DL manuals
Lantronix
Server
ETS
Reference Manual

Lantronix ETS Reference Manual - 4.7.3 Snmp Security

Other manuals for ETS: Installation Manual

Manual is about: ETS For the Lantronix ETS Family of Multiport Device Servers

Page of 312

Download

Print this page

Bookmark us

Event Logging

Server Configuration

4-18

4.7.2.1 Using the Security Table

There are two basic rules for checking a TCP/IP connection for legality. First, a more specific rule takes

precedence over a less specific one. For example, if connections to 192.0.1.255. are disabled but

connections to 192.0.1.78 are enabled, a connection to 192.0.1.78 will succeed. Second, in the absence of

any rule that restricts a connection, access is allowed. If this behavior is not desired, include an entry of the

following form:

Figure 4-37: Setting IPsecurity

This is the least specific rule in the table, and will ensure that connections fail unless otherwise allowed by

another entry (recall that all ports are included in the rule by default).

If no entries are defined in the table, all connection attempts will succeed. Also, if the connecting user has

privileged status, the connection will be allowed regardless of the entries in the table.

Note:

Managers should try enabling and disabling certain addresses on their local

network to see what they can and cannot do if they are unclear as to the rules on

the use of the security table.

4.7.3 SNMP Security

Since SNMP can be used to change ETS settings, a way to prevent unauthorized Set commands is needed.

The ETS provides a security mechanism for restricting SNMP access to the unit that is linked to the SNMP

community name used. To prevent easy access to the allowed community names, the Show SNMP and List

SNMP commands are restricted to privileged users.

SNMP configuration requires a community name and an access type: Readonly, Both (read and write), or

None. Clearing an SNMP entry requires that you enter either a community name to remove or the All

parameter to clear the entire table. SNMP queries or Set requests that are not permitted are sent an error

reply specifying the problem. See Set/Define SNMP on page 12-98 for more information.

4.8 Event Logging

The ETS can be configured to report various events either to a serial port on the ETS or to a remote host.

The latter can be done within the TCP/IP, LAT, or NetWare protocols. TCP/IP messages will be sent to the

syslogd daemon on the host, while LAT and NetWare messages will be echoed to the console of the host/

fileserver. LAT logging requires installing the Lantronix-supplied logging program on the LAT host.

Configuring event logging requires three steps—configuring the host types, setting the host to which the

information will be reported, and configuring which class(es) of events will be logged.

Note:

Classes can be individually enabled and disabled, and multiple classes of events

can be logged.

4.8.1 Configuring Host Types

Host types must be configured as follows:

Local> SET IPSECURITY 255.255.255.255 IN DISABLED OUT DISABLED

« ‹ Prev 67 68 69 70 71 72 73 Next › »