ModSnmp Manual v3.14 - 3.1. Defining SNMP Users

Download manual: PDF HTML

3.1. Defining SNMP Users

The Add User page enables you to define the users that are allowed SNMP access.

SNMPv3 uses the User-based Security Model (USM) to authenticate users, and optionally encrypt the data in SNMP messages.

SNMPv1 and SNMPv2c use "community strings" instead of users, and do not support authentication or encryption. If you define a user without authentication, then ModSnmp will allow that user's name to be used as a community string in v1 and v2c messages.

To add an SNMP user, enter the following data and then click Apply:

  • Name. Enter the name of the user (for SNMPv3), or the community string (for SNMPv2c or SNMPv1).

  • Authentication Protocol. Select the authentication protocol to be used. Select None if the Name is to be used as a community string.

  • Authentication Passphrase. Enter the authentication passphrase. The passphrase is used to generate an authentication key, and is then discarded.

  • Privacy Protocol. Select the method to be used to encrypt SNMP messages.

  • Privacy Passphrase. Enter the privacy passphrase. The passphrase is used to generate an encryption key, and is then discarded.

  • Authorization. Select the Allow Write checkbox if this user is to be allowed to write to Modbus registers.

Note that it is a requirement of the SNMP standard that, for security reasons, passphrases are not stored. If you want to change a passphrase, you should delete and re-add the user.