Hi Guys,
I am just pasting an example configuration for you guys. May be it helps
Example: Configuring an SNMPv3 packet
In this example, you (as the root admin) configure an SNMPv3 packet.
WebUI
1. Engine-ID
NOTE: Local engine ID configuration is optional. A local-engine ID is to identify an
SNMP entity. By default, the serial number of the device is assigned as the value of
the local engine ID.
Configuration > Report Settings > SNMPv3: Enter the following settings, then
click Apply:
Local-engine id: netscreen
2. USM User
Configuration > Report Settings > SNMPv3 > USM User > New User: Enter
the following settings, then click OK:
User Name: netscreen
Authentication Type: (select)
Authentication Password: netscreen
Privacy Protocol: (select)
Privacy Password: netscreen
3. View
Configuration > Report Settings > SNMPv3 > VACM > New View: Enter the
following settings, then click OK:
View Name: test-view
Configuration > Report Settings > SNMPv3 >VACM > View Databse Edit:
Enter the following settings, then click Add:
Subtree OID: .1
404 ■ Simple Network Management Protocol
Concepts & Examples ScreenOS Reference Guide
Subtree Mask: FF
Type: (select)
4. Access Group
Configuration > Report Settings > SNMPv3 >VACM > New Access Group:
Enter the following settings, then click OK:
Group Name: test-grp
Security Model: (select)
Security Level: (select)
Read View: (select)
Write View: (select)
Notification View: (select)
5. Group Mapping
Configuration > Report Settings > SNMPv3 > VACM > New Sec-to-group
Mapping: Enter the following settings, then click OK:
Security Model: (select)
User Name: (select)
Community: (read only)
Group Name: (select)
6. Community
NOTE: The community name must be unique.
Configuration > Report Settings > SNMPv3 > Community > New Community:
Enter the following settings, then click OK:
Community Name: public
Tag: public
7. Trap
Configuration > Report Settings > SNMPv3 >Trap > New Filter: Enter the
following settings, then click OK:
Filter Name: test-filter
Configuration > Report Settings > SNMPv3 > Trap > Filter Database Edit:
Enter the following settings, then click Add:
Subtree OID: .1
Subtree Mask: FF
Type: (select)
8. Target Parameter
Configuration > Report Settings > SNMPv3 > Trap > New Target Parameter:
Enter the following settings, then click OK:
Simple Network Management Protocol ■ 405
Chapter 11: Monitoring Security Devices
Target Parameter Name: test-param
Filter Name: (select)
Security Model: (select)
Security Level: (select)
User Name: (select)
9. Target Address
Configuration > Report Settings > SNMPv3 > Trap > New Target Address:
Enter the following settings, then click OK:
Target Name: test-target
Target IPv4 Address/Netmask: 192.168.1.1/32
Trap Port: 162
Target Parameter: (select)
Taglist: (select)
CLI
1. Engine ID
set snmpv3 local-engine id netscreen
2. USM User
set snmpv3 user netscreen auth md5 auth-pass netscreen priv des priv-pass
netscreen
3. View
set snmpv3 view name test-view
set snmpv3 view test-view oid .1 mask FF type include
4. Access Group
set snmpv3 access group test-grp sec-model usm sec-level priv read test-view
5. Group Mapping
set snmpv3 group-mapping sec-model usm user netscreen group test-grp
6. Community
set snmpv3 community public tag public
7. Trap
set snmpv3 filter name test-filter
set snmpv3 filter test-filter oid .1 mask FF type include
8. Target Parameter
set snmpv3 target-param test-param filter test-filter sec-model usm sec-level priv
user netscreen
406 ■ Simple Network Management Protocol
Concepts & Examples ScreenOS Reference Guide
9. Target Address
set snmpv3 target test-target address 192.168.1.1/32 port 162 target-param
test-param
Thanks
farhan