Zyxel ZyWALL-USG50 Router Manual PDF (Setup & Configuration Guide)

Page 716 / 944 Scroll up to view Page 711 - 715

Chapter 45 System

ZyWALL USG 50 User’s Guide

716

and version two (SNMPv2c). The next figure illustrates an SNMP management

operation.

Figure 420

SNMP Management Model

An SNMP managed network consists of two main types of component: agents and

a manager.

An agent is a management software module that resides in a managed device (the

ZyWALL). An agent translates the local management information from the

managed device into a form compatible with SNMP. The manager is the console

through which network administrators perform network management functions. It

executes applications that control and monitor managed devices.

The managed devices contain object variables/managed objects that define each

piece of information to be collected about a device. Examples of variables include

such as number of packets received, node port status etc. A Management

Information Base (MIB) is a collection of managed objects. SNMP allows a

manager and agents to communicate for the purpose of accessing these objects.

SNMP itself is a simple request/response protocol based on the manager/agent

model. The manager issues a request and the agent returns responses using the

following protocol operations:

•

Get - Allows the manager to retrieve an object variable from the agent.

Page 717 / 944

Chapter 45 System

ZyWALL USG 50 User’s Guide

717

•

GetNext - Allows the manager to retrieve the next object variable from a table

or list within an agent. In SNMPv1, when a manager wants to retrieve all

elements of a table from an agent, it initiates a Get operation, followed by a

series of GetNext operations.

•

Set - Allows the manager to set values for object variables within an agent.

•

Trap - Used by the agent to inform the manager of some events.

45.10.1

Supported MIBs

The ZyWALL supports MIB II that is defined in RFC-1213 and RFC-1215. The

ZyWALL also supports private MIBs (zywall.mib and zyxel-zywall-ZLD-

Common.mib) to collect information about CPU and memory usage and VPN total

throughput. The focus of the MIBs is to let administrators collect statistical data

and monitor status and performance. You can download the ZyWALL’s MIBs from

www.zyxel.com.

45.10.2

SNMP Traps

The ZyWALL will send traps to the SNMP manager when any one of the following

events occurs.

45.10.3

Configuring SNMP

To change your ZyWALL’s SNMP settings, click

Configuration > System > SNMP

tab. The screen appears as shown. Use this screen to configure your SNMP

Table 224

SNMP Traps

OBJECT LABEL

OBJECT ID

DESCRIPTION

Cold Start

1.3.6.1.6.3.1.1.5.1

This trap is sent when the ZyWALL is turned

on or an agent restarts.

linkDown

1.3.6.1.6.3.1.1.5.3

This trap is sent when the Ethernet link is

down.

linkUp

1.3.6.1.6.3.1.1.5.4

This trap is sent when the Ethernet link is

up.

authenticationFailure

1.3.6.1.6.3.1.1.5.5

This trap is sent when an SNMP request

comes from non-authenticated hosts.

Page 718 / 944

Chapter 45 System

ZyWALL USG 50 User’s Guide

718

settings, including from which zones SNMP can be used to access the ZyWALL. You

can also specify from which IP addresses the access can come.

Figure 421

Configuration > System > SNMP

The following table describes the labels in this screen.

Table 225

Configuration > System > SNMP

LABEL

DESCRIPTION

Enable

Select the check box to allow or disallow the computer with the IP

address that matches the IP address(es) in the

Service Control

table to

access the ZyWALL using this service.

Server Port

You may change the server port number for a service if needed, however

you must use the same port number in order to use that service for

remote management.

Get

Community

Enter the

Get Community

, which is the password for the incoming Get

and GetNext requests from the management station. The default is

public and allows all requests.

Set

Community

Enter the

Set community

, which is the password for incoming Set

requests from the management station. The default is private and allows

all requests.

Trap

Community

Type the trap community, which is the password sent with each trap to

the SNMP manager. The default is public and allows all requests.

Destination

Type the IP address of the station to send your SNMP traps to.

Service

Control

This specifies from which computers you can access which ZyWALL

zones.

Page 719 / 944

Chapter 45 System

ZyWALL USG 50 User’s Guide

719

45.11

Vantage CNM

Vantage CNM (Centralized Network Management) is a browser-based global

management solution that allows an administrator from any location to easily

configure, manage, monitor and troubleshoot ZyXEL devices located worldwide.

See the Vantage CNM User's Guide for details.

If you allow your ZyWALL to be managed by the Vantage CNM server, then you

should not do any configurations directly to the ZyWALL (using either the Web

Configurator or commands) without notifying the Vantage CNM administrator.

Add

Click this to create a new entry. Select an entry and click

Add

to create a

new entry after the selected entry. Refer to

Table 219 on page 695

for

details on the screen that opens.

Edit

Double-click an entry or select it and click

Edit

to be able to modify the

entry’s settings.

Remove

To remove an entry, select it and click

Remove

. The ZyWALL confirms

you want to remove it before doing so. Note that subsequent entries

move up by one when you take this action.

Move

To change an entry’s position in the numbered list, select the method and

click

Move

to display a field to type a number for where you want to put

it and press [ENTER] to move the rule to the number that you typed.

#

This the index number of the service control rule.

The entry with a hyphen (-) instead of a number is the ZyWALL’s (non-

configurable) default policy. The ZyWALL applies this to traffic that does

not match any other configured rule. It is not an editable rule. To apply

other behavior, configure a rule that traffic will match so the ZyWALL will

not have to use the default policy.

Zone

This is the zone on the ZyWALL the user is allowed or denied to access.

Address

This is the object name of the IP address(es) with which the computer is

allowed or denied to access.

Action

This displays whether the computer with the IP address specified above

can access the ZyWALL zone(s) configured in the

Zone

field (

Accept

) or

not (

Deny

).

Apply

Click

Apply

to save your changes back to the ZyWALL.

Reset

Click

Reset

to return the screen to its last-saved settings.

Table 225

Configuration > System > SNMP (continued)

LABEL

DESCRIPTION

Page 720 / 944

Chapter 45 System

ZyWALL USG 50 User’s Guide

720

45.11.1

Configuring Vantage CNM

Vantage CNM is disabled on the device by default. Click

Configuration > System

> Vantage CNM

to configure your device’s Vantage CNM settings.

Figure 422

Configuration > System > Vantage CNM

The following table describes the labels in this screen.

Table 226

Configuration > System > Vantage CNM

LABEL

DESCRIPTION

Show Advance

Settings / Hide

Advance

Settings

Click this button to display a greater or lesser number of configuration

fields.

Vantage CNM

Click

Advanced

to display more configuration fields or click

Basic

to

display fewer fields.

Enable

Select this check box to allow Vantage CNM to manage your ZyWALL.

Server IP

Address/FQDN

Enter the

IP address or fully qualified domain name of the Vantage

server.

If the Vantage CNM server is on a different subnet to the ZyWALL and is

behind a NAT router, enter the WAN IP address of the NAT router here

and configure the NAT router to forward UDP port 11864 traffic to the

Vantage CNM server.

If the Vantage CNM server is behind a firewall, you may have to create a

rule on the firewall to allow UDP port 11864 traffic through to the

Vantage CNM server (most (new) ZyXEL firewalls automatically allow

this).

Rate

Popular Zyxel Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share