Symmetricom Time Server Network Card User Manual


 
D-108 TimeVault™ User’s Manual 6000-100AppD.fm Rev. D
Appendix D: SNMP – Simple Network Management Protocol Symmetricom SNMP Configuration
D.2 Symmetricom SNMP Configuration
SNMP offers a security authentication scheme that is based on a common password shared
by the management station and a group of agents. A group of hosts are known as a
community. Any management station or agent can be a member of any combination of
communities. Typically a manager will need to change the SNMP community
information from Symmetricom’s SNMP agent factory defaults for security purposes.
However, the factory default SNMP community settings are chosen to make the
Symmetricom SNMP immediately usable. Symmetricom’s SNMP agent recognizes up to
five separate SNMP communities. These communities are configured through the serial
or Telnet interface using the F100 NTP command, where the “menus” referred to in this
section appear. Each community has several configurable parameters that are defined in
Table D-1.
Table D-1: SNMP Community Configurable Parameters
Key Word Definition
Community
Name
The name of this community. The name is limited to up to 32 ASCII letters, numbers or
punctuation letters. This is the name that a management SNMP PDU (packet) specifies. If
the community name of an incoming PDU does not match any of the five community
names, the packet is ignored and an optional authentication trap message can be
generated. See traps below. An empty string field disables the community name.
Trusted IP
Address
If the Use Trusted IP flag is set to yes, then this is the table of IP host addresses that this
community recognizes as valid SNMP management hosts. Even if the community name of
an incoming PDU matches this community, the source IP address must match one of the
IP addresses in this table, or the packet is ignored and an optional authentication error trap
message is issued. Setting an IP address to all zeros turns off that IP address entry. In
addition, this table also serves as the list of hosts that SNMP trap messages are sent to –
regardless of the state of the Use Trusted IP flag.
Use
Trusted IP
If this flag is set to yes, then the Trusted IP Address table is used in addition to the
Community Name for authentication of incoming PDUs).
R/W
Access
For a particular community, the SNMP variables are set to read only, or normal SNMP
access. This allows the manager to have a public known community from which anyone
may read the SNMP data base and a separate private community that has full normal read
and write access to the SNMP database.
Note: SNMP MIB II does not define all variables to be writeable. SNMP variables defined
by RFC-1213 as read-only remain read-only, regardless of the state of this R/W Access
flag.
Trap
Enable
When this flag is set to yes, trap messages are issued for this community.
Note: This enables/disables all traps (both coldstart and authentication).
Trap Port A trap port other than the normal SNMP trap port of 162 may be specified.
Note: This address must be chosen carefully, or conflicts with other protocols may occur.
Save
Settings
When any setting is changed, this becomes visible and answering yes immediately saves
the changes to Symmetricom’s SNMP. Answering No will negate the changes.