The snmp-agent proxy community command creates an SNMP proxy community.
The undo snmp-agent proxy community command deletes an SNMP proxy community.
By default, no SNMP proxy community is configured.
snmp-agent proxy community community-name remote-engineid remote-engineid [ acl { acl-number | acl-name } | alias alias-name ] *
snmp-agent proxy community cipher cipher-name remote-engineid remote-engineid [ acl { acl-number | acl-name } | alias alias-name ] *
undo snmp-agent proxy community community-name
undo snmp-agent proxy community cipher cipher-name
| Parameter | Description | Value |
|---|---|---|
| remote-engineid remote-engineid |
Specifies the engine ID of the managed device. The engine ID of the managed device must be different from the engine ID of the SNMP proxy. |
The value is an integer ranging from 10 to 64. |
| acl |
Indicates that a created community is bound to a basic ACL. The basic ACL defines whether NMSs with specified source IP addresses can access SNMP agents. |
- |
| acl-number |
Specifies the number of a basic ACL. |
The value is an integer ranging from 2000 to 2999. |
| acl-name |
Specifies the name of a named basic ACL. If no matching rule is configured for the referenced ACL, the matching rule is permit by default. |
The value is a string of 1 to 64 case-sensitive characters without spaces. The value must start with a letter (a to z or A to Z, case sensitive). |
| alias alias-name |
Specifies a community alias. The community alias will be saved in simple text format in the configuration file. A community alias must be unique and differs from the community. Only one alias can be configured for a community. |
The value is a string of 1 to 32 case-sensitive characters, spaces not supported. If quotation marks are used at both ends of an entered character sting, you can enter spaces in the character string. |
| cipher community-name |
Specifies the name of an SNMP proxy community. The community-name parameter applies to only SNMPv1 and SNMPv2c entities. |
The value is a string of case-sensitive characters, spaces not supported. The length range depends on whether the complexity check of community names is enabled:
When quotation marks are used around the string, spaces are allowed in the string. |
| cipher cipher-name |
Specifies the name of an SNMP proxy community to be stored in ciphertext.The cipher-name value is displayed in ciphertext, no matter whether you specify it in ciphertext or simple text. |
The value is a string of 1 to 168 characters, spaces not supported. Ciphertext passwords with various lengths configured in an earlier version are also supported in the existing version. |
Usage Scenario
An SNMP community is used to define the relationships between multiple NMSs and a managed device. The community name acts as a password to regulate access to the managed device. An NMS can access a managed device only if the community name carried in the SNMP request sent by the NMS matches the community name configured on the managed device. The snmp-agent proxy community command creates an SNMP community on an SNMP proxy, enabling communication between the NMS and managed device.
Configuration Impact
If a device receives a packet with a null community name, the device drops the packet without filtering the packet based on ACL rules. In addition, the community name error is logged. A device filters a received packet based on ACL rules only if the packet has a valid community name.
Follow-up Procedure
After you run the snmp-agent proxy community command, run the display snmp-agent proxy community command to check SNMPv1 or SNMPv2c proxy community information.
Precautions
The snmp-agent proxy community command applies only to SNMPv1 and SNMPv2c.
After the weak password dictionary maintenance function is enabled, the passwords (which can be queried using the display security weak-password-dictionary command) defined in the weak password dictionary are unavailable.
<HUAWEI> system-view [~HUAWEI] acl 2000 [*HUAWEI-acl4-basic-2000] quit [*HUAWEI] snmp-agent proxy community proxy_public remote-engineid 800007DB03360607111100 acl 2000