Cisco-SNMP-v3-Configuration-Example.config

! 4PEG Configuration Template
! http://4peg.com/PlpjFzLtMmn3
!--------------------------------------------------------------------------
! Cisco SNMP v3 Configuration Examples
!--------------------------------------------------------------------------
!
!-------------------------------------------------- 
! IOS Route 
!-------------------------------------------------- 
!--- Access-list defining SNMPv3 servers. 
ip access-list standard [[SNMP-ACL-NAME]]
permit [[SNMP-SERVER-1]]
permit [[SNMP-SERVER-2]]
deny any log 
!
!--persistence for mibs
snmp-server ifindex persist
!
!--- Group creation with read-only privileges. 
snmp-server group [[SNMP-GROUP-NAME]] v3 priv read [[SNMP-VIEW-NAME]] access [[SNMP-ACL-NAME]]
!
!--- Create view for read only access
snmp-server view [[SNMP-VIEW-NAME]] iso included
!
!--- User creation with relevant priv and auth protocols. 
snmp-server user [[SNMP-USER]] [[SNMP-GROUP-NAME]] v3 auth sha [[ROUTER-AUTH-PASSWORD]] priv aes 128 [[ROUTER-PRIV-PASSWORD]] access [[SNMP-ACL-NAME]]
!
!--- Enable SNMP Traps to the relevant servers 
snmp-server host [[SNMP-SERVER-1]] version 3 priv [[SNMP-USER]]
snmp-server host [[SNMP-SERVER-2]] version 3 priv [[SNMP-USER]]
!
!--validate configuration
show snmp group
show snmp user [[SNMP-USER]]
show snmp engineID
!
!-------------------------------------------------- 
! IOS Switch 
!-------------------------------------------------- 
!--- Access-list defining SNMPv3 servers. 
ip access-list standard [[SNMP-ACL-NAME]]
permit [[SNMP-SERVER-1]]
permit [[SNMP-SERVER-2]]
deny any log 
!
!--persistence for mibs
snmp-server ifindex persist
!
!--- Group creation with read-only privileges. 
snmp-server group [[SNMP-GROUP-NAME]] v3 priv read [[SNMP-VIEW-NAME]] access [[SNMP-ACL-NAME]]
!
!--- Create view for read only access
snmp-server view [[SNMP-VIEW-NAME]] iso included
!  
!--- User creation with relevant priv and auth protocols. 
snmp-server user [[SNMP-USER]] [[SNMP-GROUP-NAME]] v3 auth sha [[SWITCH-AUTH-PASSWORD]] priv aes 128 [[SWITCH-PRIV-PASSWORD]] access [[SNMP-ACL-NAME]]
!
!--- Enable SNMP Traps to the relevant servers 
snmp-server host [[SNMP-SERVER-1]] version 3 priv [[SNMP-USER]]
snmp-server host [[SNMP-SERVER-2]] version 3 priv [[SNMP-USER]]
!
!--validate configuration
show snmp group
show snmp user [[SNMP-USER]]
show snmp engineID
!
!-------------------------------------------------- 
! NXOS 
!-------------------------------------------------- 
!--- User creation with relevant priv and auth protocols. 
snmp-server user [[SNMP-USER]] auth sha [[NXOS-AUTH-PASSWORD]] priv aes-128 [[NXOS-PRIV-PASSWORD]]
!
!--- Enable native SNMPv3 agent to conduct auth and priv for new users. 
snmp-server globalEnforcePriv 
!
!-- Apply read-only priviliges to the Users 
snmp-server user [[SNMP-USER]] network-operator 
!
!-------------------------------------------------- 
! ASA 
!-------------------------------------------------- 
!--- New group and user creation 
snmp-server group gp-snmp.monitoring v3 priv 
!
!--- User creation with relevant priv and auth protocols. 
snmp-server user [[SNMP-USER]] [[SNMP-GROUP-NAME]] v3 auth sha [[ASA-AUTH-PASSWORD]] priv aes 128 [[ASA-PRIV-PASSWORD]] 
!
!--- Specify SNMPv3 server source interface. 
snmp-server host [[ASA-SNMP-INTERFACE-NAME]] [[SNMP-SERVER-1]] version 3 [[SNMP-USER]] 
snmp-server host [[ASA-SNMP-INTERFACE-NAME]] [[SNMP-SERVER-2]] version 3 [[SNMP-USER]] 
!
!-------------------------------------------------- 
! WLC (AireOS)
!-------------------------------------------------- 
!---Navigate to management > SNMP > General 
Name:  WLC 
SNMP v3 Mode: Enable 

!---Select SNMPv3 users > new 
User Profile Name:  [[SNMP-USER]]
Access Mode:  Read Only 
Authentication Protocol:  HMAC-SHA 
Auth Password:  [[WLC-AUTH-PASSWORD]]
Privay Protocol:  CFB-AES-128 
Priv Password:  [[WLC-PRIV-PASSWORD]]
User Profile Name:  [[SNMP-USER]]
Access Mode:  Read Only 
Authentication Protocol:  HMAC-SHA 
Auth Password:  [[WLC-AUTH-PASSWORD]]
Privay Protocol:  CFB-AES-128 
Priv Password:  [[WLC-PRIV-PASSWORD]]
!---Apply > Save configuration 
(Reboot)
!