Filter
Top Products
Performing Basic Configuration
Recommended basic security measures
APX 8000/MAX TNT/DSLTNT Physical Interface Configuration Guide Preliminary May 9, 2000 1-11
Following are the parameters related to SNMP security:
SNMP
enabled = no
read-community = public
read-write-community = write
enforce-address-security = no
read-access-hosts = [ 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 ]
write-access-hosts = [ 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 ]
contact = ""
location = ""
queue-depth = 0
Enabling SNMP in the TAOS unit
If you leave the Enabled parameter in the SNMP profile set to No (the default), SNMP utilities
cannot access the TAOS unit. The following commands enable SNMP on a unit:
admin> read SNMP
SNMP read
admin>
set enabled = yes
admin> write
SNMP written
Setting community strings
You can specify up to 32 characters as the Read-Write-Community string. The following
example changes the default community strings:
admin> read snmp
SNMP read
admin>
list
enabled = yes
read-community = ******
read-write-community = *****
enforce-address-security = no
read-access-hosts = [ 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 ]
write-access-hosts = [ 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 ]
contact = ""
location = here
queue-depth = 0
admin>
set read-community = private
admin> set read-write-community = secret
admin> write
SNMP written
Setting up address security
If the Enforce-Address-Security parameter is set to No (its default value), any SNMP manager
that presents the correct community name is allowed access. If the parameter is set to Yes, the
TAOS unit checks the source IP address of the SNMP manager and allows access only to those
IP addresses listed in the Read-Access-Host and Write-Access-Host arrays. Each array can
include up to five host addresses.