Configuring Access Control for the VACM
To configure the access control for the view-based access control model (VACM):
See Associating Security Names with a Community.
See Defining Named Views.
See Defining Access Privileges for an SNMP Group.
See Assigning Security Names to Groups.
Associating Security Names with a Community
For SNMPv1 or SNMPv2c packets, you must assign security names to groups at the
[edit snmp v3 vacm security-to-group]
hierarchy level, and you must associate a security name with an SNMP community.
- Click Configure>SNMP>V3.
- From the Create new list, select SNMP Community.
- Enter a name for the new SNMP Community in the dialog box, and click OK.
- From the side pane, expand the name of the SNMP community, enter information as described in the Help text in the main pane, and then click Apply.
Defining Named Views
- Click Configure, and expand SNMP.
- From the Create new list, select View.
- Enter a name for the new View in the dialog box, and click OK.
- From the side pane, expand the name of the view,
- From the Create new list, select OID.
- Enter a name for the new OID in the dialog box, and click OK.
Defining Access Privileges for an SNMP Group
To configure MIB views with a group for the VACM:
- Click Configure, and expand SNMP>V3>VACM>Access
- From the Create new list, select Group.
- Enter a name for the new Group in the dialog box, and click OK.
The group name is the name for a collection of SNMP security names that belong to the same SNMP access policy.
- From the side pane, expand the name of the group, click on Default Context Prefix,
- From the Create New box, select the Security Model for access privileges.
- From the Create New box, select the Security Level for access privileges.
Assigning Security Names to Groups
For SNMPv1 or SNMPv2c packets, you must assign security names to groups and you must associate a security name with an SNMP community.