Reference Manual for the ProSafe Network Management System NMS100

SNMP Device Access Control List

Many SNMP devices have an Access Control List (ACL). An ACL is a list of IP addresses from which the device accepts SNMP requests. This is a vendor-specific security feature that is configured at the device using a terminal or Telnet session. At a minimum, you need to go to each Discovery Seed device and check if it has an ACL and that your ProSafe NMS system address is in the list. For complete network discovery you must add your system address to any ACLs in your network.

Firewalls Block SNMP Operations

Many networks use firewall devices to stop unauthorized intrusions. It is very usual for firewalls to block SNMP traffic because SNMP operations can shut down and reconfigure devices. If you have any firewalls in your network you need to make sure that your ProSafe NMS system can send and receive SNMP operations through the firewalls. This is normally done with a protocol filter in combination with an Access Control List (ACL). Firewall configuration is done with a terminal or Telnet session.

Not Enough Seeds

ProSafe NMS uses a combination of downloaded seed device information (address, routing, ARP tables) and broadcasts to discover devices. However, many devices inhibit broadcasts to networks outside of your LAN (subnet directed broadcasts). To get around this problem you need to add more seed addresses for routers around your network.

1.Use the Config/Discovery-Polling menu.

2.Select your system address in the agents list.

3.Click the Seeds tab.

4.For each new seed, enter the IP Address and Subnet mask in the supplied edit boxes and click Add.

5.Click the General tab and then the Restart button.

6.Click the OK button. There is no need to reset the map in this case.

5-4

Troubleshooting and Advanced Configuration

September 2004 202-10058-01

Page 52
Image 52
NETGEAR NMS100 manual Snmp Device Access Control List, Firewalls Block Snmp Operations, Not Enough Seeds