1. Home
    2. /
  2. Manuals
    3. /
  3. Nokia
    4. /
  4. IP45
    5. /
  5. 43
Page 211 / 342 Scroll up to view Page 206 - 210
SNMP Description
Nokia IP45 Security Platform User’s Guide v4.0
211
The SNMP Configuration page opens.
3.
Specify the System Location. Example: California.
4.
Specify the System Contact. Example: phone number.
5.
Specify the SNMP port.This number defines the port where the SNMP daemon will run.
6.
Define the SNMP traps to be generated:
±
Startup
—this trap is generated and reported to the SNMP Manager when the SNMP
daemon re-initializes.
±
Link up/down
—this trap is generated and reported to the SNMP Manager when the
connection to WAN or LAN is temporarily unavailable or becomes available.
±
Authorization
—this trap is generated and reported to the SNMP manager when SNMP
access is attempted with an incorrect community name.
7.
Specify the port number. The default port number is 162
8.
Specify the IP address where the SNMP manager is running, so that traps that are generated
can be sent to the correct IP address.
9.
Enter the name of the SNMP community string in the Community text box. Default: public.
It is recommended to change this as the SNMP agents use this as password while connecting
to the device.
Note
Set the trapPduAgent to a specified IP address from the command prompt so as to view the
IP address of the device from where a trap is generated. Use the command
set snmp
trappduAgent ip_address
from the IP45 CLI
for setting the trapPduAgent. You cannot set the
trapPduAgent from the IP45 GUI portal. For more information, see
the Nokia IP45 Security
Platform CLI Reference Guide
Version 4.0
.
Page 212 / 342
10
Configuring and Monitoring SNMP
212
Nokia IP45 Security Platform User’s Guide v4.0
Configuring SNMP Parameters from the Command-Line Interface
You can use set and view parameters for SNMP.
Setting SNMP Parameters
Nokia IP45 supports SNMPv2c and SNMP v1 and v2 traps.
Use the following commands to set the SNMP parameters:
set snmp
contact
- SNMP Contact
enable
- Enables SNMP Daemon
location
- SNMP Location
port
- SNMP Port
trapPduAgent - snmp trappduagent
trapreceiver - snmp Trapreceiver
traps
- SNMP Traps
Viewing SNMP Parameters
Use the following commands to view the SNMP parameters:
show snmp
community
- SNMP Community
contact
- SNMP Contact
enable
- Displays SNMP Daemon
location
- SNMP Location
port
- SNMP Port
trapPduAgent - snmp trappduagent
trapreceiver - snmp Trapreceiver
traps
- SNMP Traps
For additional and detailed information on how to use the set and show commands, see the
Nokia IP45 Security Platform CLI Reference Guide Version 4.0.
Page 213 / 342
Nokia IP45 Security Platform User’s Guide v4.0
213
11
High-Availability
High-availability (HA) provides reliable, dependable and business-class secure access. HA
caters to device failures, connects to multiple ISP supporting demand dialing, allows Internet
link selection to cater to ISP link failures, and provides seamless routing of encrypted traffic
across multiple WAN links.
This chapter includes the following sections:
±
High-Availability Sample Scenario
±
Configuring Multiple HA Clusters
±
Configuring High-Availability
±
High-Availability over VPN
High-Availability Sample Scenario
You can create a High-Availability cluster consisting of two or more IP45 security platforms.
Each gateway in the HA cluster has a separate IP address within the local network. The
gateways also share a single virtual IP address, which is the default gateway address for the local
network.
Control of the virtual IP address is passed as follows:
The role of the gateway is determined by the priority assigned to it.
1.
The gateway with the highest priority acts as the active gateway and uses the virtual IP
address. Other gateways in the network are passive gateways.
2.
The active gateway sends periodic signals, or heartbeats, to the network though a
synchronization interface. Any internal network existing on both the gateways can be a
synchronization interface.
3.
If the heartbeat from the active gateway stops, indicating that the active gateway has failed,
the gateway with the highest priority becomes the new active gateway and takes over the
virtual IP Address.
4.
When a gateway that was inactive becomes active again, or if there is a change in its priority,
the gateway sends a heartbeat notifying the status to the other gateways in the cluster.
The IP45 security platform supports Internet connection tracking. Each IP45 can track the status
of its Internet connection and can reduce its own priority by a user-specified amount, if the
connection goes down.
Page 214 / 342
11
High-Availability
214
Nokia IP45 Security Platform User’s Guide v4.0
Note
If the priority of the Active Gateway drops below the priority of another gateway, then the
other gateway becomes the Active Gateway.
Note
You can force a fail-over to a passive IP45 security platform. A fail-over is required to verify
whether HA is working properly, or if the active IP45 security platform needs any repairs. To
force a fail-over, switch off the primary or disconnect it from the LAN network.
Configuring Multiple HA Clusters
The IP45 security platform supports configuring multiple HA clusters on the same network. To
configure multiple HA clusters, each cluster must be assigned a unique identification.
While configuring HA, you can specify that only the active gateway in the cluster should
connect to the Internet. This is called WAN HA, and is useful in the following scenarios:
±
Your Internet subscription cost is based on the connection time. Having the passive
appliance needlessly connected to the Internet costs you more.
±
To enable multiple appliances share the same static IP address without creating an IP address
conflict.
Note
To avoid multiple appliances with same WAN IP address acting as primary, select
Do not
connect if this gateway is in passive state
option under High-Availability, while configuring
the Internet.
WAN HA avoids an IP address change, and thereby ensures virtually uninterrupted access from
the Internet to internal servers at your network.
Ensure the following requirements are met before you configure the HA:
±
At least two identical IP45 security platforms with same firmware versions and firewall
rules.
±
The internal networks of the appliances must be the same.
±
The appliances must have different real internal IP addresses, but should share the same
virtual IP address.
±
The synchronization interface ports of the appliances must be connected either directly or
thorough a hub or a switch.
For example, if the DMZ is the synchronization interface, then the DMZ/WAN2 ports on the
appliances must be connected to each other.
Page 215 / 342
Configuring High-Availability
Nokia IP45 Security Platform User’s Guide v4.0
215
Note
The synchronization interface need not be dedicated for synchronization only. It may be
shared with an active internal network.
You can configure HA for any internal network, except the OfficeMode network.
Note
You can enable the DHCP server in all the IP45 security platforms. The DHCP server of a
passive gateway starts answering DHCP requests only when the active gateway fails.
Nokia IP45 v4.0, in addition to the IP address of the interface, supports a virtual IP address that
can be assigned to each WAN port. Assigning a virtual IP address to the WAN interface allows
you to configure a secondary gateway to be accessible for remote management and connected to
the service center at all times by using the primary IP address of the WAN interface). If the
primary gateway fails, the secondary gateway automatically takes over the virtual IP address,
ensuring continuous service availability.
Note
To create a WAN virtual IP, the type of Internet connection must be
Static IP. PPP
based
connections and dynamic IP connections are not supported.
You can also configure WAN IP by using command-line interface. For information, see the
Nokia IP45 Security Platform CLI Reference Guide Version 4.0.
Configuring High-Availability
The following sections provide information about configuring HA parameters by using the CLI
and the GUI.
For information about the commands, see the
Nokia IP45 Security Platform CLI Reference
Guide Version 4.0.

Rate

3.5 / 5 based on 2 votes.

Popular Nokia Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top