Supported Platforms
Assigning Security Model and Security Name to a Group
To assign security names to groups, include the following statements at the [edit snmp v3 vacm security-to-group] hierarchy level:
This topic includes the following sections:
Configuring the Security Model
To configure the security model, include the security-model statement at the [edit snmp v3 vacm security-to-group] hierarchy level:
- usm—SNMPv3 security model
- v1—SNMPv1 security model
- v2c—SNMPv2 security model
Assigning Security Names to Groups
To associate a security name with an SNMPv3 user, or a v1 or v2 community string, include the security-name statement at the [edit snmp v3 vacm security-to-group security-model (usm | v1 | v2c)] hierarchy level:
For SNMPv3, the security-name is the username configured at the [edit snmp v3 usm local-engine user username] hierarchy level. For SNMPv1 and SNMPv2c, the security name is the community string configured at the [edit snmp v3 snmp-community community-index] hierarchy level. For information about configuring usernames, see Creating SNMPv3 Users. For information about configuring a community string, see Configuring the SNMPv3 Community.
 | Note: The USM security name is separate from the SNMPv1 and SNMPv2c security name. If you support SNMPv1 and SNMPv2c in addition to SNMPv3, you must configure separate security names within the security-to-group configuration at the [edit snmp v3 vacm access] hierarchy level. |
Configuring the Group
After you have created SNMPv3 users, or v1 or v2 security names, you associate them with a group. A group is a set of security names belonging to a particular security model. A group defines the access rights for all users belonging to it. Access rights define what SNMP objects can be read, written to, or created. A group also defines what notifications a user is allowed to receive.
If you already have a group that is configured with all of the view and access permissions that you want to give a user, you can add the user to that group. If you want to give a user view and access permissions that no other groups have, or if you do not have any groups configured, create a group and add the user to it.
To configure the access privileges granted to a group, include the group statement at the [edit snmp v3 vacm security-to-group security-model (usm | v1 | v2c) security-name security-name] hierarchy level:
group-name identifies a collection of SNMP security names that share the same access policy. For more information about groups, see Defining Access Privileges for an SNMP Group.
