VACM Configurations Not Working

Bakshi Gulam Sat, 15 Nov 2014 22:33:57 -0800

Hi All,

I've some problem with configuring VACM. My VACM configurations in
snmpd.conf seems to be not working. Any help on this would be really
appreciated.


Below are my VACM configurations in snmpd.conf. (whole snmpd.conf is
attached with this mail)

# User Creation
createUser noAuthUser
createUser MD5User MD5 "demo-password"
createUser MD5DESUser MD5 "demo-password" DES

#
# Group Specification
#       group-name      sec.model    sec.name
group   ro_group          usm       noAuthUser      # SNMPv3 username
== sec.name
group   ro_group          usm        MD5User
group   rw_group          usm       MD5DESUser

#
# View Specification
#      view-name       incl/excl      subtree               mask
view      all          included        .1
      # default-view which includes the whole MIB tree

view   system_view     excluded        .1
view   system_view     included       system
view   system_view     excluded       sysLocation.0

view   if_view         excluded        .1
view   if_view         included       system
view   if_view         included       ifTable

#
# Access Specification
#       group-name   context   sec.model   sec.level   match
read        write       notif
access  ro_group       ""         usm       noauth     exact
system_view    none        none
access  ro_group       ""         usm        auth      exact
if_view      none        none
access  rw_group       ""         usm        priv      exact
all       if_view      none


I expect noAuthUser to have read access only to system_view (which has
only system sub-tree). But I'm able to read everything (for example,
some object from ifMIB; sysLocation.0 which is excluded; etc) from
whole MIB tree via noAuthUser. Access control restrictions seems to
have no effect. Am I missing anything?


-- 
/////////////////////////
// Bakshi Gulam        //
// http://www.gulam.in //
/////////////////////////

snmpd.conf
Description: Binary data

------------------------------------------------------------------------------
Comprehensive Server Monitoring with Site24x7.
Monitor 10 servers for $9/Month.
Get alerted through email, SMS, voice calls or mobile push notifications.
Take corrective actions from your mobile device.
http://pubads.g.doubleclick.net/gampad/clk?id=154624111&iu=/4140/ostg.clktrk

_______________________________________________
Net-snmp-users mailing list
[email protected]
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users

VACM Configurations Not Working

Reply via email to