Manualshelf

System information

ManualsBrandsCyclades ManualsNetworkingAlterPath OnBoard
61626364656667686970
Introduction 27
SNMP on the OnBoard
Caution! The snmpd running on OnBoard allows access to proxied data
using the v1 and 2c protocols without the creation of a VPN tunnel, but the
lack of security inherent in these protocols means this option should be used
with caution if it is used at all.
The access method agent which supports version 3 is via a local Net-
SNMP snmp daemon. The proxying of traps is not supported by
Net_SNMP. Forwarding of traps is supported, with filtering by source
address.
If SNMP is used as recommended (by allowing access by agents running
SNMP version 1 or 2c only through a VPN tunnel), no public client is allowed
unauthenticated access to either managed clients or to the OnBoard itself. For
compatibility with other clients, unencrypted transfer of data is possible with
SNMP v3 connections, but unencrypted data transfer is strongly discouraged.
User and group information for v3 connections must be different from the user
and groupnames used for accessing the OnBoard for the following reasons:
To keep the OnBoard user information more secure, since SNMP
usernames and passwords are stored in cleartext in /etc/snmp/
snmpd.conf
To allow different users and groupings to be used for SNMP access.
Caution! Because of the risks in unencrypted data transfer, connections
should be encrypted whenever possible.
The administrator can configure the following:
General information provided by the OnBoard, including location and
contact fields
Who has access to SNMP information
How traps are handled locally
Trap forwarding
OnBoard traps occur on the following types of events:
Interface up/down
PCMCIA card insertion/removal
Power supply events.