Netopia R910 manual SNMP traps, Community strings, Monitoring Tools

Monitoring Tools 12-119

2.Select System Location and enter the router’s physical location (room, floor, building, etc.).

3.Select System Contact and enter the name of the person responsible for maintaining the router.

System Name, System Location, and System Contact set the values returned by the Netopia R910 SNMP agent for the SysName, SysLocation, and SysContact objects, respectively, in the MIB II system group. Although optional, the information you enter in these items can help a system administrator manage the network more efficiently.

Community strings

The Read-Only Community String and the Read/Write Community String are like passwords that must be used by an SNMP manager querying or configuring the Netopia R910. An SNMP manager using the Read-Only Community String can examine statistics and configuration information from the router, but cannot modify the router’s configuration. An SNMP manager using the Read/Write Community String can both examine and modify configuration parameters.

By default, the read-only community string is set to “public” and the read/write community string is blank. You should change both of the default community strings to values known only to you and trusted system adminis- trators.

Setting the Read-Only and Read-Write community strings to the empty string will block all SNMP requests to the router. (The router may still send SNMP Traps if those are properly enabled.)

Previously, if either community string was the empty string, SNMP Requests specifying an empty community string were accepted and processed.

This change is designed to allow the administrator to block SNMP access to the router, and to provide more granular control over the allowed SNMP operations to the router.

■Setting only the Read-Write community string to the empty string will block SNMP Set Requests to the router, but Get Requests and Get-Next Requests will still be honored using the Read-Only community string (assuming that is not the empty string).

■Setting only the Read-Only community string to the empty string will not block Get Requests or Get-Next Requests since those operations (and Set Requests) are still allowed using the (non-empty)Read-Write community string.

To change a community string, select it and enter a new value.

Caution! Even if you decide not to use SNMP, you should change the read-only community string and leave the read/write community string blank. This prevents unauthorized access to the Netopia R910 through SNMP. For more information on security issues, see “Suggested security measures” on page 13-123.

SNMP traps

An SNMP trap is an informational message sent from an SNMP agent (in this case, the Netopia R910) to a manager. When a manager receives a trap, it may log the trap as well as generate an alert message of its own.

Standard traps generated by the Netopia R910 include the following:

■An authentication failure trap is generated when the router detects an incorrect community string in a received SNMP packet. Authentication Traps Enable must be On for this trap to be generated.