Avaya Router Guía de inicio rápido descargar pdf (Pagina 71)

Securing the Router

308654-14.00 Rev 00

7-3

See “Setting Global IP Access Policies with the BCC” and “Restricting

Read/Write Access with SNMP Communities” for additional information.

Setting Global IP Access Policies with the BCC

The BCC allows you to create global IP access policies for routers that control

access to specific IP services, including Telnet, FTP, TFTP, NTP, SNMP, and the

HTTP Server.

You define a policy and its actions by setting BCC parameters. See the appendix

“Configuring IP Global Access Policies” in Configuring IP Utilities for more

information.

Restricting Read/Write Access with SNMP Communities

You can use either Site Manager or the BCC to control SNMP access to the router.

You should restrict read/write access to the router as soon as possible by

reconfiguring the SNMP communities.

When you add SNMP with the BCC, access is defined by default as read-only.

You should immediately add managers to control any write access that you

explicitly add.

By default, the Quick-Start installation script (install.bat) creates a read/write

SNMP community named “public” with a wildcard manager (0.0.0.0) that allows

universal read/write access. Nortel Networks strongly recommends that you use

Site Manager or BCC commands to:

Reconfigure the “public” community as read-only for universal access.

Create a read/write community with a unique name (for example,

EASTBAY) and a manager list containing the IP addresses of the

workstations that need read/write access to the router.

See Configuring SNMP, BootP, and DHCP Services for more information about

configuring SNMP. See Using the Bay Command Console (BCC) for information

about BCC commands.

1 2 ... 66 67 68 69 70 71 72 73 74 75 76 ... 131 132

Sin comentarios

Avaya Router Guía de inicio rápido Pagina 71