CMM5 Configure SNMP

The CMM5 Controller incorporates an SNMP agent which supports the following remote management capabilities:

  • Querying of CMM5 configuration parameters via the SNMP GetRequest
  • Querying of CMM5 basic performance measurements via the SNMP GetRequest
  • Sending of unsolicited trap notifications in response to detection or clearing of various state changes and error conditions
  • SNMP v2c and v3 protocols

Note: Remote modification of CMM5 configuration parameters via the SNMP SetRequest is not supported.

Configuration of SNMP operations is accomplished from the SNMP tab on the System GUI page.

Basic SNMP Configuration

The basic SNMP configuration includes the following settings:

  • SNMP protocol version
  • Default port numbers for queries and trap notifications
  • SNMP accessing IP address list
  • SNMP trap IP address list
  • Sync status trap enable
  • Site information

Perform the following steps to configure the basic SNMP settings:

Step

Action

1

Log into the Controller GUI using your password.

2

Choose the desired SNMP protocol version from the SNMP Version pull-down menu. The available options are SNMPv2c Only, SNMPv3 Only, or SNMPv2c and SNMPv3.

Note: If the SNMPv2c and SNMPv3 option is selected the Controller will respond to a GetRequest sent with either protocol version, but trap notifications will be sent using only the only SNMPv3 protocol.

3

Change the Default Port and Trap Port, if desired.

Note: Under most circumstances the default settings can be used. The port numbers must match the configuration of the tool used to send SNMP queries and receive query responses and trap notifications.

4

Configure the IP addresses and associated subnet masks in the Accessing IP list, if desired. Each row defines a range of IP addresses containing the specified IP address and constrained by the associated mask. A maximum of 10 IP addresses and subnets are supported.

Note: If no IP addresses are specified then the Controller will respond to SNMP queries from any valid IP address. If an address is entered without a mask then it defines a single IP address (effectively defaulting to a /32 mask). 

5

Enter the IP address of each trap received to be configured in the Trap Addresses list. A maximum of 10 IP addresses are supported.

Note: If no IP addresses are specified then the Controller will not send any trap notifications.

6

Click the Enable button in the Trap Enable section to turn on Sync Status trap notifications, if desired.

7

Enter the Site Name, Site Contact and Site Location details in the Site Information section.

8

Click Save to save the newly entered configuration.

Configure SNMPv2c Operation

Perform the following steps to configure the Controller for SNMPv2c operation:

Step

Action

1

Log into the Controller GUI using your password.

2

Check that the SNMPv2c protocol is selected in the SNMP Version pull-down menu. Either the SNMPv2c Only or the SNMPv2c and SNMPv3 option may be used.

Note: If the SNMPv2c and SNMPv3 option is selected the Controller will respond to a GetRequest sent with either protocol version, but trap notifications will be sent using only the SNMPv3 protocol.

3

Set the SNMP Community String 1 value and Permissions. Typically this is configured as the read/write community string that is used for remote network management.

 

Note: The Controller does not support SNMP write operations. The Read/Write option for community string 1 is provided to maintain consistency with other Cambium Networks platforms.

4

Set the SNMP Community String 2 value. This is typically configured as the read only community string.

5

Click Save to save the newly entered configuration.

Configure SNMPv3 Operation

Perform the following steps to configure the Controller for SNMPv3 operation:

Step

Action

1

Log into the Controller GUI using your password.

2

Check that the SNMPv3 protocol is selected in the SNMP Version pull-down menu. Either the SNMPv3 Only or the SNMPv2c and SNMPv3 option may be used.

Note: If the SNMPv2c and SNMPv3 option is selected the Controller will respond to a GetRequest sent with either protocol version, but trap notifications will be sent using only the SNMPv3 protocol. This configuration is less secure than the SNMPv3 Only option.

3

Configure the EngineID string if the default value is not being used. Enter a string of between 1 and 27 characters in length. 

Note: The Controller automatically generates an EngineID string based on its MAC address, but a custom value can be entered to override this default value if required.

4

Select the SNMP authorization and privacy security settings from the SNMPv3 Security Level pull-down menu. The available options are as follows: noAuth, noPriv; Auth, noPriv; Auth, Priv.

5

Set the protocols to be used for authentication and privacy, if these security levels were enabled during the previous step. Available protocol options for authentication are MD5 and SHA. Privacy protocol options are DES and AES.

6

Configure the SNMPv3 Read-Only User and Read/Write User details. For each user enter the username and specify the authentication key and privacy key if these security levels are to be enabled.

 

Note: The Controller gives the option to disable the Read/Write User if preferred. Because the Controller does not support SNMP write operations, doing so has the sole effect of blocking the use of the Read/Write Username for SNMPv3 transactions.

7

Up to three additional users may be configured if required. Enter the username for each user and enable or disable the read/write mode as desired. Also specify the authentication keys and privacy keys, if applicable.

8

Select the trap behavior from SNMPv3 Trap Configuration pull-down menu. Available options are Disabled, Enabled for Read-Only User, and Enabled for Read/Write User. The choice of enabled option determines if the Controller will use the read-only username or the read/write username when sending trap notifications.

9

Click Save to save the newly entered configuration.

1 Like