Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

CM 6.3 SNMP Trap - Firewall Modification Required?

Status
Not open for further replies.
keschber

keschber

Technical User
Mar 10, 2010
104
US
I am trying to configure SNMP traps from CM 6.3. I configured the SNMP trap receiver in the CM web gui. I generate a test trap and I don't ever receive it. I am using Wireshark on the NMS machine to make sure the trap is received.

I noticed that in the firewall there is a rule to allos SNMP on UDP 161 but nothign for SNMP trap on UDP 162.

Do I need to modify the firewall to allow SNMP traps outbound from CM?

The firewall help has this to say about modigying firewall rules in CM 6.3.

Use the Firewall SMI page to view the current IPv4 and IPv6 firewall rules. Altering the firewall rules is considered an advanced usage that can only be performed using the command line.
 
Sort by date Sort by votes
the iptables from cdom/cm can be configured there is an Avaya doc on it read the below and just use the iptables command google its usages for Linux or get the doc from the Avaya support site its pretty clear on how to open up ports

Disabled by default
By default, Avaya disables these inherently insecure network services:
●TELNET (TELetype NETwork) does not encrypt data (logins, passwords, or PIN information) sent over the connection between the two required hosts.
●FTP sends information in unencrypted (clear) text, which permits interception by eavesdroppers relatively easily. Also, FTP has no integrity check, meaning that if a file transfer is interrupted, the receiver cannot tell if the transfer is complete.
Note:
Note:If a customer opts to use FTP and/or TELNET, the functionality can be enabled in certain products but is disabled by default.
Avaya products ensure that authentication credentials and file transfers are protected when sent across the network by using:
●Secure Shell (SSH)
●Secure Copy (SCP) or Secure File Transfer Protocol (SFTP)
●SNMP with these stipulations:
●SNMPv3 is the preferred version due to its built-in security mechanism.
●SNMPv1 or v2c, while supported, provide only a limited security capability based on community names:
●The community name for SNMPv1 and SNMPv2c is protected when accessing writable MIBs.
●For read-only MIBs SNMPv1 and SNMPv2c community names are unprotected.
SNMP security secrets (for example, community strings) are customer-administrable.
●Other protocols protected using

APSS (SME)
ACSS (SME)
ACIS (UC)
 
Upvote 0 Downvote
the problem is that I don't have root level access to the command line which is necessary to configure the iptables. [mad]
 
Upvote 0 Downvote
Your maintainer should have as they set the password when they installed the kit

APSS (SME)
ACSS (SME)
ACIS (UC)
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Richard_Harrow
  • Locked
  • Question
Cannot Access The Standby Server At This Time. (CM 6.3)
Replies
2
Views
193
JefferP
JefferP
bignose21
  • Locked
  • Question
SMGR 6.3 Log Viewer
Replies
2
Views
134
bignose21
bignose21
A
  • Question
Export Station Configuration CM 8.x
Replies
6
Views
354
JefferP
JefferP
Spookytooth
  • Locked
  • Question
Export CM 6.3 patch from active duplex server
Replies
4
Views
117
RedTech443
RedTech443
hcmbmt
  • Locked
  • Question
Empty MTA trace for Avaya CM 1
Replies
9
Views
683
hcmbmt
hcmbmt

Part and Inventory Search

Sponsor

Back
Top