Mediant 2000 SIP

To change the only read-write community string from v2admin to v2mgr, take these 4 steps:

1.Follow the procedure above to add a read-write community string to a row for v2mgr.

2.Set up the EM so that subsequent ‘set’ requests use the new community string, v2mgr.

3.If v2admin is being used as the trap community string, follow the procedure to change the trap community string (see below).

4.Follow the procedure above to delete a read-write community name in the row for v2admin.

To change the trap community string, take these 2 steps:

(The following procedure assumes that a row already exists in the srCommunityTable for the new trap community string. The trap community string can be part of the TrapGroup, ReadGroup or ReadWriteGroup. If the trap community string is used solely for sending traps (recommended), it should be made part of the TrapGroup).

1.Add a row to the vacmSecurityToGroupTable with these values: SecurityModel=2, SecurityName=the new trap community string, GroupName=TrapGroup, ReadGroup or ReadWriteGroup. The SecurityModel and SecurityName objects are row indices.

Note: You must add GroupName and RowStatus on the same set.

2. Modify the SecurityName field in the sole row of the snmpTargetParamsTable.

11.6.2Trusted Managers

By default, the agent accepts ‘get’ and ‘set’ requests from any IP address, as long as the correct community string is used in the request. Security can be enhanced via the use of Trusted Managers. A Trusted Manager is an IP address from which the SNMP Agent accepts and processes ‘get’ and ‘set’ requests. An EM can be used to configure up to 5 Trusted Managers.

Note: If Trusted Managers are defined, all community strings work from all Trusted Managers. That is, there is no way to associate a community string with particular trusted managers.

11.6.2.1 Configuration of Trusted Managers via ini File

To set the Trusted Mangers table from start-up, write the following in the ini file:

SNMPTRUSTEDMGR_X = D.D.D.D

where X is any integer between 0 and 4 (0 sets the first table entry, 1 sets the second, and so on), and D is an integer between 0 and 255.

11.6.2.2 Configuration of Trusted Managers via SNMP

To configure Trusted Managers, the EM must use the srCommunityMIB, the snmpTargetMIB and the TGT-ADDRESS-MASK-MIB.

To add the first Trusted Manager, take these 3 steps:

(The following procedure assumes that there is at least one configured read-write community. There are currently no Trusted Managers. The taglist for columns for all srCommunityTable rows are currently empty).

Mediant 2000 SIP User’s Manual

178

Document #: LTRT-72504

Page 178
Image 178
Nortel Networks TP-1610 SIP user manual Trusted Managers, To change the trap community string, take these 2 steps