1. Key Topics
   1. The Simple Network Management Protocol (SNMP) enables a network device to share information about itself and its activities.
   2. A complete SNMP system consists of the following parts:
      1. SNMP manager:
         1. A network management system that uses SNMP to poll and receive data from any number of network devices. The SNMP manager usually is an application that runs in a central location.
      2. SNMP agent:
         1. A process that runs on the network device being monitored. All types of data are gathered by the device itself and stored in a local database. The agent can then respond to SNMP polls and queries with information from the database, and it can send unsolicited alerts or "traps" to an SNMP manager.
      3. Management Information Base
         1. A collection of information and data that a network device maintains about itself and its operation. MIB variables can be read or written through SNMP.
         2. Object Identifier
            1. A unique string of digits that identifies a variable or a tree of variables in a MIB.
2. Configuration
   1. SNMPv1 & SNMPv2c
      1. Configure RO and RW communities:
         1. Enable the SNMP agent (if not already started), set the read-only community string, and restrict incoming SNMP messages based on the optional referenced IPv4 or IPv6 ACL.
            1. snmp-server community <community_string> ro [ipv6 acl_name] [acl_name]
         2. (Optional) Enable the SNMP agent (if not already started), set the read-write community string, and restrict incoming SNMP messages based on the optional referenced IPv4 or IPv6 ACL.
            1. snmp-server community <community_string> rw [ipv6 acl_name] [acl_name]
         3. (Optional) If referenced by an snmp-server community command, configure an IPv4 or IPv6 ACL
         4. (Optional) Document the location of the device.
            1. snmp-server location <text>
         5. (Optional) Document the person to contact if problems occur
            1. snmp-server contact <contact-name>
      2. Enable the sending of SNMPv2c Trap or Inform messages to an NMS:
         1. Configure the SNMP agent to send either SNMPv2c Traps (default) or Informs to the listed host. Use this command once for each host to which this device should send Traps.
            1. snmp-server host {<hostname> | <ip_address>} [informs] version 2c <notification_community>
         2. Enable the sending of all supported types of Trap and Inform messages.
            1. snmp-server enable traps
   2. SNMPv3
      1. Configure an SNMPv3 Group
         1. snmp-server group
         2. The command takes the following form:
            1. R1(config)# snmp-server group <GroupName> v3 {noauth | auth | priv } write {view_name} access [ipv6] acl_name
      2. Configure one or more SNMPv3 Users that reference the SNMPv3 Group
         1. snmp-server user
         2. The command takes the following form:
            1. R1(config)# snmp-server user <UserName> <GroupName> v3
         3. Parameters in this command must match parameters in the snmp-server group command. Specifically:
            1. If the auth command keyword was chosen
            2. You must set either
            3. auth md5 <password>
            4. auth sha <password>
            5. If the priv command keyword was chosen
            6. You must set either
            7. auth md5 <password>
            8. auth md5 <password>
            9. And either
            10. priv des <keyvalue>
            11. priv 3des <keyvalue>
            12. priv aes <keylength> <keyvalue>
      3. In SNMP, the NMS is considered the client (host), and the managed devices are SNMP servers. Configure an SNMP host to receive SNMP GET messages from, and send SNMP Trap messages to.
         1. snmp-server host
         2. The command takes the following form:
            1. R1(config)# snmp-server host <address> version 3 {noauth | auth | priv } <UserName>
         3. Parameters in this command must match parameters in the snmp-server group and snmp-server user commands. Specifically:
            1. Whichever security level command keyword was chosen in the snmp-server group command must be matched in this command.
            2. If you issued the noauth command keyword in the snmp-server group command, you must also issue it here.
            3. If you issued the auth command keyword in the snmp-server group command, you must also issue it here.
            4. If you issued the priv command keyword in the snmp-server group command, you must also issue it here.
            5. The <UserName> from the snmp-server user command must match between that command and the snmp-server host command.
3. Verifying and Troubleshooting
   1. Lists the community string values, with reference to any attached IPv4 or IPv6 ACLs
      1. show snmp community
   2. Lists the IP address or hostname of the NMS matched to each configured snmp-server host command
      1. show snmp host
   3. Lists information provided by the snmp-server contact command
      1. show snmp contact
   4. Lists information provided by the snmp-server location command
      1. show snmp location
   5. Lists SNMP counter and status information
      1. show snmp
   6. Lists SNMPv3 user information
      1. show snmp user
   7. Lists SNMPv3 group information
      1. show snmp group