You have implemented SNMP v3 in your network. You find after making the configuration changes that technicians in the RESTRICTED group cannot access the MIB. You execute the show run command and receive the following output that relates to SNMP:

Last Updated on August 1, 2021 by Admin 1

300-410 : All Parts

300-410 : Implementing Cisco Enterprise Advanced Routing and Services (ENARSI) : All Parts
300-410 Part 01	300-410 Part 06
300-410 Part 02	300-410 Part 07
300-410 Part 03	300-410 Part 08
300-410 Part 04	300-410 Part 09
300-410 Part 05	300-410 Part 10

You have implemented SNMP v3 in your network. You find after making the configuration changes that technicians in the RESTRICTED group cannot access the MIB. You execute the show run command and receive the following output that relates to SNMP:

What is preventing the RESTRICTED group from viewing the MIB?

the presence of the keyword priv in the command creating the RESTRICTED group
a mismatch between the authentication mechanism and the encryption type in the command creating the RESTRICTED user
the absence of an access list defining the stations that can used by the RESTRICTED group
the presence of the keyword auth in the command creating the RESTRICTED user

Explanation:
At the end of the command creating the RESTRICTED group is the parameter access 99. This indicates that an access list number 99 is being used to specify the allowed IP addresses of the stations that can be used to connect to the MIB for the group. Since the access list is missing from the configuration, no IP addresses will be allowed, and no connections can be made by the group.

The presence of the keyword priv in the command creating the RESTRICTED group is not causing the issue. This keyword indicates that encryption (privacy) and authentication should both be used on all transmissions by the group.

In SMNPv3, there are three combinations of security that can be used:
noAuthNoPriv- no authentication and no encryption noauth keyword in the configuration
AuthNoPriv – messages are authenticated but not encrypted auth keyword in the configuration
AuthPriv – messages are authenticated and encrypted priv keyword in the configuration
There is no mismatch between the authentication mechanism and the encryption type in the command creating the RESTRICTED user.

snmp-server user RESTRICTED RESTRICTED v3 auth sha CISCO priv des56 CISCO

In the preceding command, the section auth sha CISCO specified that messages are authenticated using SHA with a key of CISCO. It does not need to the match the section priv des56 CISCO, which indicates that encryption (priv) will be provided using DES56 with a key of CISCO.

The presence of the keyword auth in the command creating the RESTRICTED user is not causing the issue. This line indicates that that messages are authenticated using SHA with a key of CISCO.

Objective:
Infrastructure Services
Sub-Objective:
Configure and verify SNMP

300-410 : All Parts

300-410 : Implementing Cisco Enterprise Advanced Routing and Services (ENARSI) : All Parts
300-410 Part 01	300-410 Part 06
300-410 Part 02	300-410 Part 07
300-410 Part 03	300-410 Part 08
300-410 Part 04	300-410 Part 09
300-410 Part 05	300-410 Part 10

0 0 votes

Article Rating

0 Comments

Inline Feedbacks

View all comments

You have implemented SNMP v3 in your network. You find after making the configuration changes that technicians in the RESTRICTED group cannot access the MIB. You execute the show run command and receive the following output that relates to SNMP:

What is preventing the RESTRICTED group from viewing the MIB?

You Might Also Like

Configure network access to ContosoKey1. Which users should you identify?

Which of the following forms of authentication are being used? (Choose two.)

An instructor is conducting a highly technical subject with a large media presentation. Just after getting started the bulb blew out on the overhead projector. Which of the following will BEST allow the class to continue without interruption?