Cisco Wireless LAN Controller Default Simple Network Management Protocol Community Strings
Cisco Wireless LAN Controller Best Practice: Change SNMPv3 Default User
Check the SNMPv3 default user. By default, the controller is configured with a username that
should be disabled or changed.
The following example shows how to verify the SNMPv3 and SNMPv2 default user:
Cisco Wireless LAN Controller Best Practice: Change SNMPv2 Default User
(Cisco Controller) >show snmpv3user
SNMP v3 User Name AccessMode Authentication Encryption
-------------------- ----------- -------------- ----------
default Read/Write HMAC-SHA CFB-AES
To configure SNMPv3 default user:
(Cisco Controller) >config snmp v3user delete default
(Cisco Controller) >config snmp v3user create nondefault rw hmacsha des authkey
Check the SNMPv2 default user. By default, the controller is configured with a username that should be disabled or changed.
The following example shows how to verify the SNMPv2 default user:
(Cisco Controller) >show snmpv2user
SNMP v3 User Name AccessMode Authentication Encryption
-------------------- ----------- -------------- ----------
default Read/Write HMAC-SHA CFB-AES
To configure SNMPv3 default user:
(Cisco Controller) >config snmp v2user delete default
(Cisco Controller) >config snmp v2user create nondefault rw hmacsha des authkey
Note: Ensure that the SNMP settings match between the controller and the Wireless Control
System (WCS)/Network Control System(NCS)/Prime Infrastructure (PI). In addition, use encryption and hash keys that match the security policies.
The Cisco Wireless LAN Controller Configuration Best Practices guide is available at the following URL:
https://www.cisco.com/c/en/us/td/docs/wireless/technology/wlc/8-5/82463-wlc-config-best-practice.html#pgfId-379998from Cisco Security Advisory https://ift.tt/2H9IGqX