Configure SNMP users and traps
Allow SNMPv3 traffic and specify the encryption and authentication settings to ensure confidentiality, message integrity, and user validity.
Introduction
In this example, we show how to do the following:
- Configure Sophos Firewall as an SNMP agent if you haven't already done it.
- Configure SNMPv3 users, the corresponding authorized hosts, and the encryption and authentication algorithms.
- Allow SNMP traffic for the zone to which SNMP users belong.
- Allow Sophos Firewall to send SNMP alerts.
Configure Sophos Firewall as an SNMP agent
Allow Sophos Firewall to act as an SNMP agent. It uses the standard ports used by SNMP agents and users or managers.
- Go to Administration > SNMP.
- Select Enable SNMP agent.
- Enter the Location and Contact person.
-
Click Apply.
Here's an example:
Configure SNMPv3 users and traps
Specify the username, the corresponding authorized hosts, the SNMP requirements, and the encryption and authentication details.
- Go to Administration > SNMP. Scroll down to SNMPv3 users and traps and click Add.
- Select Accept queries and Send traps.
- Select the Authorized hosts. Example:
11.11.11.11
and10.10.10.10
- Select the Encryption algorithm and set the Encryption password.
- Select the Authentication algorithm and set the Authentication password.
-
Click Apply.
Here's an example:
Allow SNMP traffic and alerts
Allow SNMP traffic for the zone to which SNMP users and managers belong. Additionally, allow Sophos Firewall to send SNMP alerts.
-
Go to Administration > Device access and select the zones from which SNMP users and managers can send and receive SNMP traffic.
Here's an example:
-
Go to System services > Notification list.
- Turn on SNMP traps.
-
Turn on SNMP for the alerts you want to send.
Here's an example:
More resources