18-2
Cisco IOS Software Configuration Guide for Cisco Aironet Access Points
OL-29225-01
Chapter 18 Configuring SNMP
Understanding SNMP
Understanding SNMP
SNMP is an application-layer protocol that provides a message format for communication between
SNMP managers and agents. The SNMP manager can be part of a network management system (NMS)
such as CiscoWorks. The agent and management information base (MIB) reside on the access point. To
configure SNMP on the access point, you define the relationship between the manager and the agent.
The SNMP agent contains MIB variables whose values the SNMP manager can request or change. A
manager can get a value from an agent or store a value into the agent. The agent gathers data from the
MIB, the repository for information about device parameters and network data. The agent can also
respond to a manager’s requests to get or set data.
An agent can send unsolicited traps to the manager. Traps are messages alerting the SNMP manager to
a condition on the network. Traps can mean improper user authentication, restarts, link status (up or
down), MAC address tracking, closing of a TCP connection, loss of connection to a neighbor, or other
significant events.
This section includes these concepts:
• SNMP Versions, page 18-2
• SNMP Manager Functions, page 18-3
• SNMP Agent Functions, page 18-4
• SNMP Community Strings, page 18-4
• Using SNMP to Access MIB Variables, page 18-4
SNMP Versions
This software release supports these SNMP versions:
• SNMPv1—The Simple Network Management Protocol, a full Internet standard, defined in
RFC 1157.
• SNMPv2C, which has these features:
–
SNMPv2—Version 2 of the Simple Network Management Protocol, a draft Internet standard,
defined in RFCs 1902 through 1907.
–
SNMPv2C—The Community-based Administrative Framework for SNMPv2, an experimental
Internet protocol defined in RFC 1901.
• SNMPv3, which has these features:
–
Support for SHA and MD5 authentication protocols and DES56 encryption.
–
Three security levels: no authentication and no privacy (NoAuthNoPriv), authentication and no
privacy (AuthNoPriv), and authentication and privacy (AuthPriv).
SNMPv3 supports the highest available levels of security for SNMP communication. Community strings
for SNMPv1 and SNMPv2 are stored and transferred as plain text without encryption. In the SNMPv3
security model, SNMP users authenticate and join a user group. Access to system data is restricted based
on the group.
You must configure the SNMP agent to use the version of SNMP supported by the management station.
An agent can communicate with multiple managers; therefore, you can configure the software to support
communications with one management station using the SNMPv3 protocol and another using the
SNMPv2 or SNMPv1 protocol.