Blog
You are here: / / / Configuring SNMPv3 in SonicOS

Configuring SNMPv3 in SonicOS

Article Applies To:

Gen6 SM E10000 series: NSA E10800, NSA E10400, NSA E10200, NSA E10100

Gen6 SM 9000 series: NSA 9600, NSA 9400, NSA 9200

Gen6 NSA Series: NSA 6600, NSA 5600, NSA 4600, NSA 3600, NSA 2600

Gen5 NSA E-Class series: NSA E8510, E8500, NSA E7500, NSA E6500, NSA E5500

Gen5 NSA series: NSA 5000, NSA 4500, NSA 3500, NSA 2400, NSA 2400 MX, NSA 240, NSA 220, NSA 220 /W. NSA 250M, NSA 250M /W.

Gen5 TZ Series: TZ 215, TZ 215 W, TZ 210, TZ 210 W,  TZ 205, TZ 205 W, TZ 200, TZ 200 W, TZ 105, TZ 105 W, TZ 100, TZ 100 W

Firmware/Software Version: SonicOS 5.9 & above and SonicOS 6.1 & above

Services: SNMPv3 (SNMP version 3)

Feature/Application:

Simple Network Management Protocol Version 3 (SNMPv3) is an interoperable Standards- based protocol for network management. SNMPv3 provides secure access to device by a combination of authenticating and encrypting packets over the network.

As a result, the security features provided in SNMPv3 are:

Message integrity—Ensuring that a packet has not been tampered with in-transit

Authentication—Determining the message is from a valid source

Encryption—Scrambling the contents of a packet prevent it from being seen by an unauthorized source

Before SNMPv3, all data was transmitted in the clear and subject to monitoring and alteration by unauthorized users. v3 supports various encryption methods. We recommend users never use DES 56-bit encryption as this is very easy to decrypt. AES 128-bit is the preferred method.

Feature Functions

–Support USM (User-based Security Model, RFC3414) for SNMPv3

–Support View-Based Access Control Model (VACM, RFC3415) for SNMPv3

–Support Administrative Framework (RFC3411) for SNMPv3

Feature Limitations 

–Does not support notification destinations

–Does not support proxy relationships

–Does not support remotely configurable via SNMP operations

Procedure:

Step 1: First, configure SNMP in SonicWALL device

Step 3: Next, configure SNMP & add SonicWALL unit in PRTG Monitoring software

Step 1: Configure SNMP in SonicWALL device

  • Enable SNMP and configure SNMP parameters

Please login to the SonicWALL Management GUI as admin.

  • Navigate to System -> SNMP.
  • Check the box Enable SNMP.
  • Click in the Configurebutton and supply the parameters for SNMP or keep the default for general configuration.
  • Click OK
  • Click Applybutton on the top of the page.

For the SNMP functionality, the Community name should be the same in the SonicWALL and the SNMP monitoring software

  • Creating SNMP User, Group & Access

>> Adding User with Group

Please login to the SonicWALL Management GUI as admin.

Navigate to System -> SNMP, Click Add User button under Users/Group

  • User Name: User1(Type any friendly name which you would like to use for SNMP)
  • Security Level:Authentication and Privacy (Select the level which you would like to use)
  • Authentication Method: MD5(Select the method which you would like to use)
  • Authentication Key: user12345( type the key which you would like to use But it should be more than 8 characters)
  • Encryption Method: DES(Select the method which you would like to use)
  • Privacy Key: password123(type any key which you would like to use)
  • Group: SNMP Group(Select the group which you would like to add this user)
  • Click the OKbutton on the top of the page.

>> Creating Access for SNMP

Please login to the SonicWALL Management GUI as admin.

Navigate to System -> SNMP, Click Add button under Access

  • Access Name: New SNMP Access(Type any name which you would like to use)
  • Read View: root
  • Master SNMPv3 Group: SNMP Group(Select any group which you would like to use)
  • Access Security Level: Authentication and Privacy(Select the level of security for SNMP)
  • Click OKbutton to save the access.

 Enable SNMP on the SonicWALL interface

Please login to the SonicWALL Management GUI as admin.

Navigate to Network > Interfaces and click on the configure button in front of the LAN & WAN interface.

>> LAN Interface (X0): 

  • In the ‘Management’ section of Edit X0 interface window, check the ‘SNMP’ box.
  • Click the ‘OK’ button.

>> WAN Interface (X1): 

  • In the Management section of Edit X1 interface window, check the SNMP
  • Click the ‘OK’ button.

Step 2: Configuring SNMP & adding SonicWALL unit in PRTG Monitoring software 

Open the SNMP software and register the SonicWALL. (You can download and install a free edition of PRTG from http://www.paessler.com/prtg/download)

Screen shots for PRTG (V14.2.9.1689) are attached below, just enter the SonicWALL appliance’s LAN IP address, along with the community string and it will start gathering data from the SonicWALL

Select Device tab in the PRTG software. Under Overview Click Add Device button to add your sonicwall device.

  • In the device name enter SonicWALL TZ 200(You should use the same name which you used in SNMP configuration of SonicWALL
  • In IPV4- Address/DNS Name 168.168.168(IP address of the SonicWALL interface to which server is connected)
  • Device Icon: Select Dell Icon

Click Continue for next step

You will find the new device which we added. Click Add Sensor button to select the sensor type.

  • Select SNMPunder Technology Used
  • Select SNMP Trafficunder Matching Sensor Type

>>Under Credentials For SNMP Devices

Disable Inherit option and configure SNMP as below

  • SNMP Version: V3
  • Authentication Type: MD5(Select the Authentication method which you configured in SonicWALL)
  • User: User1(Type the user which you created in SonicWALL)
  • Password: user12345(Type Authentication Key which you configured in SonicWALL)
  • Encryption Type: DES(Select the Encryption method which you configured in SonicWALL)
  • Data Encryption Key: password123(Type the Privacy Key which you configured in SonicWALL)
  • SNMP Port: 161
  • SNMP Timeout: 5

Click Continue button to save the configuration

Select the interface for which you would like to monitor traffic. In this scenario select X0, X1 & W0 interface and click Continue button

Now you can see the sensor information for all the interface with the traffic rate

How to Test

In order to test the SNMP traffic. Select any one interface to see its traffic rate with graph. Click on X0 interface to see the information as below

Finally, the Live data can be shown in the graph format as below for the X0 interface

/by
Meet our Team Get a Quote Read Reviews

CONTACT US

  • Call: 314-343-1800
  • Contact

    Use red “Contact Us” button (right)

  • Chat

    Use red “We are online” button (bottom)

BUSINESS HOURS

Monday – Friday: 8am – 5pm
Saturday – Sunday: Closed
24 Hour Support Service Available

Customers Receiving Support:

Disclaimer: Acumen Consulting is an independent service provider of technical service for business networks. We have reseller partner agreements with all of the companies and brands for which we are offering service on acumenitsupport.com. All partner trademarks, registers trademarks, company names, product names, and brand names, are the property of their respective owners. We provide ONLY reseller services for the products listed.

Configuring Active Directory/LDAP over TLS on SonicOS mod_evasive doesn’t work with current Apache
Call Now