(1) snmp default community is public, make sure to define another community, e.g. companypub
switch(config)# snmp-server community companypub

(2) Create an SNMPv3 user using SHA for authentication and AES for privacy:
switch(config)# snmpv3 user checkmk-monitoring auth sha auth-pass plaintext passAuth01 priv aes priv-pass plaintext passAuth02

(3) create an SNMPv3 context with the community name created above and assigned to the mgmt VRF:
switch(config)# snmpv3 context snmpv3mgmt vrf mgmt community companypub

(4) Enable SNMP on the VRF, that is used for switch monitoring:
switch(config)# snmp-server vrf mgmt

(5) optional
Disable support for SNMPv1 and SNMPv2c and only accept SNMPv3 messages using the following command:
switch(config)# snmp-server snmpv3-only

(6) run a test ;-)
snmpwalk -v 3 -l authPriv -u checkmk-monitoring -a SHA -A passAuth01 -x AES -X passAuth02

computer2know :: thank you for your visit :: have a nice day :: © 2024