Manualshelf

User guide

ManualsBrandsAllied Telesis ManualsComputer equipmentAT-iMG634 - R2
111112113114115116117118119120
SNMP SNMP configuration within the SNMPv3 adminis-
iMG/RG Software Reference Manual (System Configuration)
1-88
When an SNMP agent receives a message, it verifies that the received message is timely by comparing the time
value inside the packet with the current time. If the time value from the packet is within a “safe”window of the
actual current time, the packet is accepted. If the time value from the packet is not within the specified window,
a Report PDU containing the agent’s notion of current time is transmitted to the sender of the received packet,
and the agent discards the received packet.
If the original message was authentic, then the sender of the original message has the ability to resend the
request. The sender of the original message will update its notion of the SNMP agent’s time using the time value
from the Report PDU. Then, the HMAC calculations will be performed again to obtain the digest for the same
request packet containing an updated time value.
If the original message was the result of message stream modification, and if the shared secret key has not been
compromised, then the sender would not find the time value from the Report PDU to be useful. Without the
secret key, the packet digest cannot be correctly recalculated.
1.6.1.3 Local configuration datastore
SNMP configuration information must be stored locally on the gateway filesystem in a plain ASCII text file
named snmpd.cnf.
It's possible upload such file via a ftp session (using the ftp daemon facility available on the Residential Gateway)
or via the swupdate feature.
1.6.1.4 Configuration file format
Each line of the configuration file has the format <TAG> <VALUE> where <TAG> is a keyword and <VALUE>
is a valid configuration value.
Entries may be continued across multiple lines by using a backslash ( \). White space (tabs, spaces, line-feeds/
carriage-returns) and blank lines in the file are ignored. Values that are strings containing white space must be
delimited with quotation marks (").
1.6.1.5 Configuration for all SNMPv3 entities
1.6.1.5.1 Configuring SNMPv3 users
Configuration for at least one SNMPv3 user must be provided for an SNMP engine to send or receive SNMPv3
messages on behalf of certain SNMP applications.
To configure an SNMPv3 user, add an usmUserEntry definition in the snmpd.cnf file accordingly the fol-
lowing syntax:
usmUserEntry <usmUserEngineID> <usmUserName> <usmUserAuthProtocol>
<usmUserStorageType> <usmTargetTag> <AuthKey>