0

On Cisco IOS, I'm looking at moving from SNMP v1/2 to v3, which means separate user/password credentials instead of just community strings.

Is it possible to have those user credentials pulled from, and authenticated against, a TACACS or RADIUS server? Or am I stuck statically adding them to the configuration of every switch and router?

Mike Pennington
  • 8,305
  • 9
  • 44
  • 87
Geoff
  • 238
  • 2
  • 4

1 Answers1

1

I'm sorry, but from what I ever see and read, it's not possible at the moment.

radius
  • 9,633
  • 25
  • 45
  • I suspect you're right, and I can see some logic to it: when the monitoring system uses that SNMP Get like a ping, to check if the router is alive, it doesn't want to have to wait for the router to ask a remote server about the credentials. Still, frustrating to move from "insecure" shared, local community strings to... shared, local u/p strings. – Geoff Jun 18 '09 at 15:19