Specifying SNMPv3 on AAA Servers

Specifying SNMPv3 on AAA Servers

The vendor/custom attribute cisco-av-pair can be used to specify user’s role mapping using the format:
shell:roles="roleA roleB …" 
 
If the role option in the cisco-av-pair attribute is not set, the default user role is network-operator.

The VSA format optionally specifies your SNMPv3 authentication and privacy protocol attributes also as follows:
shell:roles="roleA roleB..." snmpv3:auth=SHA priv=AES-128  
 
The SNMPv3 authentication protocol options are SHA and MD5. The privacy protocol options are AES-128 and DES. If these options are not specified in the cisco-av-pair attribute on the ACS server, MD5 and DES are used by default.

Copyright 2010-2013, Cisco Systems, Inc. All rights reserved.