[mrtg] Re: cisco 2500
Adam Augustine
adam_augustine at morinda.com
Thu Aug 23 15:41:25 MEST 2001
Since we are talking security...
The read-write community is not necessary for MRTG and unless you are
setting configuration information via SNMP, you probably shouldn't have the
RW line at all. The trap host is also not necessary to MRTG. If security is
a concern, you want to turn on as little as possible since SNMP is not very
secure at all. The access lists are a very good idea to implement not just
for the SNMP stuff, but also for telnet connections. You probably want to
turn off any web stuff if you have it on.
Good luck,
Adam
-----Original Message-----
From: David Sawyer [mailto:david.sawyer at uk.mckhboc.com]
Sent: Thursday, August 23, 2001 7:08 AM
To: 'Koala Man'; Mabelle A. Baldoz; mrtg at list.ee.ethz.ch
Subject: [mrtg] Re: cisco 2500
> snmp-server community Test RO
> snmp-server host 192.168.0.1 Test snmp
>
You can omit the second line, as that is used for sending traps
MRTG doesn't do traps
> you can running ./cfgmaker Test at router.xx.xx
> you will see result the cfgmaker.
> And you should make and edit mrtg.cfg or what else.
>
To find out how to use cfgmaker and indexmaker read the docs located in the
mrtg\doc folder
If you still have problems then post your query
BTW
To better your security you should add an access-list.
access-list 1 permit 1.1.1.2
access-list 1 permit 1.1.1.3
!
snmp-server community MRTG RO 1
snmp-server community NMS RW 1
snmp-server enable traps snmp
snmp-server host 1.1.1.3 NMS snmp
The above would only allow 1.1.1.2 and 1.1.1.3 to request snmp info.
with the community string MRTG as Read-Only
and NMS for Read-Write
Dave
> Thanks,
>
> --Koala Man --
>
>
----------------------------------------------------------------------------
The information contained in this e-mail is confidential and is intended
only for the named recipient(s). If you are not the intended recipient you
must not copy, distribute, or take any action or reliance on it.
If you have received this e-mail in error, please notify the sender.
Any unauthorised disclosure of the information contained in this e-mail
is strictly prohibited.
----------------------------------------------------------------------------
--
Unsubscribe mailto:mrtg-request at list.ee.ethz.ch?subject=unsubscribe
Archive http://www.ee.ethz.ch/~slist/mrtg
FAQ http://faq.mrtg.org Homepage http://www.mrtg.org
WebAdmin http://www.ee.ethz.ch/~slist/lsg2.cgi
--
Unsubscribe mailto:mrtg-request at list.ee.ethz.ch?subject=unsubscribe
Archive http://www.ee.ethz.ch/~slist/mrtg
FAQ http://faq.mrtg.org Homepage http://www.mrtg.org
WebAdmin http://www.ee.ethz.ch/~slist/lsg2.cgi
More information about the mrtg
mailing list