Allied Telesis AT-iMG634 - R2 User's Guide Page 118
- Page / 998
- Table of contents
- BOOKMARKS
Rated. / 5. Based on customer reviews
SNMP SNMP configuration within the SNMPv3 adminis-
iMG/RG Software Reference Manual (System Configuration)
1-86
1.6.1 SNMP configuration within the SNMPv3 administration framework
The SNMPv3 Administration Framework is a configuration infrastructure for SNMPv3 users, but it can also be
used to remotely configure and administer SNMPv1 and SNMPv2c community strings.
The SNMPv3 security administration framework provides a strong authentication mechanism, authorization
with fine granularity, complete access control, security level controls which include two authentication algo-
rithms
1
and an optional privacy protocol, and a MIB document for remote configuration.
1.6.1.1 Security
SNMPv3 provides advanced security mechanisms for protecting against threats to management operations.
These security mechanisms are not new: they are taken from the SNMPv2 Draft Standards. The following sec-
tions describe the potential threats and how SNMPv3 protects against these threats.
SNMPv3 addresses in particular the following four threats:
• MASQUERADE
the masquerade threat is when an unauthorized user attempts to carry out management operations by
assuming the identity of an authorized user. SNMPv3 can verify the identity of the originator of the SNMPv3
message.
• MODIFICATION OF INFORMATION
modification of information is the threat that a user will (by malice or error) alter a message in transit
between the source and the destination, thereby carrying out unauthorized management activity. SNMPv3
can verify that the SNMPv3 message was not altered in transit between the originator and the recipient.
• MESSAGE STREAM MODIFICATION
message stream modification occurs when (by malice or error) management messages are reordered,
replayed, or delayed. SNMPv3 can verify that a received message is timely.
1.6.1.2 Mechanisms used by SNMPv3 security
SNMPv3 security protects against masquerade, modification of information, and message stream modification
by using the Hash-based Message Authentication Code (HMAC) with MD5 Message Digest Algorithm (MD5) in
a symmetric, i.e. private, key mode. MD5, defined in RFC1321, takes “as input a message of arbitrary length and
produces as output a fingerprint or ‘message digest’ of the input.”
• Computes an MD5 hash (H)on the concatenation of
• The shared secret key (K), which has been xored with the hexadecimal value ‘36 ’(ipad),
• The SNMP message (text), which contains zero bytes in the digest field, to produce an intermediate
digest, and
• Computes an MD5 hash on the concatenation of
1. Trivial authentication requiring only a correct user names and strong authentication based on an MD5 hash algorithm.
- Release 3-7-04 1
- Software Reference Manual 1
- Document Issue 1.4 1
- I Introduction 3
- II Intended audience 3
- V Gateway Types 7
- RX 1550 nm 8
- V.V Modular Gateways 9
- VI Supported Products 10
- RG/iMG Models 11
- VII Functional Groupings 12
- VIII Documentation Structure 13
- “ HPNA LAN Module” page 2 14
- “ CES LAN Module” page 8 14
- IX Reason for Update 15
- TABLE i-6 16
- Table of Contents 17
- List of Tables 29
- List of Figures 31
- 1. System Configuration 33
- 1.1.3 File system 37
- File system System Management 39
- System Commands 45
- TEM CONFIG LIST command 54
- 1.2 Webserver 68
- Web pages Webserver 69
- • Configuration save 70
- • Users password settings 70
- 1.3 Emergency 79
- Emergency command reference 81
- 1.4 Software update 86
- 1.4.1 Windows™ Loader 89
- 1.4.3 SwUpdate module 92
- Bootstrap 94
- Field Allowed Values 95
- Start Time 0 0, 6, 12 x x x 97
- 4, 10, 16 x x x 97
- 1.5 ZTC 106
- 1.5.1 Functional blocks 107
- 1.5.2 ZTC Client 108
- LDAP DatabaseZTC Server 110
- DHCP Server 110
- Residential Gateway 110
- ZTC Client ZTC 111
- Abort TFTP 112
- 1.5.3 ZTC command reference 113
- ZTC command reference ZTC 115
- 1.6 SNMP 116
- SNMP Entity 117
- ASQUERADE 118
- ODIFICATION OF INFORMATION 118
- ESSAGE STREAM MODIFICATION 118
- FIGURE 1-15 hmac expression 119
- • Define a notification 128
- AGENT entity is launched 131
- 1.6.6 Examples 137
- 1.6.10 MIB 142
- OID RFC1213 Implementation 143
- SNMP MIB 144
- OID Max-Access Description 147
- 1.6.10.3.1 Private traps 148
- Specific Trap 149
- Description 149
- 2. Switching 151
- Switch commands (Continued) 160
- SWITCH SHOW PORT command 164
- SWITCH SET PRIORITY command 176
- 2.3 BRIDGE 187
- Port based forwarding XXXX XX 190
- Learning X XXXX X X X X 190
- 2.3.4.1 Bridge commands 191
- Bridge commands 191
- Bridge commands (Continued) 192
- ##:##:##:##:##:## 196
- Egress Interfaces: 217
- Mcast Entry Name:MCAST_1 233
- 2.4 VLAN 234
- • Untagged frames 235
- • Priority-tagged frames 235
- • VLAN-tagged frames 235
- TAG header 236
- Overview VLAN 237
- VLAN tagging X XXX X X X X X 242
- VLAN Translations XX X X X 242
- 2.4.4 VLAN command reference 243
- VLAN command reference VLAN 261
- 3.1 IGMP snooping 263
- • Fast Leave Disabled 271
- • Fast Leave Enabled 273
- • First Scenario: 275
- • Second Scenario: 275
- • Time-out interval expiring 276
- 4. IPNetwork Functions 303
- 4.1.5 Unnumbered interfaces 306
- Unnumbered interfaces IP 307
- 4.1.6 Virtual interfaces 308
- 4.1.7 Secondary IP addresses 309
- 4.1.8.2 IP CLI commands 311
- IP CLI commands 311
- IP TCP/IP command reference 312
- IP CLI commands (Continued) 312
- TCP/IP command reference IP 313
- 4.2 Security 359
- 4.2.3 Security interfaces 360
- Security interfaces Security 361
- Scan Attack Description 365
- Dos Attack Description 367
- 4.2.6 Security logging 370
- 4.3 Firewall 407
- 10 (per second) 434
- 4.4.1 Overview 436
- Internet 437
- 4.4.5 NAT command reference 439
- 4.4.5.1.1 NAT ENABLE 440
- 5. System Administration 461
- 5.1.2 DHCP server 462
- 5.1.3 DHCP client 464
- • IP address 465
- • Subnet mask 465
- • Default route (one only) 465
- 5.1.4 DHCP Relay 468
- DHCP server CLI commands 469
- command 482
- DHCPFORCERENEW message to 510
- (e.g 192.168.102.3) 540
- 5.2 Domain name system - DNS 543
- 5.2.1 DNS Relay 544
- 5.2.2 DNS Client 544
- 5.3 SNTP 553
- 5.3.3 SNTP command reference 554
- SNTP command reference SNTP 555
- SNTP SNTP command reference 558
- 6. Voice Service 565
- 6.1.2 Piggyback 566
- 6.1.3 Wildcard 567
- 6.1.4 Heartbeat 567
- 6.1.5 Call Agent Failover 568
- Variable Description 572
- 6.2 VoIP SIP 580
- • A Soft Phone 581
- SIP IP Phone 582
- SIP Server 582
- (or Digital Phone) 582
- • Wildcard 587
- • Subrange 587
- • Position 587
- Option Description 596
- VOIP SIP USER LIST command 615
- VOIP SIP FDB LIST XXXXX X XXX 618
- VOIP SIP FDB SHOW XXXXX X XXX 618
- 6.3 VoIP phone ports 623
- 6.3.1 Port configuration 624
- Codec Notes 628
- • ntt-cw 633
- Commands for VoIP EP 640
- • on VAD enabled 674
- • off VAD disabled 674
- LOGUE LIST command 678
- 6.4.1 QoS 684
- 6.4.2 Media 684
- 6.4.3 DTMF-RELAY 685
- --> voip media show 693
- 7. Quality of Service 697
- • 14 bytes Ethernet header 704
- • Priority Queuing 707
- • WF2Q+ (WF2Qplus) 707
- 1. Scheduler profiles 708
- 7.1.4 ATM QoS Feature 711
- FIGURE 7-6 The ADSL Driver 712
- • Transmit scheduling 713
- • Queue depth limiting 713
- 00000000001 729
- Meter command reference QOS 739
- 7.2.1 Overview 756
- L2filter commands 758
- 8. ADSL Port 771
- 8.2.1 Overview 772
- 8.3 Port a1 775
- Possible values are: 785
- 8.4 Bridge 806
- VID 1 (tagged) a 807
- VID 1 (untagged) 807
- VID 1 (tagged) 807
- 8.4.2 Multiple VLAN support 808
- 8.5 Transports 819
- 8.6 Ethernet 828
- 8.7 PPPoE 832
- PPPoE Overview PPPoE 833
- PPPoE PPPoE command reference 838
- PPPoE command reference PPPoE 839
- 8.8 PPPoA 884
- PPPOA Command 885
- 8.9 RFC1483 921
- 9. Wireless 939
- (single PVC - multi VLANS) 940
- port wireless counters 963
- Possible values: 967
- --> port wireless show 970
- 9.1.6.3 WPA Commands 973
- 10. LAN Module Management 975
- 10.2 HPNA LAN Module 976
- 10.3 HPNA Command Reference 977
- 10.4 CES LAN Module 982
- 10.5.1 Overview 983
- CES commands 984
- 2 and PSPAN-2) 996
Related products and manuals for Gateways/controllers Allied Telesis AT-iMG634 - R2
(2 pages)© 2020, manymanuals.com. All rights reserved. | 2.939 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals