I just found out that snmp also requires the use of UDP ports >1023 to the
client side. It's a pretty big hole you have to open.
An excerpt from Brian Betterton message:
> I'm aware of the dangers of allowing SNMP through a firewall...I don't mean
> to stir up a controversial discussion. That aside, I'm interested in
> allowing SNMP through a Gauntlet 3.0.1 firewall for a period of time,
> hopefully short.
> What I don't know is how to set this up, and if 3.0.1 (installed on a BSDi
> box) will let me. And, assuming I can, how can I restrict it as much as
> I've added my "plug-gw" s in the netperm-table, for UDP port 161 (SNMP) and
> port 162 (SNMP-trap) for the specific monitoring station and respective
> clients. What else is needed? Any help is greatly appreciated.
Rudy Amid (rudy @
com) [Home URL] http://www.warped.com/~radix
Systems Administrator #include <std.disclaimer>
Hummingbird Communications, Ltd. "We're IT!" -MIS Dept.
1 Sparks Ave. Toronto, Canada. M2H 2W1. 416-496-2200 [URL] http://www.hcl.com