Re: Allowing SNMP through Gauntlet?

[Rudy Amid <rudy @ hcl . com>]

I just found out that snmp also requires the use of UDP ports >1023 to the
client side.  It's a pretty big hole you have to open.


An excerpt from Brian Betterton message:
> 
> I'm aware of the dangers of allowing SNMP through a firewall...I don't mean
> to stir up a controversial discussion. That aside, I'm interested in
> allowing SNMP through a Gauntlet 3.0.1 firewall for a period of time,
> hopefully short.
> 
> What I don't know is how to set this up, and if 3.0.1 (installed on a BSDi
> box) will let me. And, assuming I can, how can I restrict it as much as
> possible?
> 
> I've added my "plug-gw" s in the netperm-table, for UDP port 161 (SNMP) and
> port 162 (SNMP-trap) for the specific monitoring station and respective
> clients. What else is needed? Any help is greatly appreciated.
> 
> TIA
> 
> Brian
> 
> 


-- 
Rudy Amid (rudy @
 hcl .
 com)                [Home URL] http://www.warped.com/~radix
Systems Administrator                                 #include <std.disclaimer>
Hummingbird Communications, Ltd.                         "We're IT!" -MIS Dept.
1 Sparks Ave. Toronto, Canada. M2H 2W1. 416-496-2200   [URL] http://www.hcl.com