 4 snmp-server trap-source interface This example sets the IP address for the Fast Ethernet interface in slot2. the number of seconds to wait for an acknowledgment before resending.30.com using the community string public: Device(config)# snmp-server enable traps Device(config)# snmp-server host myhost.160 public snmp envmon The following example enables the device to send all traps to the host myhost.30.160: Device(config)# snmp-server enable traps Device(config)# snmp-server host 172.example. Example: Device(config)# end Configuration Examples for SNMP Inform Request • Example: Configuring SNMP Inform Request.

Device(config)# snmp-server enable traps bgp Device(config)# snmp-server host bob public isdn The following example enables the device to send all inform requests to the host myhost. RIP Version 2 MIB Extensions RIPv2 Monitoring with SNMP Using the RFC 1724 MIB Extensions feature module DSP Operational State Notifications for notifications to be generated when a digital signaling processor (DSP) is used DSP Operational State Notifications feature module Standards and RFCs Standard/RFC Title CBC-DES (DES-56) standard Symmetric Encryption Protocol STD: 58 Structure of Management Information Version 2 (SMIv2) RFC 1067 A Simple Network Management Protocol RFC 1091 Telnet terminal-type option RFC 1098 Simple Network Management Protocol (SNMP) RFC 1157 Simple Network Management Protocol (SNMP) RFC 1213 Management Information Base for Network Management of TCP/IP-based internets:MIB-II RFC 1215 Convention for defining traps for use with the SNMP RFC 1901 Introduction to Community-based SNMPv2 SNMP Configuration Guide. defaults. but only the ISDN traps are enabled to be sent to a host. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 29 .example. usage guidelines. command mode. and examples Cisco IOS SNMP Command Reference Cisco implementation of RFC 1724.com informs version 2c public Additional References Related Documents Related Topic Document Title Cisco IOS commands Cisco IOS Master Command List.com using the community string public: Device(config)# snmp-server enable traps Device(config)# snmp-server host myhost. The BGP traps are enabled for all hosts.example. All Releases SNMP commands: complete command syntax.SNMP Inform Request Additional References The following example will not send traps to any host. command history.

SNMP Inform Request Additional References Standard/RFC Title RFC 1905 Common Management Information Services and Protocol over TCP/IP (CMOT) RFC 1906 Telnet X Display Location Option RFC 1908 Simple Network Management Protocol (SNMP) RFC 2104 HMAC: Keyed-Hashing for Message Authentication RFC 2206 RSVP Management Information Base using SMIv2 RFC 2213 Integrated Services Management Information Base using SMIv2 RFC 2214 Integrated Services Management Information Base Guaranteed Service Extensions using SMIv2 RFC 2271 An Architecture for Describing SNMP Management Frameworks RFC 2570 Introduction to Version 3 of the Internet-standard Network Management Framework RFC 2578 Structure of Management Information Version 2 (SMIv2) RFC 2579 Textual Conventions for SMIv2 RFC 2580 Conformance Statements for SMIv2 RFC 2981 Event MIB RFC 2982 Distributed Management Expression MIB RFC 3413 SNMPv3 Applications RFC 3415 View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP) RFC 3418 Management Information Base (MIB) for the Simple Network Management Protocol (SNMP) SNMP Configuration Guide. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 30 .

To access Cisco Feature Navigator. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password.com/cisco/web/support/ index. subsequent releases of that software release train also support that feature.html Feature Information for SNMP Inform Request The following table provides release information about the feature or features described in this module. SNMP Configuration Guide.com/go/mibs Technical Assistance Description Link The Cisco Support and Documentation website provides online resources to download documentation. and Aggregation Interfaces Group MIB (IF-MIB) Interfaces Group MIB Enhancements MIB Enhancements for Universal Gateways and Access Servers MSDP MIB NTP MIB Response Time Monitor MIB Virtual Switch MIB To locate and download MIBs for selected platforms. releases. This table lists only the software release that introduced support for a given feature in a given software release train. http://www. Use Cisco Feature Navigator to find information about platform support and Cisco software image support. Unless noted otherwise.com/go/cfn. Wildcarding. use Cisco MIB Locator found at the following URL: http://www. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 31 . software. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies.cisco.cisco.cisco.SNMP Inform Request Feature Information for SNMP Inform Request MIBs MIB • • • • • • • • • • • • MIBs Link Circuit Interface Identification MIB Cisco SNMPv2 Ethernet-like Interfaces MIB Event MIB Expression MIB Support for Delta. and tools. An account on Cisco.com is not required. go to www. and feature sets.

network topology diagrams. SNMP asynchronous notifications are usually sent as SNMP traps.0(1)T 12. Traps are less reliable than informs because an acknowledgment is not sent from the receiving end when a trap is received. Any examples. and other countries.com/go/trademarks. and other figures included in the document are shown for illustrative purposes only.cisco.0(1)S Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U. Third-party trademarks mentioned are the property of their respective owners. (1110R) Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. the inform can be sent again. command display output.1(3)T 12.2(8)T 15.1(14) 12. If the sender does not receive a response for an inform. go to this URL: www.SNMP Inform Request Table 3 Feature Information for SNMP Inform Request Feature Name Releases Feature Information SNMP Inform Request 11.S. To view a list of Cisco trademarks. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental. SNMP Configuration Guide.3(1)T The SNMP Inform Request feature supports sending inform requests. The use of the word partner does not imply a partnership relationship between Cisco and any other company. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 32 . an SNMP manager that receives an inform acknowledges the message with an SNMP response PDU. however. 12.

Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 33 . The following are the details of SNMv2c security model: SNMP Configuration Guide. The improved error handling support provided by SNMPv2c includes expanded error codes that distinguish different types of errors. all types of errors are reported through a single error code in SNMPv1. go to www. Community string is a type of password. which is transmitted in cleartext. Use Cisco Feature Navigator to find information about platform support and Cisco software image support. page 34 Configuration Examples for SNMPv2c. To find information about the features documented in this module. page 33 How to Configure SNMPv2c. page 33 Security Features in SNMPv2c Community-based Simple Network Management Protocol Version 2 (SNMPv2c) uses a community-based form of security. see Bug Search Tool and the release notes for your platform and software release. RFC 1905. To access Cisco Feature Navigator. and end of MIB view. The following three types of exceptions are also reported: no such object.SNMPv2c Community-based Simple Network Management Protocol Version 2 (SNMPv2c) is an experimental Internet protocol defined in RFC 1901. and RFC 1906. no such instance. see the feature information table at the end of this module.com is not required. page 37 Additional References for SNMPv2c. and to see a list of the releases in which each feature is supported. For the latest caveats and feature information. An account on Cisco.com/go/cfn.cisco. The community of SNMP managers that are able to access the agent MIB is defined by an IP address access control list (ACL) and password. SNMPv2c is an update of the protocol operations and data types of party-based Simple Network Management Protocol Version 2 (SNMPv2p) and uses the community-based security model of SNMPv1. page 33 Information About SNMPv2c. Information About SNMPv2c • Security Features in SNMPv2c. • • • • • • Finding Feature Information. page 38 Feature Information for SNMPv2c. SNMPv2c is the community stringbased administrative framework for SNMPv2. page 39 Finding Feature Information Your software release may not support all the features documented in this module.

You can specify either a plain text password or a localized Message Digest 5 (MD5) digest. You must configure the SNMP engine ID of the remote agent in the SNMP database before you can send proxy requests or inform requests to it. If you forget a password.Configuring the SNMP Server for SNMPv2c How to Configure SNMPv2c • • • Level of security: noAuthNoPriv Authentication method: Community String Availability of encryption: No Depending on your release. Note An SNMP user cannot be removed if the engine ID is changed after configuring the SNMP user. Also. To remove the user. Perform this task to specify an SNMP server group name and to add a new user to an SNMP group. Note Default values do not exist for authentication or privacy algorithms when you configure the SNMP commands. the configuration command will fail. is not supported. the party-based SNMP Version 2 (SNMPv2p). which is another variant of SNMPv2. The minimum length for a password is one character. the authoritative SNMP agent is the remote agent. Then. page 36 Configuring the SNMP Server for SNMPv2c To configure a Simple Network Management Protocol (SNMP) server user. page 34 Verifying SNMPv2c. before you configure remote users for a particular agent. For SNMP notifications such as inform requests. The SNMP engine ID of the remote agent is required to compute the authentication or privacy digests for the SNMP password. SNMP passwords are localized using the SNMP engine ID of the authoritative SNMP engine. SNMPv2c replaces the party-based administrative and security framework of SNMPv2p with a community-based administrative framework. configure the SNMP engine ID by using the snmp-server engineID command for the remote agent. no default passwords exist. SNMPv2c retains the bulk retrieval and error handling capabilities of SNMPv2p. Also. you must first reconfigure all the SNMP configurations. specify an SNMP group or a table that maps SNMP users to SNMP views. although we recommend that you use at least eight characters for security. specify the IP address or port number for the remote SNMP agent of the device where the user resides. If the remote engine ID is not configured first. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 34 . you cannot recover it and must reconfigure the user. SNMP Configuration Guide. How to Configure SNMPv2c • • Configuring the SNMP Server for SNMPv2c.

Device(config)# snmp-server group group1 v2c auth access lmnop Step 4 snmp-server engineID {local engine-id | remote ipaddress [udp-port udp-port-number] [vrf vrf-name] engine-id-string} Configures the SNMP engine ID.SNMPv2c How to Configure SNMPv2c SUMMARY STEPS 1. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 35 . snmp-server engineID {local engine-id | remote ip-address [udp-port udp-port-number] [vrf vrfname] engine-id-string} 5.15. the SNMP engine ID is configured for a remote user. the SNMP server group group1 is configured to enable user authentication for members of the named access list lmnop. • Example: In this example. enable 2. • Enter your password if prompted. snmp-server user user-name group-name [remote ip-address [udp-port port]] {v1 | v2c | v3 [encrypted] [auth {md5 | sha} auth-password]} [access access-list] 6. configure terminal 3. Example: Device(config)# snmp-server engineID remote 172. Example: Device> enable Step 2 configure terminal Enters global configuration mode. snmp-server group [group-name {v1 | v2c | v3 [auth | noauth | priv]}] [read read-view] [write writeview] [notify notify-view] [access access-list] 4. • In this example. exit DETAILED STEPS Command or Action Purpose Step 1 enable Enables privileged EXEC mode.16. Example: Device# configure terminal Step 3 snmp-server group [group-name {v1 | v2c | v3 [auth | noauth | priv]}] [read read-view] [write write-view] [notify notify-view] [access access-list] Configures the SNMP server group to enable authentication for members of a specified named access list.4 udp-port 120 1a2833c0129a SNMP Configuration Guide.

the digest should be exactly 16 octets in length. bb. 2. the recommended length is at least eight characters.Verifying SNMPv2c How to Configure SNMPv2c Command or Action Step 5 snmp-server user user-name group-name [remote ipaddress [udp-port port]] {v1 | v2c | v3 [encrypted] [auth {md5 | sha} auth-password]} [access access-list] Example: Device(config)# snmp-server user user1 group1 v2c auth md5 password123 Purpose Adds a new user to an SNMPv2c group and configures a plain text password for the user. 3. Note For the auth-password argument. the minimum length is one character. SUMMARY STEPS 1. The show commands can be entered in any order. Example: Device# show snmp group groupname: V1 readview : v1default security model:v1 writeview: <no writeview specified> SNMP Configuration Guide. where aa. Note If you have the localized MD5 or Secure Hash Algorithm (SHA) digest. Example: Device> enable Step 2 show snmp group Displays information about each SNMP group in the network. and the password should include both letters and numbers. 4. Example: Device(config)# exit Verifying SNMPv2c Perform this task to verify the SNMPv2c configuration. The digest should be formatted as aa:bb:cc:dd. Also. and dd are hexadecimal values. Step 6 exit Exits global configuration mode. you can specify the digest instead of the plain text password. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 36 . cc. enable show snmp group show snmp user [username] show snmp engineID DETAILED STEPS Step 1 enable Enables privileged EXEC mode.

Device(config)# snmp-server community public The following example shows how to configure a remote user to receive traps at the “noAuthNoPriv” security level when the SNMPv2c security model is enabled: Device(config)# snmp-server group group1 v2c noauth SNMP Configuration Guide.28.1 120 Configuration Examples for SNMPv2c • Example: Configuring the SNMP Server for SNMPv2c. This configuration does not cause the device to send traps.Example: Configuring the SNMP Server for SNMPv2c Configuration Examples for SNMPv2c notifyview: <no notifyview row status: active groupname: ILMI readview : *ilmi notifyview: <no notifyview row status: active groupname: ILMI readview : *ilmi notifyview: <no notifyview row status: active groupname: group1 readview : v1default notifyview: <no notifyview row status: active Step 3 specified> security model:v1 writeview: *ilmi specified> security model:v2c writeview: *ilmi specified> security model:v1 writeview: <no writeview specified> specified> show snmp user [username] Displays information about configured characteristics of an SNMP user. Example: Device# show snmp user user1 User name: user1 Engine ID: 00000009020000000C025808 storage-type: nonvolatile active access-list: 10 Rowstatus: active Authentication Protocol: MD5 Privacy protocol: DES Group name: group1 Step 4 show snmp engineID Displays information about the SNMP engine ID that is configured for an SNMP user. The configuration permits any SNMP manager to access all objects with read-only permissions by using the community string named “public”. page 37 Example: Configuring the SNMP Server for SNMPv2c The following example shows how to configure SNMPv2c. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 37 . Example: Device# show snmp engineID Local SNMP engineID: 1A2836C0129A Remote Engine ID IP-addr Port 1A2833C0129A remote 10.2.

8.12. and tools.SNMPv2c Additional References for SNMPv2c Device(config)# snmp-server user remoteuser1 group1 remote 10.4 Device(config)# snmp-server host 10.8. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 38 .com user ID and password.cisco. http://www.12.12.12.4 v2c auth md5 password1 The following example shows how to configure a remote user to receive traps at the “priv” security level when the SNMPv2c security model is enabled: Device(config)# snmp-server group group3 v2c priv Device(config)# snmp-server user PrivateUser group3 remote 10. Access to most tools on the Cisco Support and Documentation website requires a Cisco.4 informs version 2c noauth remoteuser config The following example shows how to configure a remote user to receive traps at the “authNoPriv” security level when the SNMPv2c security model is enabled: Device(config)# snmp-server group group2 v2c auth Device(config)# snmp-server user AuthUser group2 remote 10.4 v2c auth md5 password1 priv access des56 Additional References for SNMPv2c Related Documents Related Topic Document Title Cisco IOS commands Cisco IOS Master Command List.com/cisco/web/support/ index.html SNMP Configuration Guide. software.8. All Releases SNMP commands Cisco IOS SNMP Command Reference Standards and RFCs Standard/RFC Title RFC 1901 Community-based SNMPv2 RFC 1905 Simple Network Management Protocol (SNMPv2) RFC 1907 Management Information Base for SNMPv2 Technical Assistance Description Link The Cisco Support and Documentation website provides online resources to download documentation.8. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies.

Unless noted otherwise. An account on Cisco. Table 4 Feature Information for SNMV2c Feature Name Releases Feature Information SNMV2c Cisco IOS XE Release 3. This table lists only the software release that introduced support for a given feature in a given software release train. subsequent releases of that software release train also support that feature.cisco.SNMPv2c Feature Information for SNMPv2c Feature Information for SNMPv2c The following table provides release information about the feature or features described in this module. (1110R) Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers.com/go/trademarks. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U. go to this URL: www. command display output. and other countries.2SE SNMPv2c feature represents the community string-based administrative framework for SNMPv2.com/go/cfn. To view a list of Cisco trademarks. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 39 .S. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental. go to www. SNMPv2c support includes a bulk retrieval mechanism and detailed error message reporting to management stations. Use Cisco Feature Navigator to find information about platform support and Cisco software image support. The use of the word partner does not imply a partnership relationship between Cisco and any other company. SNMP Configuration Guide.com is not required. To access Cisco Feature Navigator. and other figures included in the document are shown for illustrative purposes only. network topology diagrams.cisco. Any examples. Third-party trademarks mentioned are the property of their respective owners.

Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 40 .Example: Configuring the SNMP Server for SNMPv2c SNMP Configuration Guide.

see the feature information table at the end of this module. Simple Network Management Protocol version 3 (SNMPv3) is an interoperable. go to www. see Bug Search Tool and the release notes for your platform and software release. To access Cisco Feature Navigator. and to see a list of the releases in which each feature is supported. An account on Cisco. page 49 Finding Feature Information Your software release may not support all the features documented in this module. Encryption—Scrambles the content of a packet to prevent it from being learned by an unauthorized source. To find information about the features documented in this module.com is not required. page 47 Additional References for SNMP Version 3.SNMP Version 3 The SNMP Version 3 feature provides secure access to devices by authenticating and encrypting data packets over the network. page 41 Cisco-Specific Error Messages for SNMP Version 3. page 47 Feature Information for SNMP Version 3. Authentication—Determines that the message is from a valid source. page 44 Configuration Examples for SNMP Version 3. SNMP Configuration Guide. • • • • • • Finding Feature Information. standards-based protocol that is defined in RFCs 3413 to 3415. page 41 How to Configure SNMP Version 3. page 42 Security Features in SNMP Version 3 The security features provided in SNMPv3 are as follows: • • • Message integrity—Ensures that a packet has not been tampered with in transit. page 41 Information About SNMP Version 3.cisco. For the latest caveats and feature information. Information About SNMP Version 3 • • Security Features in SNMP Version 3. Use Cisco Feature Navigator to find information about platform support and Cisco software image support. This module discusses the security features provided in SNMPv3 and describes how to configure the security mechanism to handle SNMP packets. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 41 .com/go/cfn.

You can use the snmp-server usm cisco command to disable the descriptive messages. Table 5 SNMP Version 3 Security Levels Level Authentication Encryption What Happens noAuthNoPriv Username No Uses a username match for authentication. 2213. and the table compares these messages with the corresponding RFC 3414-compliant error messages.Cisco-Specific Error Messages for SNMP Version 3 Information About SNMP Version 3 SNMPv3 is a security model in which an authentication strategy is set up for a user and the group in which the user resides. 2206. These error messages comply with RFC 3414. Table 6 Cisco-Specific Error Messages for SNMP Version 3 Configured Security Level Security Level of RFC 3414-Compliant Error Incoming SNMP Message Indication Cisco-Specific Error Messages noAuthNoPriv noAuthNoPriv No error No error SNMP Configuration Guide. provides DES 56-bit encryption based on the Cipher Block Chaining (CBC)-DES (DES-56) standard. and 2271 to 2275. see RFC 2570. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 42 . authPriv MD5 or SHA Data Encryption Standard (DES) Provides authentication based on the HMACMD5 or HMAC-SHA algorithms. thus preventing malicious users from misusing the information shown in the error messages. The table below describes the Cisco-specific error messages shown when the snmp-server usm cisco command is used. Cisco-Specific Error Messages for SNMP Version 3 SNMPv3 provides different levels of security. Introduction to Version 3 of the Internet-standard Network Management Framework (this document is not a standard). authNoPriv Message Digest Algorithm 5 (MD5) or Secure Hash Algorithm (SHA) No Provides authentication based on the Hashed Message Authentication Code (HMAC)-MD5 or HMAC-SHA algorithms. 2104. a descriptive error message appears to indicate what went wrong. 2214. The table below describes the combinations of SNMPv3 security models and levels. A security level is the permitted level of security within a security model. If an authentication or an authorization request fails. In addition to authentication. SNMPv3 supports RFCs 1901 to 1908. For more information about SNMPv3. A combination of a security model and a security level determines which security mechanism is used when handling an SNMP packet.

the error shown is “AUTHORIZATION_ERROR”. The Cisco-specific error message for this scenario is “unknownUserName”.SNMP Version 3 Information About SNMP Version 3 Configured Security Level authNoPriv authPriv Note Security Level of RFC 3414-Compliant Error Incoming SNMP Message Indication Cisco-Specific Error Messages authNoPriv unsupportedSecurityLevel unknownUserName authPriv unsupportedSecurityLevel unknownUserName noAuthNoPriv AUTHORIZATION_ERROR unknownUserName authNoPriv with correct authentication password No error No error authNoPriv with incorrect wrongDigests authentication password unknownUserName authPriv unsupportedSecurityLevel unknownUserName noAuthNoPriv AUTHORIZATION_ERROR unknownUserName authNoPriv with correct authentication password AUTHORIZATION_ERROR unknownUserName authNoPriv with incorrect AUTHORIZATION_ERROR authentication password unknownUserName authPriv with correct authentication password and correct privacy password No error No error authPriv with correct authentication password and incorrect privacy password No response No response authPriv with incorrect authentication password and correct privacy password wrongDigests unknownUserName authPriv with incorrect authentication password and incorrect privacy password wrongDigests unknownUserName If an SNMP user belonging to an SNMP group is not configured with the password or if the group security level is not the same as the user security level. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 43 . SNMP Configuration Guide.

• • Configuring the SNMP Server. no default passwords exist. the authoritative SNMP agent is the remote agent. configure the SNMP engine ID by using the snmp-server engineID command for the remote agent. The minimum length for a password is one character. you must first reconfigure all the SNMP configurations. Perform this task to specify an SNMP server group name and to add a new user to an SNMP group. specify the IP address or port number for the remote SNMP agent of the device where the user resides. configure terminal 3. For SNMP notifications such as inform requests. snmp-server user user-name group-name [remote ip-address [udp-port port]] {v1 | v2c | v3 [encrypted] [auth {md5 | sha} auth-password]} [access access-list] 6. although it is recommended to use at least eight characters for security. To remove the user. Note The SNMP user cannot be removed if the engine ID is changed after configuring the SNMP user. specify an SNMP group or a table that maps SNMP users to SNMP views. page 44 Verifying SNMP Version 3. SUMMARY STEPS 1. enable 2. Also. the configuration command will fail. If the remote engine ID is not configured first. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 44 . page 46 Configuring the SNMP Server To configure an SNMP server user. you must configure SNMP groups and users with passwords. If you forget a password. You must configure the SNMP engine ID of the remote agent in the SNMP database before you can send proxy requests or inform requests to it. snmp-server group [group-name {v1 | v2c | v3 [auth | noauth | priv]}] [read read-view] [write writeview] [notify notify-view] [access access-list] 4. Note Default values do not exist for authentication or privacy algorithms when you configure the SNMP commands. before you configure remote users for a particular agent. you cannot recover it and must reconfigure the user. Also. You can specify either a plain text password or a localized MD5 digest.Configuring the SNMP Server How to Configure SNMP Version 3 How to Configure SNMP Version 3 To configure the SNMPv3 security mechanism and to use it to handle SNMP packets. end SNMP Configuration Guide. Then. SNMP passwords are localized using the SNMP engine ID of the authoritative SNMP engine. The SNMP engine ID of the remote agent is required to compute the authentication or privacy digests for the SNMP password. snmp-server engineID {local engine-id | remote ip-address [udp-port udp-port-number] [vrf vrfname] engine-id-string} 5.

{md5 | sha} auth-password]} [access access-list] Note For the auth-password argument. Example: Device(config)# snmp-server engineID remote 172. • Enter your password if prompted. cc. the SNMP server group group1 is configured to enable user authentication for members of the named access list lmnop. and dd are hexadecimal values. you can specify the digest instead of the plain text password. where aa. • In this example. Device(config)# snmp-server user user1 group1 v3 auth md5 password123 Note If you have the localized MD5 or SHA digest. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 45 .4 udp-port 120 1a2833c0129a Step 5 snmp-server user user-name group-name [remote ipAdds a new user to an SNMPv3 group and configures a plain address [udp-port port]] {v1 | v2c | v3 [encrypted] [auth text password for the user. and the password should include both Example: letters and numbers. the minimum length is one character. Example: Device> enable Step 2 configure terminal Enters global configuration mode. Also. the SNMP engine ID is configured for a remote user.SNMP Version 3 How to Configure SNMP Version 3 DETAILED STEPS Command or Action Purpose Step 1 enable Enables privileged EXEC mode.16. • Example: In this example. Device(config)# snmp-server group group1 v3 auth access lmnop Step 4 snmp-server engineID {local engine-id | remote ipaddress [udp-port udp-port-number] [vrf vrf-name] engine-id-string} Configures the SNMP engine ID. Example: Device# configure terminal Step 3 snmp-server group [group-name {v1 | v2c | v3 [auth | noauth | priv]}] [read read-view] [write write-view] [notify notify-view] [access access-list] Configures the SNMP server group to enable authentication for members of a specified named access list. the recommended length is at least eight characters. The digest should be formatted as aa:bb:cc:dd.15. Example: Device(config)# end SNMP Configuration Guide. Step 6 end Exits global configuration mode. bb. the digest should be exactly 16 octets in length.

Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 46 . SUMMARY STEPS 1. Example: Device# show snmp user user1 User name: user1 Engine ID: 00000009020000000C025808 storage-type: nonvolatile active access-list: 10 Rowstatus: active Authentication Protocol: MD5 SNMP Configuration Guide. The show commands can be entered in any order. Example: Device> enable Step 2 show snmp group Displays information about each SNMP group in the network. show snmp user [username] 4. show snmp engineID DETAILED STEPS Step 1 enable Enables privileged EXEC mode. show snmp group 3. Example: Device# show snmp group groupname: V1 readview : v1default notifyview: <no notifyview row status: active groupname: ILMI readview : *ilmi notifyview: <no notifyview row status: active groupname: ILMI readview : *ilmi notifyview: <no notifyview row status: active groupname: group1 readview : v1default notifyview: <no notifyview row status: active Step 3 security model:v1 writeview: <no writeview specified> specified> security model:v1 writeview: *ilmi specified> security model:v2c writeview: *ilmi specified> security model:v1 writeview: <no writeview specified> specified> show snmp user [username] Displays information about configured characteristics of an SNMP user. enable 2.Verifying SNMP Version 3 How to Configure SNMP Version 3 Verifying SNMP Version 3 Perform this task to verify the SNMPv3 configuration.

28.2. This configuration does not cause the device to send traps. Example: Device# show snmp engineID Local SNMP engineID: 1A2836C0129A Remote Engine ID IP-addr Port 1A2833C0129A remote 10.12.Example: Configuring SNMP Version 3 Configuration Examples for SNMP Version 3 Privacy protocol: DES Group name: group1 Step 4 show snmp engineID Displays information about the SNMP engine ID that is configured for an SNMP user. page 47 Example: Configuring SNMP Version 3 The following example shows how to enable SNMPv3.1 120 Configuration Examples for SNMP Version 3 • Example: Configuring SNMP Version 3.8. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 47 .4 v3 auth md5 password1 The following example shows how to configure a remote user to receive traps at the “priv” security level when the SNMPv3 security model is enabled: Device(config)# snmp-server group group3 v3 priv Device(config)# snmp-server user PrivateUser group3 remote 10.4 informs version 3 noauth remoteuser config The following example shows how to configure a remote user to receive traps at the “authNoPriv” security level when the SNMPv3 security model is enabled: Device(config)# snmp-server group group2 v3 auth Device(config)# snmp-server user AuthUser group2 remote 10.8. Device(config)# snmp-server community public The following example shows how to configure a remote user to receive traps at the “noAuthNoPriv” security level when the SNMPv3 security model is enabled: Device(config)# snmp-server group group1 v3 noauth Device(config)# snmp-server user remoteuser1 group1 remote 10.12.8.4 Device(config)# snmp-server host 10. The configuration permits any SNMP manager to access all objects with read-only permissions using the community string named “public”.8.4 v3 auth md5 password1 priv access des56 Additional References for SNMP Version 3 SNMP Configuration Guide.12.12.

command mode. use Cisco MIB Locator found at the following URL: http://www. usage guidelines. defaults. and feature sets. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 48 .com/go/mibs SNMP Configuration Guide. Cisco software releases. and Version 3 of the Internet-standard Network Management Framework RFC 3413 SNMPv3 Applications RFC 3414 User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3) RFC 3415 View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP) MIBs MIB MIBs Link SNMP-COMMUNITY-MIB To locate and download MIBs for selected platforms. All Releases SNMP commands: complete command syntax.SNMP Version 3 Additional References for SNMP Version 3 Related Documents Related Topic Document Title Cisco IOS commands Cisco IOS Master Command List. Version 2. and examples Cisco IOS SNMP Support Command Reference Standards and RFCs Standard/RFC Title RFC 2104 HMAC: Keyed-Hashing for Message Authentication RFC 2570 Introduction to Version 3 of the Internet-standard Network Management Framework RFC 2576 Coexistence between Version 1. command history.cisco.

and other countries. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies.com user ID and password.SNMP Version 3 Feature Information for SNMP Version 3 Technical Assistance Description Link The Cisco Support and Documentation website provides online resources to download documentation. To view a list of Cisco trademarks. in Cisco IOS software.cisco.html Feature Information for SNMP Version 3 The following table provides release information about the feature or features described in this module.0(6)S 12.0(1)S The SNMP Version 3 Community MIB Support feature implements support for the SNMP Community MIB module (SNMPCOMMUNITY-MIB). software.cisco. http://www.1(14) 12. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 49 .cisco.com/go/cfn. To access Cisco Feature Navigator. go to this URL: www. 12. Table 7 Feature Information for SNMP Version 3 Feature Name Releases Feature Information SNMP Version 3 12. Unless noted otherwise.0(22)S 12.1(3)T 12.2(13)T 15. defined in RFC 2576. Cisco IOS XE Release 3.0(3)T The SNMP Version 3 feature is used to provide secure access to devices by authenticating and encrypting data packets over the network. and tools. go to www. Use Cisco Feature Navigator to find information about platform support and Cisco software image support.1.com is not required.0SG Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U. Access to most tools on the Cisco Support and Documentation website requires a Cisco.2(18)S 15.2(4)T 12.com/cisco/web/support/ index.S. subsequent releases of that software release train also support that feature.com/go/trademarks. An account on Cisco.2(11)T 12. SNMP Configuration Guide.0(1)S SNMP Version 3 Community MIB Support 12. This table lists only the software release that introduced support for a given feature in a given software release train.

SNMP Configuration Guide. and other figures included in the document are shown for illustrative purposes only.SNMP Version 3 Third-party trademarks mentioned are the property of their respective owners. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 50 . The use of the word partner does not imply a partnership relationship between Cisco and any other company. network topology diagrams. command display output. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental. Any examples. (1110R) Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers.

com is not required. It is important to understand the SNMP architecture and the terminology of the architecture to understand the security model used and how the security model interacts with the other subsystems in the architecture. page 54 Feature Information for AES and 3-DES Encryption Support for SNMP Version 3. page 52 Additional References for AES and 3-DES Encryption Support for SNMP Version 3.cisco. For the latest caveats and feature information. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 51 . Prerequisites for AES and 3-DES Encryption Support for SNMP Version 3 • • • The network management station (NMS) must support Simple Network Management Protocol (SNMP) Version 3 to be able to use this feature. see Bug Search Tool and the release notes for your platform and software release. page 52 How to Configure AES and 3-DES Encryption Support for SNMP Version 3. Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator. page 51 Prerequisites for AES and 3-DES Encryption Support for SNMP Version 3.com/go/cfn. An account on Cisco. and to see a list of the releases in which each feature is supported. SNMP Configuration Guide. • • • • • • Finding Feature Information. go to www. The AES and 3-DES Encryption Support for SNMP Version 3 feature adds Advanced Encryption Standard (AES) 128-bit encryption in compliance with RFC 3826. page 51 Information About AES and 3-DES Encryption Support for SNMP Version 3. see the feature information table at the end of this module.AES and 3-DES Encryption Support for SNMP Version 3 The AES and 3-DES Encryption Support for SNMP Version 3 feature enhances the encryption capabilities of Simple Network Management Protocol (SNMP) Version 3. This feature is available only in Cisco software images that support encryption algorithms. To find information about the features documented in this module. page 56 Finding Feature Information Your software release may not support all the features documented in this module.

the other options are also implemented with the extension to use the USM. In addition. or 256 bits. provides support for the 128-bit key in the Advanced Encryption Standard (AES). Cisco-specific extensions to support Triple-Data Encryption Algorithm (3-DES) and AES 192-bit and 256-bit encryption have been added to the CISCOSNMP-USM-MIB. However. The AES Cipher Algorithm in the Simple Network Management Protocol (SNMP) User-based Security Model (USM) draft describes the use of AES with 128-bit key size. Support for SNMP Version 3 USM is compliant with RFC 3414. The AES and 3-DES Encryption Support for SNMP Version 3 feature supports the selection of privacy protocols through the CLI and the MIB. There is no standard for generating localized keys for 192. How to Configure AES and 3-DES Encryption Support for SNMP Version 3 • • Adding a New User to an SNMP Group. A new standard MIB. SNMP-USM-AES-MIB. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 52 . The extended options of AES with 192. There is no authentication protocol available for longer keys. which defines DES as the only required method of message encryption for SNMP Version 3 authPriv mode.AES and 3-DES Encryption Support for SNMP Version 3 Information About AES and 3-DES Encryption Support for SNMP Version 3 Information About AES and 3-DES Encryption Support for SNMP Version 3 Cipher Block Chaining/Data Encryption Standard (CBC-DES) is the privacy protocol for the AES and 3DES Encryption Support for SNMP Version 3 feature. 192. Prior to the introduction of this feature. This feature adds support for AES-128 (as per RFC 3826) and AES-192. The encryption key sizes are: • • AES encryption uses the Cipher Feedback (CFB) mode with encryption key sizes of 128. page 53 Verifying the SNMP User Configuration.or 256-bit size keys for AES or for 168-bit size key for 3-DES. RFC 3826 extensions have been included in the SNMP-USM-AES-MIB. only DES was supported (as per RFC 3414). Additional information can be found in the Internet-Draft titled Extension to the UserBased Security Model (USM) to Support Triple-DES EDE in "Outside" CBC Mode. 3-DES encryption uses the 168-bit key size for encryption.or 256-bit keys and 3-DES are supported as extensions to the SNMP-USM-MIB in the Cisco-specific MIB— CISCO-SNMP-USM-EXT-MIB. page 53 SNMP Configuration Guide. and AES-256 and 3-DES (as per CISCO-SNMP-USM-OIDS-MIB).

Advanced Encryption Standard (AES). end DETAILED STEPS Command or Action Purpose Step 1 enable Enters privileged EXEC mode. specifies the privacy algorithm to be used [Data Encryption Standard (DES). specifies a group to which the user belongs. use the show snmp user command in privileged EXEC mode. Device(config)# snmp-server user new-user newgroup v3 auth md5 secureone priv aes 128 privatetwo 2 Step 4 end Exits global configuration mode and returns to privileged EXEC mode. Example: Device# configure terminal Step 3 snmp-server user username group-name [remote host [udp-port port] [vrf vrf-name]] {v1 | v2c | v3 [encrypted] [auth {md5 | sha} auth-password]} [access [ipv6 nacl] [priv {des | 3des | aes {128 | 192 |256}} privpassword] {aclnumber | acl-name}] Example: Adds a Simple Network Management Protocol (SNMP) user. or AES-256]. configure terminal 3. snmp-server user username group-name [remote host [udp-port port] [vrf vrf-name]] {v1 | v2c | v3 [encrypted] [auth {md5 | sha} auth-password]} [access [ipv6 nacl] [priv {des | 3des | aes {128 | 192 | 256}} privpassword] {acl-number | acl-name}] 4. specifies the authorization algorithm to be used [Message Digest 5 (MD5) or Secure Hash Algorithm (SHA)]. and specifies the password to be associated with the selected privacy protocol. 3-DES. Example: Device> enable Step 2 configure terminal Enters global configuration mode. SNMP Configuration Guide. enable 2. Example: Device(config)# end Verifying the SNMP User Configuration To display information about the configured characteristics of Simple Network Management Protocol (SNMP) users. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 53 . • Enter your password when prompted.Adding a New User to an SNMP Group How to Configure AES and 3-DES Encryption Support for SNMP Version 3 Adding a New User to an SNMP Group SUMMARY STEPS 1. AES-192.

unlike other SNMP configurations. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 54 .AES and 3-DES Encryption Support for SNMP Version 3 Additional References for AES and 3-DES Encryption Support for SNMP Version 3 Note The show snmp user command displays all users configured on the device. show snmp user Example: The following is sample output for username “abcd”. the engine ID string “00000009020000000C025808”. enable 2. • Step 2 Enter your password when prompted. the snmp-server user command will not appear in the output. However. SUMMARY STEPS 1. show snmp user DETAILED STEPS Step 1 enable Example: Device> enable Enters privileged EXEC mode. and the storage type “nonvolatile”: Device# show snmp user abcd User name: abcd Engine ID: 00000009020000000C025808 storage-type: nonvolatile active access-list: 10 Rowstatus: active Authentication Protocol: MD5 Privacy protocol: 3DES Group name: VacmGroupName Group name: VacmGroupName Additional References for AES and 3-DES Encryption Support for SNMP Version 3 SNMP Configuration Guide.

Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 55 .AES and 3-DES Encryption Support for SNMP Version 3 Additional References for AES and 3-DES Encryption Support for SNMP Version 3 Related Documents Related Topic Document Title Cisco IOS commands Cisco IOS Master Command List.txt Extension to the User-Based Security Model (USM) to Support Triple-DES EDE in “Outside” CBC Mode RFC 2574 User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3) RFC 3411 Architecture for Describing Internet Management Frameworks RFC 3414 User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3) RFC 3826 The Advanced Encryption Standard (AES) Cipher Algorithm in the SNMP User-based Security Model MIBs MIB • • MIBs Link CISCO-SNMP-USM-OIDS-MIB SNMP-USM-AES-MIB To locate and download MIBs for selected platforms. Cisco software releases. use Cisco MIB Locator found at the following URL: http://www.com/go/mibs SNMP Configuration Guide. All Releases SNMP commands Cisco IOS SNMP Support Command Reference SNMP configuration tasks Network Management Configuration Guide Standards and RFCs Standard/RFC Title draft-reeder-snmpv3-usm-3desede-00. and feature sets.cisco.

software.com/cisco/web/support/ index. Access to most tools on the Cisco Support and Documentation website requires a Cisco.1.cisco. subsequent releases of that software release train also support that feature. 12. Unless noted otherwise. http://www. which defines DES as the only required method of message encryption for SNMP Version 3 authPriv mode.com is not required.2(33)SB The AES and 3-DES Encryption Support for SNMP Version 3 feature enhances the encryption capabilities of Simple Network Management Protocol (SNMP) Version 3.2(33)SRB 12.0(1)S Cisco IOS XE Release 3.html Feature Information for AES and 3-DES Encryption Support for SNMP Version 3 The following table provides release information about the feature or features described in this module.com user ID and password. This table lists only the software release that introduced support for a given feature in a given software release train. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies.cisco. Use Cisco Feature Navigator to find information about platform support and Cisco software image support. go to www.AES and 3-DES Encryption Support for SNMP Version 3 Feature Information for AES and 3-DES Encryption Support for SNMP Version 3 Technical Assistance Description Link The Cisco Support and Documentation website provides online resources to download documentation. and tools. An account on Cisco.4(2)T 15.2(33)SXI 12. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 56 .com/go/cfn.0 and expanded in Cisco IOS Release 12.0SG SNMP Configuration Guide.1. Data Encryption Standard (DES) support was introduced in Cisco IOS Release 12. To access Cisco Feature Navigator. Table 8 Feature Information for AES and 3-DES Encryption Support for SNMP Version 3 Feature Name Releases Feature Information AES and 3-DES Encryption Support for SNMP Version 3 12. Support for SNMP 3 User-Based Security Model (USM) is compliant with RFC 3414.

The use of the word partner does not imply a partnership relationship between Cisco and any other company. and other figures included in the document are shown for illustrative purposes only.com/go/trademarks.S. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental. Third-party trademarks mentioned are the property of their respective owners. Any examples. and other countries. (1110R) Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers.cisco. SNMP Configuration Guide.AES and 3-DES Encryption Support for SNMP Version 3 Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 57 . To view a list of Cisco trademarks. network topology diagrams. command display output. go to this URL: www.

Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 58 .Verifying the SNMP User Configuration SNMP Configuration Guide.

see the feature information table at the end of this module. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 59 . ceImageLocationTable. the ceImageLocationTable lists all SNMP Configuration Guide. The ceImageInstallableTable lists installables installed on base images. The MIB supports querying package information on the Cisco IOS XE system for installed images. A modular operating system image consists of a base image and all the installables loaded on the base image.com/go/cfn. Information About Cisco Enhanced Image MIB • • • • • Cisco Enhanced Image MIB Overview. and ceImageTable. The MIB has been extended to be useful for modular operating systems. • • • • Finding Feature Information.com is not required. The three image tables provide information about currently running images on the system. such as routers and switches. page 59 Additional References. Use Cisco Feature Navigator to find information about platform support and Cisco software image support.cisco. go to www.Cisco Enhanced Image MIB The Cisco Enhanced Image MIB provides information about images that are running on the system. and to see a list of the releases in which each feature is supported. For the latest caveats and feature information. see Bug Search Tool and the release notes for your platform and software release. page 62 Feature Information for Cisco Enhanced Image MIB. page 60 Image Location Table. page 60 Image Table. page 61 Sample Output from the Cisco Enhanced Image MIB Query. page 59 Image Installable Table. page 61 Cisco Enhanced Image MIB Overview The CISCO-ENHANCED-IMAGE-MIB is used to obtain information about images that are running on various entities or nodes on Cisco IOS devices. page 63 Finding Feature Information Your software release may not support all the features documented in this module. To access Cisco Feature Navigator. An account on Cisco. page 59 Information About Cisco Enhanced Image MIB. To find information about the features documented in this module. The MIB supports the following three tables: ceImageInstallableTable.

The table below describes the location table objects and the values populated for each object. SNMP Configuration Guide.1)S is 12. This table is applicable to operating systems that support installables. so this entry always has a default value of 1. A modular operating system can consist of a base image and installables. Image Installable Table The Cisco Enhanced Image MIB installable table. the major number for version 12.1)S is (18. the revision number for version 12.maintenance. ceImageInstallableMajorVerNumber Major version number of the software installable. Entries are added in this table when an installable is installed on the image. For example. ceImageLocationTable. ceImageInstallableType Type of the software package.3(18.3(18. The term location in ceImageLocationTable describes the location on the file system where the installed software is placed. ceImageInstallableRevisionVerNum Maintenance version string of the software installable. ceImageInstallableStatus Status of the software installable. Installable Table Object Description ceImageInstallableDate Date on which the package was installed. ceImageLocationRunningStatus Status of the image currently running on the system. ceImageInstallableTable lists software installables installed on the system. the minor number for version 12. The version is represented as major.Image Installable Table Information About Cisco Enhanced Image MIB locations where these images are running and also the status of the images at these locations. Image Location Table The Cisco Enhanced Image MIB location table. Every image has a table of installables. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 60 . along with the status of images at these locations.1)S. ceImageInstallableRowStatus Status of the conceptual row. This object has a value True if the image from this location is currently running on the system. This string represents incremental change in the image over the minor release number. ceImageInstallableMinorVerNumber Minor version number of the software installable. and the ceImageTable lists the base images.minor. For example. The location table is applicable to modular operating systems. The table below describes the installable table objects and the values populated for each object. The Simple Network Management Protocol (SNMP) Get operation is the only supported option for this table.1)S is 3. Location Table Object Description ceImageLocation Location where the operating system is currently loaded on the system. Entries are deleted from this table when installables are removed or rolled back from the image. ceImageInstallableName Name of the package.3(18. For example. consists of a list of all locations where the images are running.

249.1.9.249.1.1.1.249.1.2.4.1.2.3.249.2.DEV-0" SNMPv2-SMI::enterprises.1.9. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 61 . Sample Output from the Cisco Enhanced Image MIB Query The follwoing is output obtained from the MIB query: /opt/cisco-net-snmp/bin/snmpwalk -v2c -c public 172.2.9.1.6.249.2.1.1.9.249.1.0.1.249.9.4.249.2.1.2. Image Table Object Description ceImageDescription Description of the running OS image.2 = INTEGER: 1 SNMPv2-SMI::enterprises.2.3.2.1.1.1. and so on.4 = INTEGER: 1 SNMPv2-SMI::enterprises. ceImageTable.9.1.1.3.4 = INTEGER: 4 SNMPv2-SMI::enterprises.2.4 = STRING: "Platform" SNMPv2-SMI::enterprises.1.2.1. IOS-XE Software. ExperimentalVersion 0.3 = STRING: "IOS" SNMPv2-SMI::enterprises.2.2.3 = INTEGER: 1 SNMPv2-SMI::enterprises.2.9.1.249.2.5 = INTEGER: 1 SNMPv2-SMI::enterprises.9.1.9.1 = STRING: "IP|SLA|IPv6|IS-IS|FIREWALL|PLUS| QoS|HA|NAT|MPLS| VPN|LEGACY PROTOCOLS|3DES|SSH|APPN|IPSEC" SNMPv2-SMI::enterprises.9.9.1.1.1.1.249.9.9.9.1.1.1.1.1.2.2.1.1.2.1.9.249. In a stack or High Availability (HA) scenario. shows details about the currently running image on the active device.2.2.2.1.1.1.249.249.1.3.9. ceImageMedia Media on which the image represented by this entry is running. ceImageVersion Version of the running OS image.1.1.4.2.9.1.1.2.1.1.4.1.9.249.9. ceImageFeature Feature set supported on the running image.1.2.249.2.3.1.249. C7200.1.2.249.9.9.1.9.249.1.6 = INTEGER: 1 SNMPv2-SMI::enterprises.1.1.1.1.1.249.9.1.2.1 = INTEGER: 4 SNMPv2-SMI::enterprises.1.9. The table below describes the image table objects and the values populated for each object.2.1.1.2.9.1 = STRING: "Cisco IOS Software.1.1.5 = STRING: "Infra" SNMPv2-SMI::enterprises.1.2.9.9.1.2.9.9.1.30.1.4.249.1 = STRING: "CAT3K_CAA-UNIVERSALK9-M" SNMPv2-SMI::enterprises.9.9.6.9.2 = Gauge32: 0 SNMP Configuration Guide.2.1.5.1.9.1.4.DEV-0 SNMPv2-SMI::enterprises.9.2.9.249.9. Examples of image families are C3640.7.249.255.9.1.1.2.1.1.9.2.9.Image Table Information About Cisco Enhanced Image MIB Image Table The Cisco Enhanced Image MIB.2.9.1. ceImageFamily Name of the family of the running OS image.1.1.1 = STRING: "Drivers" SNMPv2-SMI::enterprises.1.9.1.9.1 = Gauge32: 0 SNMPv2-SMI::enterprises.1 = STRING: "0.1.9.1.1. The image family indicates the platform for which the image is built.1.2.1 = STRING: "CAT3K_CAA" SNMPv2-SMI::enterprises.1.9.2.1.1.1.1.1.2.2.1.1 = INTEGER: 1 SNMPv2-SMI::enterprises.1.2.1.1.1.3.1. this table includes details about all the members in the stack.2.2 = INTEGER: 4 SNMPv2-SMI::enterprises.9.3.1.1.bin" SNMPv2-SMI::enterprises.1 = STRING: "tftp://172.9.9.4.2.6 = INTEGER: 4 SNMPv2-SMI::enterprises.1.1.1 = INTEGER: 1 SNMPv2-SMI::enterprises.1.1.2. Catalyst L3 Switch Software (CAT3K_CAA-UNIVERSALK9-MClosePair(')').2.1 = INTEGER: 1 SNMPv2-SMI::enterprises.9.9.249.1.249.9.249 SNMPv2-SMI::enterprises.1.249.1.2 = STRING: "WCM" SNMPv2-SMI::enterprises. ceImageName Name of the running OS image on the device.16.5.2.9.5.249.249.1.3.1.0/shapeng/ cat3k.1.1.2.2.1.4.1.3.9.1.1 1.249.3 = INTEGER: 4 SNMPv2-SMI::enterprises.1.9.9.9.1.9.1.6 = STRING: "Base" SNMPv2-SMI::enterprises.1.5 = INTEGER: 4 SNMPv2-SMI::enterprises.9.2.9.2.1.

6.2.2.9.4 SNMPv2-SMI::enterprises.9.1.9.2 SNMPv2-SMI::enterprises.5.1.249.1 SNMPv2-SMI::enterprises.9.1.9.8.9.1.com/go/mibs SNMP Configuration Guide. Additional References Related Documents Related Topic Document Title Cisco IOS commands Cisco IOS Master Command List.2.2.7. and feature sets.9.2.2.6.1.1.7.9.1.1.1.9.3 SNMPv2-SMI::enterprises.5. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 62 .1.1.2.9.3 SNMPv2-SMI::enterprises.249.9.9.7.9.1.2.1.2.1.1.9.8.9.249.1.1.3 SNMPv2-SMI::enterprises.2.cisco.1.1.9.9.2.1.7.4 SNMPv2-SMI::enterprises.6 SNMPv2-SMI::enterprises.1.6 SNMPv2-SMI::enterprises.249.1.249.5 SNMPv2-SMI::enterprises.1.1.1.9.1.2.9.2.2.1.2.2.2.1.249.1.249.1.1.249.2.1.249.1.9.9.5.2 SNMPv2-SMI::enterprises.1.1.1.1.9.2 SNMPv2-SMI::enterprises.2 SNMPv2-SMI::enterprises.249.1.249.1.1.2.1.1.1.2.1.3 SNMPv2-SMI::enterprises.9.249.9.2.4 SNMPv2-SMI::enterprises.2.5 SNMPv2-SMI::enterprises. use Cisco MIB Locator found at the following URL: http://www.1.2.9.1.249.9.1.2.2.6.5 SNMPv2-SMI::enterprises.1.9.9.2.1.6 = = = = = = = = = = = = = = = = = = = = = = = = = = = = Gauge32: 0 Gauge32: 0 Gauge32: 0 Gauge32: 0 Gauge32: 0 Gauge32: 0 Gauge32: 0 Gauge32: 0 Gauge32: 0 Gauge32: 0 STRING: "DEV-0" STRING: "DEV-0" STRING: "0" STRING: "DEV-0" STRING: "DEV-0" STRING: "DEV-0" Hex-STRING: B2 07 Hex-STRING: B2 07 Hex-STRING: B2 07 Hex-STRING: B2 07 Hex-STRING: B2 07 Hex-STRING: B2 07 INTEGER: 1 INTEGER: 1 INTEGER: 1 INTEGER: 1 INTEGER: 1 INTEGER: 1 01 01 01 01 01 01 01 01 01 01 01 01 00 00 00 00 00 00 0008 0008 0008 0008 0008 0008 00 00 00 00 00 00 The output shown above is similar to that obtained from the show version and show version running commands from the CLI.249.3 SNMPv2-SMI::enterprises.9.1.1.9.2.1.1.9.2.2.9.2.6 SNMPv2-SMI::enterprises.9.9.1.1 SNMPv2-SMI::enterprises.2.5 SNMPv2-SMI::enterprises.1.9.249.1.2.6 SNMPv2-SMI::enterprises.1.1.1.1.9.2.9.9.2.2.249.5 SNMPv2-SMI::enterprises.9.9.9.9.1.2.1 SNMPv2-SMI::enterprises.1.8.1.Cisco Enhanced Image MIB Additional References SNMPv2-SMI::enterprises.9.1.1.1.1.2.9.1.1.9.1.8.1.1.1.249.249.1.6.2.2.9.1.2.2.2.1.1.6.1.1.9.1.1.1.9.9.9.1.1.1. Cisco software releases.1.1.2.7.2.2.7.1.249.1.1.8.2.1.249.9.9.2.2.1.1.2.1.1.249.8.9.1.1.1.1.249.1.1.1.9.249.1.9.249.2.9.2.1.249.9.2.1.1.9.1.2.1 SNMPv2-SMI::enterprises.1.9.4 SNMPv2-SMI::enterprises.249.1.249.2.5. All Releases SNMP commands Cisco IOS SNMP Support Command Reference SNMP configuration tasks Network Management Configuration Guide MIBs MIB MIBs Link CISCO-ENHANCED-IMAGE-MIB To locate and download MIBs for selected platforms.1.6.9.1.249.2.4 SNMPv2-SMI::enterprises.9.1.9.2.

Access to most tools on the Cisco Support and Documentation website requires a Cisco. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. This table lists only the software release that introduced support for a given feature in a given software release train. http://www.Cisco Enhanced Image MIB Feature Information for Cisco Enhanced Image MIB Technical Assistance Description Link The Cisco Support and Documentation website provides online resources to download documentation. Table 9 Feature Information for Cisco Enhanced Image MIB Feature Name Releases Feature Information Cisco Enhanced Image MIB 15. To view a list of Cisco trademarks. and other figures included in the document are shown for illustrative purposes only. software.3(1)S The CISCO-ENHANCEDIMAGE-MIB provides information about events running on the system and has been extended to be useful for modular operating systems. To access Cisco Feature Navigator. command display output. SNMP Configuration Guide.8S No commands were introduced or modified for this feature.cisco.html Feature Information for Cisco Enhanced Image MIB The following table provides release information about the feature or features described in this module. Third-party trademarks mentioned are the property of their respective owners. network topology diagrams. go to www. Use Cisco Feature Navigator to find information about platform support and Cisco software image support. (1110R) Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U. Unless noted otherwise. subsequent releases of that software release train also support that feature. and other countries.com/go/cfn. go to this URL: www. Any examples.S. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 63 .cisco.com/cisco/web/support/ index.cisco. An account on Cisco.com user ID and password.com is not required. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental. and tools. Cisco IOS XE Release 3.com/go/trademarks. The use of the word partner does not imply a partnership relationship between Cisco and any other company.

Sample Output from the Cisco Enhanced Image MIB Query SNMP Configuration Guide. Cisco IOS XE Release 3SE (Catalyst 3850 Switches) 64 .