Configuring an SNMP user on a GS-3xxx series switch with LCOS SX 4.xx (SNMPv3)

Description:

This article describes how to configure an SNMP user on a GS-3xxx series switch with LCOS SX 4.xx and monitor the switch with the LANmonitor via SNMPv3. Of course It is also possible to use any other monitoring tool which supports SNMPv3.

Requirements:

• LCOS SX as of version 4.00 Rel (download latest version)
• LANmonitor as of version 10.50 Rel (download latest version) 
• Any web browser for accessing the webinterface 

Procedure:

1) Configuring the SNMP user on the Switch:

1.1) Open the webinterface of the device, go to the menu SNMP → Configuration and for Mode click on the slider off to activate SNMP.

Screenshot of a network management interface showing SNMP configuration options with public and private community settings disabled.

1.2) Click Apply afterwards.

Image of an SNMP configuration menu displaying settings for ReadCommunity as 'public' and WriteCommunity as 'private', both set to disabled.

1.3) Go to the menu SNMP → SNMPv3 → Users and click Add New Entry to create an SNMP user.

Screenshot of a network management interface showing various configuration options including SNMP settings, VLAN management, Quality of Service, and access control features.

1.4) Modify the following parameters and click Apply:

• User Name: Enter a descriptive user name (in this example SNMP-User).
• Security Level: In the dropdown menu select the option Auth, Priv. This makes authentication via login credentials mandatory (Auth) and the data transfer is encrypted (Priv).
• Authentication Protocol: Make sure, that the option SHA-256 is selected.
• Authentication Password: Enter a password for the authentication. In conjunction with the user name it is used for the login. The password must have between 8 to 64 characters and the allowed character set ranges from ASCII numbers 33 to 126.
• Privacy Protocol: In the dropdown menu select the option AES-256.
• Privacy Password: Enter the same password entered for the Authentication Password. It is used for data encryption. The password must have between 8 to 64 characters and the allowed character set ranges from ASCII numbers 33 to 126.

Screenshot of an SNMP user configuration interface showing options for user security, authentication level, authentication protocol, privacy protocol, and the ability to add or delete user entries.

1.5) Go to the menu SNMP → SNMPv3 → Groups and click on Add New Entry to create an SNMP group.

Screenshot of a network management system's configuration menu displaying options for SNMP, VLAN, PoE, QoS, Spanning Tree, and security settings.

1.6) Modify the following parameters and click Apply:

• Security Model: In the dropdown menu select the option usm. USM (User-based Security Model) is only used for SNMPv3.
• User Name: Make sure, that the SNMP user created in step 1.4) is selected.
• Group Name: Enter a descriptive name for the SNMP group.

Screenshot of a SNMP vGroup configuration menu with options to delete security models, user names, and group names.

1.7) Go to the menu SNMP → SNMPv3 → View and click on Add New Entry to create an SNMP view. 

Screenshot of a network management software interface showing various configuration options such as SNMP settings, PoE management, VLAN management, and access control settings.

1.8) Modify the following parameters and click Apply:

• View Name: Enter a descriptive name for the SNMP view.
• View Type: In the dropdown menu select the option included.
• OID Subtree: Enter the string .1.3. The OID path of LANCOM devices begins with this string. 

Screenshot of an SNMP View Configuration interface showing options to delete views with columns labeled ViewName, ViewType, and OIDSubtree.

1.9) Go to the menu SNMP → SNMPv3 → Access and click on Add New Entry to create the SNMP access.

Screenshot of a network management interface showing various configuration options including SNMP access, VLAN management, PoE settings, security configurations, and spanning tree adjustments.

1.10) Modify the following parameters and click Apply:

• Group Name: Make sure, that the SNMP group created in step 1.6) is selected.
• Security Model: In the dropdown menu select the option usm.
• Security Level: In the dopdown menu select the option Auth, Priv.
• Read View Name: Make sure, that the SNMP view created in step 1.8) is selected.  
• Write View Name: Make sure, that the SNMP view created in step 1.8) is selected.  

Screenshot of an SNMP access configuration interface with options to delete or add new entries, showing fields like Group Name, Security Model, Security Level, Read View Name, and Write View Name.

1.11) Click on the disk symbol in the upper right corner to save the configuration as the start configuration .

Image of a LANCOM AutoLogout feature on a user interface, showing partial configuration options.

1.12) Acknowledge the save process by clicking OK .

Screenshot of a configuration menu displaying a prompt asking if the user wants to save the running configuration to the startup config.

2) Monitoring the switch via LANmonitor:

2.1) Connect to the switch via the LANmonitor, make sure, that the protocol SNMP3 is selected and enter the login credentials for the SNMP user entered in step 1.4). 

Screenshot of a technical user interface displaying missing login data error and options to enter credentials alongside details about network protocols and data transmission security settings.

2.2) The switch can now be monitored via the LANmonitor and various status information can be read out. If write permissions are given, individual ports can be deactivated and reactivated, for example.

An image displaying a user interface for configuring Gigabit Ethernet ports, local networks, and monitoring system information with SNMPv3 encryption.