SNMP
SNMP is a network monitoring protocol, which enables a single server to monitor one or more networks, including all network equipment like routers and firewalls. Ingate Firewall supports SNMP and can accordingly be monitored automatically.
The monitoring signaling consists of two main parts. The SNMP server sends requests to the firewall, which replies with a list of network parameters and their values for the firewall. The firewall can also send messages (traps) without the server prompting, when someone sends a request without valid authentication and when the firewall boots.
The Ingate Firewall can only send parameters to the server; no changes of configuration can be made through SNMP requests.
For more information about SNMP, read RFC 1157.
General
Here, decide whether the SNMP signaling should be activated. You can also enter contact information for the firewall.
The firewall IP address to respond to SNMP requests
Enter the IP address of the firewall to which the SNMP servers should direct their requests. Select from the addresses defined on the Interface pages under Network.
Servers allowed to contact the firewall via SNMP
Select the SNMP server(s) which are allowed to contact the firewall. You select from the network groups defined on the Networks and Computers page under Network.
Contact person
Enter the name of the contact person for this Ingate Firewall. This information is sent with the parameter list as reply to an SNMP request from the server.
Node location
Enter the location of the firewall. This information is sent with the parameter list as reply to an SNMP request from the server.
SNMP v1 and v2c
In SNMP version 1 and 2c, the authentication is managed through an unencrypted password, a community. Here, you select if the firewall should accept access via v1 or v2c, and enter the valid communities.
Access via SNMPv1 and SNMPv2c
Select if access via SNMP version 1 or 2c (using communities as the autentication method) should be On or Off.
Community
Enter a password. Note that this password is stored unencrypted.
Delete row
If you select this box, the row is deleted when you click on Add new rows, Save, or Look up all IP addresses again.
Add new rows
Enter the number of new rows you want to add to the table, and then click on Add new rows.
SNMP v3
In SNMP version 3, the authentication is managed through the server sending a username and an (in most cases) encrypted password to the firewall, which verifies the validity of them.
Here, you select if the firewall should accept access via v3, and select the authentication and encryption used for the SNMP reuqests.
Access via SNMPv3
Select if access via SNMP version 3 (using usernames and encrypted passwords as the autentication method) should be On or Off.
User
Enter a username which the server should use when contacting the firewall.
Password
Press the Change password button to enter a password for this user.
Authentication
Select the authentication algorithm to use for SNMP requests. Ingate Firewall supports the MD5 and SHA-1 algorithms.
Privacy
Select whether the SNMP request should be encrypted using DES or not encrypted at all.
Delete row
If you select this box, the row is deleted when you click on Add new rows, Save, or Look up all IP addresses again.
Add new rows
Enter the number of new rows you want to add to the table, and then click on Add new rows.
SNMP traps
If SNMP traps status is On, the firewall will send messages (traps) to the server(s) entered below whenever an SNMP authentication fails or the firewall boots.
If the trap sending is disabled, no traps will be sent.
Trap sending
Select if trap sending (at boot and failed SNMP authentication) should be On or Off.
Trap receiver
Enter the IP address, or a name in the DNS, of the server to which the firewall should send traps. If you enter a DNS name instead of an IP address, you must enter the IP address of a DNS server on the Basic Configuration page.
IP address shows the IP address of the DNS name or IP address you entered in the previous field.
Community
Enter the password (community) which the firewall should use when sending traps. The community is sent unencrypted over the network.
Version
Select the SNMP version to be used for traps. You can select v1 or v2c.
Delete row
If you select this box, the row is deleted when you click on Add new rows, Save, or Look up all IP addresses again.
Add new rows
Enter the number of new rows you want to add to the table, and then click on Add new rows.
Save
Saves the SNMP configuration to the preliminary configuration.
Undo
Reverts all of the above fields to their previous configuration.
Look up all IP addresses again
Looks up the IP addresses for all DNS names on this page in the DNS servers you entered on the Basic Configuration page.
Download the Ingate Systems MIB
This link leads to the MIB (Management Information Base) definition for your Ingate Firewall.