Configuring Trusted Managers via SNMP
To configure Trusted Managers, the Element Management System (EMS) must use the SNMP-COMMUNITY-MIB and snmpCommunityMIB and the snmpTargetMIB.
The following procedure assumes the following: at least one configured read-write community; currently no Trusted Managers; TransportTag for columns for all snmpCommunityTable rows are currently empty.
| ➢ | To add the first Trusted Manager: |
| 1. | Add a row to the snmpTargetAddrTable with these values: Name=mgr0, TagList=MGR, Params=v2cparams. |
| 2. | Add a row to the snmpTargetAddrExtTable table with these values: Name=mgr0, snmpTargetAddrTMask=255.255.255.255:0. The agent does not allow creation of a row in this table unless a corresponding row exists in the snmpTargetAddrTable. |
| 3. | Set the value of the TransportTag field on each non-TrapGroup row in the snmpCommunityTable to MGR. |
The following procedure assumes the following: at least one configured read-write community; currently one or more Trusted Managers; TransportTag for columns for all rows in the snmpCommunityTable are currently set to MGR. This procedure must be done from one of the existing Trusted Managers.
| ➢ | To add a subsequent Trusted Manager: |
| 1. | Add a row to the snmpTargetAddrTable with these values: Name=mgrN, TagList=MGR, Params=v2cparams, where N is an unused number between 0 and 4. |
| 2. | Add a row to the snmpTargetAddrExtTable table with these values: Name=mgrN, snmpTargetAddrTMask=255.255.255.255:0. |
An alternative to the above procedure is to set the snmpTargetAddrTMask column while you are creating other rows in the table.
The following procedure assumes the following: at least one configured read-write community; currently two or more Trusted Managers; taglist for columns for all rows in the snmpCommunityTable are currently set to MGR. This procedure must be done from one of the existing trusted managers, but not the one that is being deleted.
| ➢ | To delete a Trusted Manager (not the last one): |
| ■ | Remove the appropriate row from the snmpTargetAddrTable. |
The change takes effect immediately. The deleted trusted manager cannot access the device. The agent automatically removes the row in the snmpTargetAddrExtTable.
The following procedure assumes the following: at least one configured read-write community; currently only one Trusted Manager; taglist for columns for all rows in the snmpCommunityTable are currently set to MGR. This procedure must be done from the final Trusted Manager.
| ➢ | To delete the last Trusted Manager: |
| 1. | Set the value of the TransportTag field on each row in the snmpCommunityTable to the empty string. |
| 2. | Remove the appropriate row from the snmpTargetAddrTable. |
The change takes effect immediately. All managers can now access the device. The agent automatically removes the row in the snmpTargetAddrExtTable.