SNMPv2 is the original and most commonly used version.
For authorizing clients, SNMP uses the concept of communities.
Communities may have authorization set to read only (this is most common) or to read and write (this option is not actively used in VyOS).
SNMP can work synchronously or asynchronously. In synchronous communication, the monitoring system queries the router periodically. In asynchronous, the router sends notification to the "trap" (the monitoring host).
SNMPv2 does not support any authentication mechanisms, other than client source address, so you should specify addresses of clients allowed to monitor the router. Note that SNMPv2 also supports no encryption and always sends data in plain text.
# Define a community set service snmp community routers authorization ro # Allow monitoring access from the entire network set service snmp community routers network 192.0.2.0/24 # Allow monitoring access from specific addresses set service snmp community routers client 203.0.113.10 set service snmp community routers client 203.0.113.20 ## Define router information set service snmp location "UK, London" set service snmp contact "email@example.com" ## Trap target if you want asynchronous communication set service snmp trap-target 203.0.113.10