System : System > SNMP

Setting Up SNMP Access
SNMP configuration consists of:
Enabling and Configuring SNMP Access
You can use either SNMPv1/v2 for basic functionality, or configure the appliance to use the more extensive SNMPv3 options.
Topics:
Configuring Basic Functionality
1
2
Select the Enable SNMP checkbox. By default, SNMP is disabled.
3
Click Accept. The SNMP information is populated on the SNMP page.
4
To configure the SNMP interface, click on the Configure button. The Configure SNMP dialog is displayed.
5
In the General tab, enter the host name of the Dell SonicWALL security appliance in the System Name field.
6
7
8
9
10
11
Enter the IP address or host name of the SNMP management system receiving SNMP traps in the Host 1 through Host 4 fields. You must configure at least one IP address or host name, but up to four addresses or host names can be used.
12
Click OK.
Configuring SNMPv3 Engine IDs
If SNMPv3 is used, you can configure the SNMPv3 Engine ID and SNMP priority. Configuring the SNMPv3 Engine ID provides maximum security for SNMP management.
To configure SNMPv3 engine IDs:
1
2
Click the Advanced tab.
3
Select the Mandatory Require SNMPv3 checkbox. This disables SNMPv1/v2 and allows only SNMPv3 access, which provides maximum security for SNMP management.
4
Enter the hexadecimal Engine ID number in the Engine ID field. This number will be matched against received SNMP packets to authorize their processing; only packets whose Engine ID matches this number will be processed.
5
Optionally, select the Increase SNMP subsystem priority checkbox.
For efficient system operation, certain operations may take priority over responses to SNMP queries. Enabling this option will cause the SNMP subsystem to always respond and operation at a higher system priority.
6
Click OK. The SNMPv3 security options are now used in processing packets.
Setting up SNMPv3 Groups and Access
SNMPv3 allows you to set up and assign groups and access with differing levels of security. Object IDs are associated with various levels of permissions, and a single view can be assigned to multiple objects. Figure 3 shows how access for groups and users are associated with these different permission levels.
Figure 3. SNMPv3 group and user access
Configuring Object IDs for SNMPv3 Views.
The SNMPv3 Views show access settings for Users or Groups. You create settings for users and groups and these security settings are not User-modifiable. The SNMPv3 View defines the Object IDs (OID) and Object ID Groups, and is sometimes known as the SNMPv3 Access Object.
The SNMP View defines a collection of OIDs and OID groups. The initial set of default views cannot be changed or deleted. The default views reflect the most often used views, such as the root view, system view, IP, interfaces. The OIDs for these views are pre-assigned.
Additionally, you can create a custom view for specific users and groups.
You can modify views you create. You cannot modify the ones the system creates.
To configure OIDs for SNMPv3 views:
1
Navigate to System > SNMP.
2
To add a view, in the View section, click the Add button. The Add SNMP View window displays.
3
Enter a meaningful name in the View Name field. The default name is New SNMP View.
4
Enter an unassigned OID in the OID Associated with the View field.
5
Click Add OID.
The new view appears in the OID List. To delete an OID from the OID List, select the OID and click the Delete button.
6
7
Click OK. The new views are added to the list on the SNMP page.
Creating Groups and Adding Users
Topics:
Creating a Group
1
Navigate to System > SNMP.
2
To create a Group, click the Add Group button under the User/Group table. The Add SNMP Group window displays.
3
Enter a friendly name in the Group Name field. The group name can contain up to 32 alphanumeric characters.
4
Adding Users
1
Navigate to System > SNMP.
2
To add a user, click the Add User button under the User/Group table. The Add SNMP User dialog displays.
3
4
Select a security level from the Security Level drop-down menu:
None (default)
Authentication – Two new options appear:
Authentication Method – Select one of these authentication methods: MD5 or SHA1.
Authentication Key – Enter an authentication key in the field. The key can be any string of 8 to 32 printable characters.
Authentication and Privacy – More options appear:
Authentication Method – See above.
Authentication Key – See above.
Select an encryption method from the Encryption Method drop-down menu: AES or DES.
Enter the encryption key in the Privacy Key field. The key can be any string of 8 to 32 printable characters.
5
Select a group from the Group drop-down menu. The default is *No Group*.
6
Click OK when finished. The user is added to the list and added to the appropriate group (including *No Group*).
Adding Access
SNMPv3 Access is an object that:
Multiple groups can be assigned to the same Access object. An Access object can also have multiple views assigned to it.
To create an access object:
1
Navigate to System > SNMP.
2
Under the Access table, click the Add button. The Add SNMP Access dialog displays.
3
4
From the Read view drop-down menu, select a view from the list of available views.
5
From the Master SNMPv3 Group drop-down menu, select a group from the list of available groups. Access cannot be given to *No Group*.
6
From the Access Security Level drop-down menu, select a security level:
7
Click OK. The Access object is added to the Access table.