
Appendix D: SNMP – Simple Network Management Protocol | Symmetricom SNMP Configuration |
D.2 Symmetricom SNMP Configuration
SNMP offers a security authentication scheme that is based on a common password shared by the management station and a group of agents. A group of hosts are known as a community. Any management station or agent can be a member of any combination of communities. Typically a manager will need to change the SNMP community information from Symmetricom’s SNMP agent factory defaults for security purposes. However, the factory default SNMP community settings are chosen to make the Symmetricom SNMP immediately usable. Symmetricom’s SNMP agent recognizes up to five separate SNMP communities. These communities are configured through the serial or Telnet interface using the F100 NTP command, where the “menus” referred to in this section appear. Each community has several configurable parameters that are defined in Table
| Table |
|
|
Key Word | Definition |
|
|
Community | The name of this community. The name is limited to up to 32 ASCII letters, numbers or |
Name | punctuation letters. This is the name that a management SNMP PDU (packet) specifies. If |
| the community name of an incoming PDU does not match any of the five community |
| names, the packet is ignored and an optional authentication trap message can be |
| generated. See traps below. An empty string field disables the community name. |
|
|
Trusted IP | If the Use Trusted IP flag is set to yes, then this is the table of IP host addresses that this |
Address | community recognizes as valid SNMP management hosts. Even if the community name of |
| an incoming PDU matches this community, the source IP address must match one of the |
| IP addresses in this table, or the packet is ignored and an optional authentication error trap |
| message is issued. Setting an IP address to all zeros turns off that IP address entry. In |
| addition, this table also serves as the list of hosts that SNMP trap messages are sent to – |
| regardless of the state of the Use Trusted IP flag. |
|
|
Use | If this flag is set to yes, then the Trusted IP Address table is used in addition to the |
Trusted IP | Community Name for authentication of incoming PDUs). |
|
|
R/W | For a particular community, the SNMP variables are set to read only, or normal SNMP |
Access | access. This allows the manager to have a public known community from which anyone |
| may read the SNMP data base and a separate private community that has full normal read |
| and write access to the SNMP database. |
| Note: SNMP MIB II does not define all variables to be writeable. SNMP variables defined |
| by |
| flag. |
|
|
Trap | When this flag is set to yes, trap messages are issued for this community. |
Enable |
|
| Note: This enables/disables all traps (both coldstart and authentication). |
|
|
Trap Port | A trap port other than the normal SNMP trap port of 162 may be specified. |
| Note: This address must be chosen carefully, or conflicts with other protocols may occur. |
|
|
Save | When any setting is changed, this becomes visible and answering yes immediately saves |
Settings | the changes to Symmetricom’s SNMP. Answering No will negate the changes. |
|
|
TimeVault™ User’s Manual |