< Home

snmp-agent packet contextengineid-check enable

Function

The snmp-agent packet contextengineid-check enable command enables the device to check consistency between the contextEngineID on the NMS and the local engine ID.

The undo snmp-agent packet contextengineid-check enable command disables the device from checking consistency between the contextEngineID on the NMS and the local engine ID.

By default, the device does not check consistency between the contextEngineID on the NMS and the local engine ID.

Format

snmp-agent packet contextengineid-check enable

undo snmp-agent packet contextengineid-check enable

Parameters

None

Views

System view

Default Level

3: Management level

Usage Guidelines

Usage Scenario

If the device does not check consistency between the contextEngineID on the NMS and the local engine ID, the NMS can connect to the device even if the contextEngineID is different from the local engine ID.

To improve system security, run the snmp-agent packet contextengineid-check enable command to enable the device to check consistency between the contextEngineID on the NMS and the local engine ID.

Configuration Impact

After this function is enabled, an NMS cannot connect to the device if the contextEngineID on the NMS is different from the local engine ID.

Precautions

This consistency check function applies only to SNMPv3.

Example

# Enable the consistency check between the contextEngineID and local engine ID.

<HUAWEI> system-view
[HUAWEI] snmp-agent packet contextengineid-check enable
Parent Topic: SNMP Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >