Main Menu
  • COMPANY
    • Boundless Cybersecurity
    • Press Releases
    • News
    • Events
    • Awards
    • Leadership
    • Press Kit
    • Careers
  • PROMOTIONS
    • SonicWall Promotions
    • Customer Loyalty Program
  • MANAGED SERVICES
    • Managed Security Services
    • Security as a Service
    • Professional Services
SonicWall
  • Products
      All Products A–Z
      Free Trials
    • Network Security
      • Next-Generation Firewall (NGFW)
      • Network Security Services
      • Network Security Management
      • Secure SD-WAN
    • Threat Protection
      • Advanced Threat Protection Cloud
      • Advanced Threat Protection Appliance
      • Capture Labs
    • Secure Access Service Edge (SASE)
      • Zero-Trust Network Access (ZTNA)
    • Cloud Security
      • Cloud Firewall
      • Cloud App Security
    • Endpoint Security
      • Endpoint Detection & Response (EDR)
    • Email Security
      • Cloud Email Security
      • Hosted Email Security
      • On-Prem Email Security
    • Secure Access
      • Wireless Access Points
      • Network Switch
      • Virtual Private Network (VPN)
    • Wi-Fi 6 Access Points

      SonicWall SonicWave 600 series access points provide always-on, always-secure connectivity for complex, multi-device environments.

      Read More
  • Solutions
    • Industries
      • Distributed Enterprises
      • Retail & Hospitality
      • K-12 Education
      • Higher Education
      • State & Local
      • Federal
      • Healthcare
      • Financial Services
      • Carriers
    • Use Cases
      • Secure SD-Branch
      • Network Segmentation
      • Zero Trust Security
      • Secure SD-WAN
      • Office 365 Security
      • SaaS Security
      • Secure Wi-Fi
    • Solutions Widgets
      • Solutions Content Widgets
        Federal

        Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions

      • Solutions Image Widgets
  • Partners
    • SonicWall Partners
      • Partners Overview
      • Find a Partner
      • Authorized Distributors
      • Technology Partners
    • Partner Resources
      • Become a Partner
      • SonicWall University
      • Training & Certification
    • Partner Widgets
      • Custom HTML : Partners Content WIdgets
        Partner Portal

        Access to deal registration, MDF, sales and marketing tools, training and more

      • Partners Image Widgets
  • Support
    • Support
      • Support Portal
      • Knowledge Base
      • Technical Documentation
      • Community
      • Video Tutorials
      • Product Life Cycle Tables
      • Partner Enabled Services
      • Contact Support
    • Resources
      • Resource Center
      • Events
      • Free Trials
      • Blog
      • SonicWall University
      • MySonicWall
    • Capture Labs
      • Capture Labs
      • Security Center
      • Security News
      • PSIRT
      • Application Catalog
    • Support Widget
      • Custom HTML : Support Content WIdgets
        Support Portal

        Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials

      • Support Image Widgets
  • COMPANY
    • Boundless Cybersecurity
    • Press Releases
    • News
    • Events
    • Awards
    • Leadership
    • Press Kit
    • Careers
  • PROMOTIONS
    • SonicWall Promotions
    • Customer Loyalty Program
  • MANAGED SERVICES
    • Managed Security Services
    • Security as a Service
    • Professional Services
  • Contact Sales
  • English English English en
  • BLOG
  • CONTACT SALES
  • FREE TRIALS
  • English English English en
SonicWall
  • Products
      All Products A–Z
      Free Trials
    • Network Security
      • Next-Generation Firewall (NGFW)
      • Network Security Services
      • Network Security Management
      • Secure SD-WAN
    • Threat Protection
      • Advanced Threat Protection Cloud
      • Advanced Threat Protection Appliance
      • Capture Labs
    • Secure Access Service Edge (SASE)
      • Zero-Trust Network Access (ZTNA)
    • Cloud Security
      • Cloud Firewall
      • Cloud App Security
    • Endpoint Security
      • Endpoint Detection & Response (EDR)
    • Email Security
      • Cloud Email Security
      • Hosted Email Security
      • On-Prem Email Security
    • Secure Access
      • Wireless Access Points
      • Network Switch
      • Virtual Private Network (VPN)
    • Wi-Fi 6 Access Points

      SonicWall SonicWave 600 series access points provide always-on, always-secure connectivity for complex, multi-device environments.

      Read More
  • Solutions
    • Industries
      • Distributed Enterprises
      • Retail & Hospitality
      • K-12 Education
      • Higher Education
      • State & Local
      • Federal
      • Healthcare
      • Financial Services
      • Carriers
    • Use Cases
      • Secure SD-Branch
      • Network Segmentation
      • Zero Trust Security
      • Secure SD-WAN
      • Office 365 Security
      • SaaS Security
      • Secure Wi-Fi
    • Solutions Widgets
      • Solutions Content Widgets
        Federal

        Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions

      • Solutions Image Widgets
  • Partners
    • SonicWall Partners
      • Partners Overview
      • Find a Partner
      • Authorized Distributors
      • Technology Partners
    • Partner Resources
      • Become a Partner
      • SonicWall University
      • Training & Certification
    • Partner Widgets
      • Custom HTML : Partners Content WIdgets
        Partner Portal

        Access to deal registration, MDF, sales and marketing tools, training and more

      • Partners Image Widgets
  • Support
    • Support
      • Support Portal
      • Knowledge Base
      • Technical Documentation
      • Community
      • Video Tutorials
      • Product Life Cycle Tables
      • Partner Enabled Services
      • Contact Support
    • Resources
      • Resource Center
      • Events
      • Free Trials
      • Blog
      • SonicWall University
      • MySonicWall
    • Capture Labs
      • Capture Labs
      • Security Center
      • Security News
      • PSIRT
      • Application Catalog
    • Support Widget
      • Custom HTML : Support Content WIdgets
        Support Portal

        Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials

      • Support Image Widgets
  • COMPANY
    • Boundless Cybersecurity
    • Press Releases
    • News
    • Events
    • Awards
    • Leadership
    • Press Kit
    • Careers
  • PROMOTIONS
    • SonicWall Promotions
    • Customer Loyalty Program
  • MANAGED SERVICES
    • Managed Security Services
    • Security as a Service
    • Professional Services
  • Contact Sales
  • Menu

Configuring SNMPv3 in SonicOS (5.9/6.1 & above)

03/26/2020 59 People found this article helpful 200,831 Views

    Download
    Print
    Share
    • LinkedIn
    • Twitter
    • Facebook
    • Email
    • Copy URL The link has been copied to clipboard

    Description

    Simple Network Management Protocol Version 3 (SNMPv3) is an interoperable Standards- based protocol for network management. SNMPv3 provides secure access to device by a combination of authenticating and encrypting packets over the network.

    The security features provided in SNMPv3 are

    • Message integrity Ensuring that a packet has not been tampered with in-transit.
    • Authentication Determining the message is from a valid source.
    • Encryption Scrambling the contents of a packet prevent it from being seen by an unauthorized source.


    Before SNMPv3, all data was transmitted in the clear and subject to monitoring and alteration by unauthorized users. Version 3 supports various encryption methods. We recommend users never use DES 56-bit encryption as this is very easy to decrypt. AES 128-bit is the preferred method.

    Feature Functions  

    • Support USM (User-based Security Model, RFC3414) for SNMPv3 .
    • Support View-Based Access Control Model (VACM, RFC3415) for SNMPv3.
    • Support Administrative Framework (RFC3411) for SNMPv3 .

     

    Feature Limitations  

    • Does not support notification destinations.
    •  Does not support proxy relationships.
    •  Does not support remotely configurable via SNMP operations.

    Resolution

    Enable SNMP and configure SNMP parameters

    Please login to the SonicWall management GUI as admin.

    • Navigate to MANAGE | Appliance  |SNMP.
    • Check the box Enable SNMP.
    • Click in the Configure button and supply the parameters for SNMP or keep the default for general configuration.
    • Click OK .
    • Click ACCEPT .

      NOTE: For the SNMP functionality, the Community name should be the same in the SonicWall and the SNMP monitoring software.Image



    Creating SNMP User, Group & Access

    Adding User with Group

    • Navigate toMANAGE | Appliance  |SNMP, Click Add User button under Users/Group.
    • User Name: NEW SNMP User(Type any friendly name which you would like to use for SNMP).
    • Security Level: Authentication and Privacy (Select the level which you would like to use).
    • Authentication Method: SHA1(Select the method which you would like to use).
    • Authentication Key: user12345( type the key which you would like to use But it should be more than 8 characters).
    • Encryption Method: AES(Select the method which you would like to use).
    • Privacy Key: password123 (type any key which you would like to use).
    • Group: SNMP Group (Select the group which you would like to add this user).
    • Click OK.
      Image



    Creating Access for SNMP

    • Navigate to MANAGE | Appliance  |SNMP Click Add button under Access.
    • Access Name: New SNMP Access (Type any name which you would like to use).
    • Read View: root .
    • Master SNMPv3 Group: SNMP Group (Select any group which you would like to use).
    • Access Security Level: Authentication and Privacy (Select the level of security for SNMP).
    • Click OK .
      Image




    Enable SNMP on the SonicWall interface

    Navigate to MANAGE| Network | Interfaces and click on the configure button in front of the LAN & WAN interface.

    LAN Interface (X0)

    • In the Management' section of Edit X0 interface window, check the  SNMP' box.
    • Click OK .
      Image

    WAN Interface (X1)

    • In the Management section of Edit X1 interface window, check the SNMP box.
    • Click OK'.
      Image

     

     

    Configuring SNMP & adding SonicWall unit in PRTG Monitoring software

    • Open the SNMP software and register the SonicWall. (You can download and install a free edition of PRTG from http://www.paessler.com/prtg/download).
    • Screenshots for PRTG (V14.2.9.1689) are attached below, just enter the SonicWall appliance's LAN IP address, along with the community string and it will start gathering data from the SonicWall.
    • Select Device tab in the PRTG software. Under Overview Click Add Device button to add your SonicWall device.
      Image

    • In the device name enter SonicWall TZ 200 You should use the same name which you used in SNMP configuration of SonicWall.
    • In IPV4- Address/DNS Name 192.168.168.168 (IP address of the SonicWall interface to which server is connected).
    • Device Icon: Select Icon.
    • Click Continue for next step.
      Image

    • You will find the new device which we added. Click Add Sensor button to select the sensor type.
      Image
    • Select SNMP under Technology Used.
    • Select SNMP Traffic under Matching Sensor Type.
      Image
      Image


    Under Credentials For SNMP Devices


    Disable Inherit option and configure SNMP as below

    • SNMP Version: V3.
    • Authentication Type: MD5 (Select the Authentication method which you configured in SonicWall).
    • User: User1 (Type the user which you created in SonicWall).
    • Password: user12345 (Type Authentication Key which you configured in SonicWall).
    • Encryption Type: DES (Select the Encryption method which you configured in SonicWall).
    • Data Encryption Key: password123 (Type the Privacy Key which you configured in SonicWall).
    • SNMP Port: 161.
    • SNMP Timeout: 5.
    • Click Continue button to save the configuration.
      Image

    • Select the interface for which you would like to monitor traffic. In this scenario select X0, X1 & W0 interface and click Continue button.
      Image

    • Now you can see the sensor information for all the interface with the traffic rate.
      Image

    How to Test

    • In order to test the SNMP traffic. Select any one interface to see its traffic rate with graph. Click on X0 interface to see the information as below.Image

    • The Live data can be shown in the graph format as below for the X0 interface.
      Image

    Related Articles

    • Identical Access Rules for different users/user groups
    • Advanced Network Security eLearning Training Course
    • Network Security Essentials eLearning Training Course

    Categories

    • Firewalls > NSa Series > Networking
    • Firewalls > TZ Series > Networking
    • Firewalls > NSv Series > Networking

    Not Finding Your Answers?

    ASK THE COMMUNITY

    Was This Article Helpful?

    YESNO

    Article Helpful Form

    Article Not Helpful Form

    Company
    • Careers
    • News
    • Leadership
    • Awards
    • Press Kit
    • Contact Us
    Popular resources
    • Communities
    • Blog
    • SonicWall Capture Labs

    Stay In Touch

    • By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. You can unsubscribe at any time from the Preference Center.
    • This field is for validation purposes and should be left unchanged.
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
    • Instagram

    © 2023 SonicWall. All Rights Reserved.

    • Legal
    • Privacy
    • English
    Scroll to top