3Com 09-1324-000 manual For example, Enable the Snmp service by entering

Page 59

NETBuilder Security 6-23

Modifying SNMP To enable SNMP read/write access, you need to modify two parameters in the Parameters SNMP Service: COMmunity and MANager.

The COMmunity parameter is an SNMP Service parameter that modifies the list of communities. For information on how to use the COMmunity parameter, refer to Using NETBuilder Family Software and to Reference for NETBuilder Family Software.

By default, the community name “ANYCOM” exists with read access to the management information base (MIB) variables and allows unrestricted access to the bridge/router. To ensure that access is available only to the proper system administrator, 3Com recommends that you delete the “ANYCOM” community name, and add the appropriate community string and the IP address of the manager.

To modify SNMP parameters, follow these steps:

1Delete the default community string “ANYCOM” by entering:

DELete -SNMP COMmunity “ANYCOM”

2Configure at least one new community string with read/write access.

For example:

ADD -SNMP COMmunity “private” TRiv RW AL1

3Add other community strings with read-only access as required.

For example:

ADD -SNMP COMmunity “public” TRiv RO AL1

4Create a new manager with read/write access to the NETBuilder bridge/router. For security reasons, limit the number of network management stations.

For example:

ADD -SNMP MANager “private” 129.213.224.1 255.255.0

5Enable the SNMP service by entering:

SETDefault -SNMP CONTrol = (Manage, Trap)

NETBuilder Security NETBuilder security can be obtained many ways including limiting the access to a particular network or by limiting the access to certain files. Limiting access to a particular network can be accomplished by building Internet firewalls. Limiting access to particular files can be accomplished by using certain commands and parameters.

Building Firewalls for A firewall allows users inside a private network to have outbound access, while Security restricting outside users from inbound access. For more conceptual information

about firewall and its capabilities, and details on how to configure firewalls, refer to Using NETBuilder Family Software. For a description and syntax of the various firewall service parameters, refer to Reference for NETBuilder Family Software.

Page 58 Page 60
Image 59
Page 58 Page 60
Contents
New Installation for NETBuilder II Software 95052-8145 3Com CorporationBayfront Plaza Santa Clara, CaliforniaContents CEC 20 System Index 3COM Corporation Limited Warranty Page Introduction About this GuideConvention Description ConventionsList conventions that are used throughout this guide Icon Alerts you toDesignated as drive a OverviewSoftware Installation ChecklistsChange the primary boot source default as needed Install System Software and Boot Refer to ChapterInstall software from a flash memory card Change the Primary Boot Source Refer to Chapter4CHAPTER 1 Overview Memory Card Installing Software and Booting DPE Netbuilder II SystemInstalling Software Performing Initial Boot Booting from the FlashNETBuilder II System Making a BackupFlash Memory CardFollowing these steps Using the BackupFlash Card Format the blank flash memory card in drive B by enteringPage Changes Changing the Boot Source on aUsing the Boot CommandConfiguring Primary Boot SourcePrimary boot source Configuring the Primary Boot Source Page CEC 20 Netbuilder II System Installing Software and BootingCD-ROM drive Installing SoftwareFrom a Network Management StationAt the network management station ProcedureTo see if these daemons are running, enter If you are using a Bourne sh or Korn ksh shell, enterTftp CD-ROM Station PrerequisitesStation Booting aNETBuilder II Image Over the NetworkImage/NBII/SW/101/FF/boot.29k Configuring IP Copying the SoftwareTo a Flash Memory Format the blank flash memory card by entering Enter a routing protocol For example, enable RIP usingPage You are now ready to enter software commands Slot 7 as the primary boot sourceFW/NBII-FW,2.6 Enter 4 to select Primary Boot Source To select NETBuilder software version 10.1 enter Secondary Boot Source Page System Configuring Basic SettingsLogging on to Interface Learning AboutUser Interface Main menu Level 1 is displayed Full-Form Syntax Reference for NETBuilder Family SoftwareAbbreviated Syntax SymbolsSymbolDescription Can be abbreviated to Symbol DescriptionFull and Abbreviated Syntax Examples Determining the Display of Ports and Virtual Ports Variations in Command SyntaxEntering Service Names in Command Lines Can be shortened by abbreviating it toDisplay it first Using AliasesCommand History Substitution Privilege Level Strings Syntax for Assigning ValuesNumeric Values NamesPort and Path Naming Restrictions Media Addresses @22 Asynchronous Transfer Mode ATM addressDecimal. The Dlci identifies a virtual circuit on the Frame An example of a Frame Relay addressNetwork Layer Addresses Addresses are the same 00003333%080002005678 For more information on Internet addresses, subnet masks,Followed by the MAC address Network from all other IPX networks. The following exampleSyntax Description Getting HelpDescribed in Table Level Obtaining NetworkManager Privilege Date PasswordSetting the Time ChangingInformation Setting SystemAdministrator Addresses to a Bridge Assigning Internet Addresses Assigning InternetSETDefault !2 -IP NETaddr = Internet addresses to individual ports using22CHAPTER 6 Configuring Basic Settings Enable the Snmp service by entering 24CHAPTER 6 Configuring Basic Settings TFTP/FTP Server Booting the Netbuilder II CEC a 20 System from the NetworkBooting from a NETBuilder Software on the Unix NMS Enter Q to return to the Primary Boot Source menu Table A-1Additional Tftp Primary Boot Source Parameters Parameter Configuration Token ring port Page Technical Support ServicesService Access by Analog ModemPress Return to see the 3ComForum main menu Access by Digital Modem408 654 2706 or 408 654 3Com Canada Regional Sales Office Telephone Number 3Com Corporation3Com Asia Limited Regional Sales Office Telephone Number 3Com Benelux B.VRegional Sales Office Telephone Number 3Com Mediterraneo Regional Sales Office Telephone Number 3Com Iberia3Com Ireland 3Com Latin AmericaNumerics Indexfirmware 4-6,A-4,A-5 3Com Corporation Limited Warranty
Top Page Image Contents