How to Configure SNMP Community Strings on a Cisco Switch

Refer to the Cisco Technical Tips Conventions for more information on document conventions.

How To Configure SNMP Community Strings on a Router and a Cisco IOS Software-based XL Catalyst Switch

Enable SNMP Community Strings

This procedure is the same for both routers and Cisco IOS software-based XL Catalyst Switches.

  1. Telnet to the router:

    prompt#telnet 172.16.99.20
    
  2. Enter the enable password at the prompt in order to enter the enable mode:

    Router>enable 
    Password: 
    Router#
  3. Display the running configuration and look for the SNMP information:

    Router#show running-config 
    Building configuration... 
    .... 
    .... 

    Note: If no SNMP information is present, continue with these steps. If any SNMP commands are listed, you can modify or disable them.

  4. Go into the configuration mode:

    Router#configure terminal 
    Enter configuration commands, one per line.  End 
    with CNTL/Z. 
    Router(config)#
  5. Use this command in order to enable the Read-only (RO) community string:

    Router(config)#snmp-server community public RO 

    where "public" is the Read-only community string.

  6. Use this command in order to enable the Read-write (RW) community string:

    Router(config)#snmp-server community private RW

    where "private" is the Read-write community string.

  7. Exit out of the configuration mode and return to the main prompt:

    Router(config)#exit 
    Router#
  8. Write the modified configuration to nonvolatile RAM (NVRAM) to save the settings:

    Router#write memory 
    Building configuration... 
    [OK] 
    Router#

Verify SNMP Community Strings

Here is how to verify SNMP community strings.

  1. Verify that there is TCP/IP connectivity between the Network Management Server (NMS) server and the router:

    C:\>ping 172.16.99.20 
    
    Pinging 172.16.99.20 with 32 bytes of data: 
    Reply from 172.16.99.20: bytes=32 time<10ms TTL=247 
    Reply from 172.16.99.20: bytes=32 time=10ms TTL=247 
    Reply from 172.16.99.20: bytes=32 time<10ms TTL=247 
    Reply from 172.16.99.20: bytes=32 time<10ms TTL=247 
    Ping statistics for 172.16.99.20: 
       Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), 
    Approximate round trip times in milli-seconds: 
       Minimum = 0ms, Maximum =  10ms, Average =  2ms 
    
  2. Telnet to the router:

    prompt# telnet 172.16.99.20
    
  3. Enter the enable password at the prompt in order to enter the enable mode:

    Router>enable 
    Password: 
    Router#
  4. Display the running configuration and look for the SNMP information:

    Router#show running-config 
    .... 
    .... 
    snmp-server community public RO 
    snmp-server community private RW 
    .... 
    ....

    In this sample output, "public" is the read-only community string and "private" is the read-write community string.

    Note: If you do not see any "snmp-server" statements, SNMP is not enabled on the router.

    Alternatively, execute the show snmp command in the enable mode. If you see this message, it also indicates that SNMP is not enabled on the router:

    Router#show snmp 
    %SNMP agent not enabled 
    Router#
  5. Exit out of the enable mode and return to the main prompt:

    Router#disable 
    Router>
    

Modify SNMP Community Strings

Complete these steps in order to modify SNMP community strings.

  1. Telnet to the router:

    prompt# telnet 172.16.99.20
    
  2. Enter the enable password at the prompt in order to enter the enable mode:

    Router>enable 
    Password: 
    Router#
  3. Display the running configuration and look for the SNMP information:

    Router#show running-config 
    
    Building configuration... 
    ... 
    ... 
    snmp-server community public RO snmp-server community private RW 
    .... 
    .... 
    
  4. Go into the configuration mode:

    Router#configure terminal 
    Enter configuration commands, one per line.  End with CNTL/Z. 
    Router(config)#
    • In order to modify the current Read-only (RO) community string:

      1. Delete the current Read-only (RO) community string with this command:

        • Router(config)#no snmp-server community public RO (where "public" is the Read-only community string)

      2. Enter the new Read-only (RO) community string with this command:

        • Router(config)#snmp-server community XXXX RO (where "XXXX" is the Read-only community string)

    • In order to modify the current Read-write (RW) community string:

      1. Delete the current Read-write (RW) community string with this command:

        • Router(config)#no snmp-server community private RW (where "private" is the Read-write community string)

      2. Enter the new Read-write (RW) community string with this command:

        • Router(config)#snmp-server community YYYY RW (where "YYYY" is the Read-write community string)

  5. Exit out of the configuration mode and return to the main prompt:

    Router(config)#exit 
    Router#
  6. Write the modified configuration to nonvolatile RAM (NVRAM) to save the settings:

    Router#write memory 
    Building configuration... 
    [OK] 
    Router#

Disable/Remove SNMP Community Strings

Complete these steps in order to disable or remove SMMP community strings.

  1. Telnet to the router:

    prompt# telnet 172.16.99.20
    
  2. Enter the enable password at the prompt in order to enter the enable mode:

    Router>enable 
    Password: 
    Router#
  3. Display the running configuration and look for the SNMP information:

    Router#show running-config 
    
    Building configuration... 
    ... 
    ... 
    snmp-server community public RO snmp-server community private RW 
    .... 
    .... 
    
  4. Go into the configuration mode:

    Router#configure terminal 
    Enter configuration commands, one per line.  End with CNTL/Z. 
    Router(config)#
  5. In order to disable/remove the current Read-only (RO) community string, use this command:

    Router(config)#no snmp-server community public RO
    

    where "public" is the Read-only community string

  6. In order to disable/remove the current Read-write (RW) community string, use this command:

    Router(config)#no snmp-server community private RW 
    

    where "private" is the Read-write community string

  7. Exit out of the configuration mode and return to the main prompt:

    Router(config)#exit 
    Router#
  8. Write the modified configuration to nonvolatile RAM (NVRAM) to save the settings:

    Router#write memory 
    Building configuration... 
    [OK] 
    Router#

 

For the full article, please refer to Cisco: 

http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a0080094aa4.shtml

 

About us

Panorama9 instantly gives you the full picture of your IT environment and provide you with the tools needed to quickly respond when issues are detected. Patch management, remote control, network discovery, all built into one beautiful and easy-to-use solution.

Try it today, get your free account here.

Last updated:

Comments