Rate and give feedback:  Feedback Received. Thank You!

Rate and give feedback: 

X

This document helped resolve my issue

Yes No

Additional Comments

800 characters remaining

May we contact you if necessary?

Name:  

E-mail: 

Enter a valid Email ID

Need product assistance? Contact Juniper Support

Submit

This site is protected by hCaptcha and its Privacy Policy and Terms of Service apply.

English  

English

Configuring Access Privileges for a Group

In SNMPv3, you can configure a group that sets the same access privileges for one or more users. Configuring a group includes defining the security model and security level, and associating one or more MIB view permissions for the group.

Note: You must associate at least one MIB view with the group. You can associate multiple MIB views (read, notify, write) to authorize different permissions based on the view. The view name cannot exceed 32 characters.

1. To configure the group:
   [edit snmp v3 vacm access]user@switch# edit group group-name
2. To configure the context prefix of the SNMP instance for the group:
   [edit snmp v3 vacm access group group-name]user@switch# edit (default-context-prefix | context-prefix context-prefix)

   For example, to configure the default context prefix:

   [edit snmp v3 vacm access group group-name]user@switch# edit default-context-prefix
3. To configure the security model:
   [edit snmp v3 vacm access group group-name (default-context-prefix | context-prefix context-prefix)]user@switch# edit security-model (any | usm | v1 | v2c)

   For example, to configure the SNMPv3 user-based security model (USM):

   [edit snmp v3 vacm access group group-name (default-context-prefix | context-prefix context-prefix)]user@switch# edit security-model usm
4. To configure the security level:
   [edit snmp v3 vacm access group group-name (default-context-prefix | context-prefix context-prefix) security-model (any | usm | v1 | v2c)]user@switch# edit security-level (authentication | none | privacy)

   For example, to configure a security level requiring user authentication and encryption:

   [edit snmp v3 vacm access group group-name (default-context-prefix | context-prefix context-prefix) security-model (any | usm | v1 | v2c)]user@switch# edit security-level privacy

   Note: Access privileges are granted to all packets with a security level equal to or greater than that configured. If you are configuring the SNMPv1 or v2c security model, use none as your security level. If you are configuring the SNMPv3 security model (USM), use the authentication, none, or privacy security level.

5. (Optional) To associate a read-only MIB view with an SNMP group:
   [edit snmp v3 vacm access group group-name (default-context-prefix | context-prefix context-prefix) security-model (any | usm | v1 | v2c) security-level (authentication | none | privacy)]user@switch# edit read-view view-name
6. (Optional) To associate a MIB view with an SNMP notification permission for an SNMP group:
   [edit snmp v3 vacm access group group-name (default-context-prefix | context-prefix context-prefix) security-model (any | usm | v1 | v2c) security-level (authentication | none | privacy)]user@switch# edit notify-view view-name
7. (Optional) To associate a MIB view with write permission for an SNMP group:
   [edit snmp v3 vacm access group group-name (default-context-prefix | context-prefix context-prefix) security-model (any | usm | v1 | v2c) security-level (authentication | none | privacy)]user@switch# edit write-view view-name