Netopia 4000-Series Network Router User Manual


 
9-12 Firmware User Guide
Community strings
The Read-Only Community String and the Read/Write Community String are like passwords that must be used
by an SNMP manager querying or configuring the Netopia Firmware Version 5.4. An SNMP manager using the
Read-Only Community String can examine statistics and configuration information from the router, but cannot
modify the router’s configuration. An SNMP manager using the Read/Write Community String can both
examine and modify configuration parameters.
By default, the read-only and read/write community strings are set to public and private, respectively. You
should change both of the default community strings to values known only to you and trusted system adminis-
trators.
To change a community string, select it and enter a new value.
Setting the Read-Only and Read-Write community strings to the empty string will block all SNMP requests to the
router. (The router may still send SNMP Traps if those are properly enabled.)
Previously, if either community string was the empty string, SNMP Requests specifying an empty community
string were accepted and processed.
This change is designed to allow the administrator to block SNMP access to the router and to provide more
granular control over the allowed SNMP operations to the router.
Setting only the Read-Write community string to the empty string will block SNMP Set Requests to the
router, but Get Requests and Get-Next Requests will still be honored using the Read-Only community string
(assuming that is not the empty string).
Setting only the Read-Only community string to the empty string will not block Get Requests or Get-Next
Requests since those operations (and Set Requests) are still allowed using the (non-empty) Read-Write
community string.
Even if you decide not to use SNMP, you should change the community strings. This prevents unauthorized
access to the Router through SNMP. For more information on security issues, see “Suggested Security
Measures” on page 10-1.
SNMP traps
An SNMP trap is an informational message sent from an SNMP agent (in this case, the Router) to a manager.
When a manager receives a trap, it may log the trap as well as generate an alert message of its own.
Standard traps generated by the Netopia Firmware Version 5.4 include the following:
An authentication failure trap is generated when the router detects an incorrect community string in a
received SNMP packet. Authentication Traps Enable must be On for this trap to be generated.
A cold start trap is generated after the router is reset.
An interface down trap (ifDown) is generated when one of the router’s interfaces, such as a port, stops
functioning or is disabled.
An interface up trap (ifUp) is generated when one of the router’s interfaces, such as a port, begins
functioning.
The Netopia Firmware Version 5.4 sends traps using UDP (for IP networks).
You can specify which SNMP managers are sent the IP traps generated by the Netopia Firmware Version 5.4. Up
to eight receivers can be set. You can also review and remove IP traps.