Chapter 36 Securing Snmp Access; Establishing Snmp Community Strings; Encryption Of Snmp Community Strings; Adding An Snmp Community String - Dell PowerConnect B-RX Configuration Manual
Bigiron rx series configuration guide v02.8.00
Hide thumbs
Also See for PowerConnect B-RX:
- Configuration manual (1436 pages) ,
- Getting started manual (32 pages) ,
- Installation manual (240 pages)
Table of Contents
Advertisement
Securing SNMP Access
Simple Network Management Protocol (SNMP) is a set of protocols for managing complex
networks. SNMP sends messages, called protocol data units (PDUs), to different parts of a
network. SNMP-compliant devices, called agents, store data about themselves in Management
Information Bases (MIBs) and return this data to the SNMP requesters.
This chapter introduces a few methods used to secure SNMP access to the BigIron RX.
Establishing SNMP community strings
SNMP versions 1 and 2 use community strings to restrict SNMP access. The default passwords for
SNMP access are the SNMP community strings configured on the device:
•
•
You can configure as many additional read-only and read-write community strings as you need. The
number of strings you can configure depends on the memory on the device. There is no practical
limit.
If you delete the startup configuration file, the device automatically re-adds the default "public"
read-only community string the next time you load the software.
Encryption of SNMP community strings
The software automatically encrypts SNMP community strings. Users with read-only access or who
do not have access to management functions in the CLI cannot display the strings. For users with
read-write access, the strings are encrypted in the CLI but are shown in the clear in the Web
management interface.
Encryption is enabled by default. You can disable encryption for individual strings or trap receivers
if desired. See the next section for information about encryption.
Adding an SNMP community string
When you add a community string, you can specify whether the string is encrypted or clear. By
default, the string is encrypted.
To add an encrypted community string, enter commands such as the following.
BigIron RX(config)# snmp-server community private rw
BigIron RX(config)# write memory
The commands add the read-write SNMP community string "private" and saves it.
BigIron RX Series Configuration Guide
53-1002253-01
The default read-only community string is "public". To open an SNMP session, enter "get" and
"public" for the user name and password.
By default, you cannot open a read-write management session. You first must configure a
read-write community string using the CLI. Then you can log on using "set" as the user name
and the read-write community string you configure as the password.
Chapter
36
1013
Advertisement
Table of Contents
