Black Box Appliance Trim Kit ET1000A Manual De Usuario
SNMP Configuration
EncrypTight User Guide
317
●
The engine ID identifies the ETEP as a unique SNMP entity. The ETEP’s engine ID must be
configured on every trap recipient before traps can be authenticated and processed by the trap host.
configured on every trap recipient before traps can be authenticated and processed by the trap host.
●
Three security levels are available to control access to the management information: no authentication
and no encryption, authentication and no encryption, and authentication and encryption.
and no encryption, authentication and no encryption, and authentication and encryption.
●
Trap host users define the destination that receives the traps, plus security information about
communication between SNMPv3 entities. Trap host users are defined by a user name, security level,
IP address, and optional authentication and encryption parameters. The ETEP supports IPv4 and IPv6
addresses.
communication between SNMPv3 entities. Trap host users are defined by a user name, security level,
IP address, and optional authentication and encryption parameters. The ETEP supports IPv4 and IPv6
addresses.
In order to exchange messages between an SNMP manager and ETEP agent, both parties have to be
configured with the same user. The manager also has to know the ETEP’s engine ID. If you want to
authenticate communications, the authentication algorithm and authentication key must be known to both
parties. For encryption, two more pieces of information are necessary: the encryption algorithm and
encryption key. The keys are generated from the authentication and encryption passwords.
configured with the same user. The manager also has to know the ETEP’s engine ID. If you want to
authenticate communications, the authentication algorithm and authentication key must be known to both
parties. For encryption, two more pieces of information are necessary: the encryption algorithm and
encryption key. The keys are generated from the authentication and encryption passwords.
Other notes about the SNMPv3 implementation on the ETEP:
●
Traps apply globally to all trap host users. The ETEP does not support trap filtering to individual
hosts.
hosts.
●
The ETEP supports SMNPv3 MIB walks when authentication is enabled (security level set to
authNoPriv or authPriv).
authNoPriv or authPriv).
●
To use SNMPv3 with encryption when in FIPS mode, SNMP traffic for each trap host must be
secured in an IPsec tunnel.
secured in an IPsec tunnel.
When using SNMPv3 on the ETEP, do the following:
1 Configure the system information and community string.
2 Select the traps to enable on the ETEP.
3 Select a method for generating the engine ID.
4 Configure the SNMPv3 trap host users.
2 Select the traps to enable on the ETEP.
3 Select a method for generating the engine ID.
4 Configure the SNMPv3 trap host users.
Figure 110 SNMPv3 Configuration
Related topics:
●
●
●
●
●