Netopia 4000-Series manual Snmp traps, Community strings

9-12 Firmware User Guide

Community strings

The Read-Only Community String and the Read/Write Community String are like passwords that must be used by an SNMP manager querying or configuring the Netopia Firmware Version 5.4. An SNMP manager using the Read-Only Community String can examine statistics and configuration information from the router, but cannot modify the router’s configuration. An SNMP manager using the Read/Write Community String can both examine and modify configuration parameters.

By default, the read-only and read/write community strings are set to public and private, respectively. You should change both of the default community strings to values known only to you and trusted system adminis- trators.

To change a community string, select it and enter a new value.

Setting the Read-Only and Read-Write community strings to the empty string will block all SNMP requests to the router. (The router may still send SNMP Traps if those are properly enabled.)

Previously, if either community string was the empty string, SNMP Requests specifying an empty community string were accepted and processed.

This change is designed to allow the administrator to block SNMP access to the router and to provide more granular control over the allowed SNMP operations to the router.

■Setting only the Read-Write community string to the empty string will block SNMP Set Requests to the router, but Get Requests and Get-Next Requests will still be honored using the Read-Only community string (assuming that is not the empty string).

■Setting only the Read-Onlycommunity string to the empty string will not block Get Requests or Get-Next Requests since those operations (and Set Requests) are still allowed using the (non-empty) Read-Write community string.

Even if you decide not to use SNMP, you should change the community strings. This prevents unauthorized access to the Router through SNMP. For more information on security issues, see “Suggested Security Measures” on page 10-1.

SNMP traps

An SNMP trap is an informational message sent from an SNMP agent (in this case, the Router) to a manager. When a manager receives a trap, it may log the trap as well as generate an alert message of its own.

Standard traps generated by the Netopia Firmware Version 5.4 include the following:

■An authentication failure trap is generated when the router detects an incorrect community string in a received SNMP packet. Authentication Traps Enable must be On for this trap to be generated.

■A cold start trap is generated after the router is reset.

■An interface down trap (ifDown) is generated when one of the router’s interfaces, such as a port, stops functioning or is disabled.

■An interface up trap (ifUp) is generated when one of the router’s interfaces, such as a port, begins functioning.

The Netopia Firmware Version 5.4 sends traps using UDP (for IP networks).

You can specify which SNMP managers are sent the IP traps generated by the Netopia Firmware Version 5.4. Up to eight receivers can be set. You can also review and remove IP traps.