Template:FAQ:Agent 23

From Net-SNMP Wiki
Revision as of 22:24, 22 October 2006 by Dts12 (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

The simplest way is to use the configure directives: 

               rocommunity public       (for SNMPv1/2c)
               rwcommunity private

or 

               rouser user1             (for SNMPv3)
               rwuser user2

These specify the community names or security names to accept for read-only and read-write access to the whole of the supported MIB tree. (Obviously you should change these names to match your requirements - which is a particularly good idea in the case of 'rwcommunity'!)

Note that it is not necessary (and not advisible) to specify the same community name for both rocommunity and rwcommunity directives. The rwcommunity setting automatically includes rocommunity access, and having both lines (with the same community name) may result in apparently inconsistent behaviour. Only use both settings when specifying different community names. The same holds true for rouser and rwuser.

All four of these settings can can also be restricted to particular subtrees, and/or request sources. See 'snmpd.conf(5)' for details.

These directives are effectively wrappers round the core access control mechanism, which uses the four directives 'com2sec', 'group', 'view' and 'access' to provide a more efficient and flexible control over who can access which portions of the tree.

See the next question for the gory details, and the entry after that for setting up SNMPv3 users.

Retrieved from "http://www.net-snmp.org/wiki/index.php?title=Template:FAQ:Agent_23&oldid=1667"