Configure SNMP users and traps

Allow SNMPv3 traffic and specify the encryption and authentication settings to ensure confidentiality, message integrity, and user validity.

Introduction

In this example, we show how to do the following:
  • Configure XG Firewall as an SNMP agent if you haven't already done it.
  • Configure SNMPv3 users, the corresponding authorized hosts, and the encryption and authentication algorithms.
  • Allow SNMP traffic for the zone to which SNMP users belong.
  • Allow XG Firewall to send SNMP alerts.

Configure XG Firewall as an SNMP agent

Allow XG Firewall to act as an SNMP agent. It uses the standard ports used by SNMP agents and users or managers.

  1. Go to Administration > SNMP.
  2. Select Enable SNMP agent.
  3. Enter the Location and Contact person.
  4. Click Apply.

    Here's an example:


    Configure SNMP agent

Configure SNMPv3 users and traps

Specify the username, the corresponding authorized hosts, the SNMP requirements, and the encryption and authentication details.

  1. Go to Administration > SNMP. Scroll down to SNMPv3 users and traps and click Add.
  2. Select Accept queries and Send traps.
  3. Select the Authorized hosts. Example: 11.11.11.11 and 10.10.10.10
  4. Select the Encryption algorithm and set the Encryption password.
  5. Select the Authentication algorithm and set the Authentication password.
  6. Click Apply.

    Here's an example:


    Configure SNMP users and traps

Allow SNMP traffic and alerts

Allow SNMP traffic for the zone to which SNMP users and managers belong. Additionally, allow XG Firewall to send SNMP alerts.

  1. Go to Administration > Device access and select the zones from which SNMP users and managers can send and receive SNMP traffic.

    Here's an example:


    Allow SNMP traffic
  2. Go to System services > Notification list.
  3. Turn on SNMP traps.
  4. Turn on SNMP for the alerts you want to send.

    Here's an example:


    Select SNMP alerts