cancel
Showing results for 
Search instead for 
Did you mean: 

How do you change the default SNMP Community string on an Enterasys C3?

How do you change the default SNMP Community string on an Enterasys C3?

Robert_Lawrence
New Contributor
How do you change the default SNMP Community string on an Enterasys C3?
14 REPLIES 14

Robert_Lawrence
New Contributor
First off, thanks all for the advice and help. I think I have it figured out because of all of the above responses. One thing I'm confused about when using v1 and v2: Does the group and user name have to match the community string? If so, why does the EOS hash the community string in the "show config snmp" output, but leaves the group name and user name plain text?

Erik_Auerswald
Contributor II
Hi,

C3 (and the other EOS devices) need an SNMP user and group for SNMPv1/v2c as well, not just for SNMPv3. Thus it is not sufficient to configure only a new community string. If you really want to use SNMPv1 (with community WHATEVER), you could do it as follows:
set snmp access WHATEVER security-model v1 exact read All write All notify All nonvolatile set snmp group WHATEVER user WHATEVER security-model v1 set snmp community WHATEVERYou can replace v1 with v2c to use SNMP version 2 with community string.

I recommend to always use SNMPv3 instead of v1 or v2c.

Erik

Jason_Parker
Contributor
On the securestacks you will have 2 SNMP community lines by default 1. Set snmp community public 2. set snmp community :3fb03022e4966512343b511c263dcf1240739359ec6cad7d8c6277007e7e0657521e0641967b150156 ( which is also public) After you cleared them and want to set one it back To basically return to the default setting for community name public Set snmp community public Or You want a new community name then:use Set snmp community abc123 Your done Now basically use the commands after "then" by Rich, but there is one gotcha and that is the last command with the set Snmp user abc123 Authentication md5 xxx It will give you an error every time That is because you need to know the encryption of your md5 and des password and most likely do not know it so use the command set snmp user abc123 authentication md5 Sneakernet privacy Sneakernet it will encypt both Sneakernet passwords for you This can be seen with the command Show config snmp **** A note of interest for SNMPV3 configuration You will not need a snmp community if you are using USM which is actually SNMpv3 Jason

Rich_Upshaw
New Contributor II
ABC Series are a bit different than the others in terms of clearing out default snmp configuration and I've found that the little nuances are tricky as well. Normally, when I start working with the C's, I clear out everything and then put in my own snmp v3 config:
clear snmp access ro security-model v1
clear snmp access ro security-model v2c
clear snmp access public security-model v1
clear snmp access public security-model v2c
clear snmp access public security-model usm
clear snmp group ro ro security-model v1
clear snmp group ro ro security-model v2c
clear snmp group public public security-model v1
clear snmp group public public security-model v2c
clear snmp user public
Then:
set snmp group user security-model usm
set snmp access security-model usm privacy exact read All write All notify All nonvolatile set snmp user authentication md5 encryption des privacy That's it in a nutshell. You can change around your authentication algorithm and privacy encryption to match your nms.
GTM-P2G8KFN