This Article contains the following:
The CS141 supports SNMP v2 as well as SNMP v3
SNMP v3: Security Level description
Configure TRAP receiver dealing with SNMP v3
For this step, navigate to the following menu:
Developed by the IETF the Simple Network Management Protocol is designed for monitoring and controlling network elements from a central station. The protocol controls the communication traffic between monitored devices and monitoring stations:
SNMP describes the structure of the data packets that can be sent as well as the entire communication process. The CS141 can fully be integrated into a network with SNMP monitoring. The built-in SNMP agent regulates both - receiving and sending corresponding requests.
Note:
SNMP V1.0 is not officially supported by the CS141. We recommend the use version 2.0 upward. However, since V1.0 is largely included in V2.0, the CS141 will respond to SNMP-V1 requests, but using V1.0 will be out of official supporter’s guidance.
The CS141 supports SNMP v2 as well as SNMP v3
The difference is that SNMP v2 operates based on the authorized IP address, whereas SNMP v3 works with direct user permissions using a username and password.
Configuring SNMP V2:
The overview shows all configured communities:
To configure new SNMP permissions, click +
IP address
Under IP Address, enter the IP address of the authorized computer to allow access to the CS141 device via SNMP v2. Thereby the name of the community defines the authorization group.
Permission
Defines permissions during access:
Read only Devices dealing inside this permission group have read-only permissions
Read/Write Devices dealing inside this authorization group can read and write /delete data packets.
Set up trap receivers
What are SNMP traps for?
In principle, an agent monitoring a system can, if required, send an unsolicited trap packet to its management station. Among other things, the status of the monitored device is communicated. On the other hand, the agent can receive and process service requests from his manager. There are two ports required by default:
Port 161 Required by the agent on the device to receive the requests
Port 162 Required by the management station to receive messages
If these ports are blocked, the communication will not work.
Configuring trap receivers on the CS141
The advantage of the trap messages is that the CS141 can automatically inform about changes in the UPS.
To add a new trap receiver, click +,
Since trap messages are sent exclusively to inform about status changes, no read / write operations permissions are required.
Enter the recipient's IP address as well as a valid community.
With the Save button, CS141 takes over the settings and the SNMP agent will be restarted. The CS141 will not need to be rebooted.
Trap receiver test
The newly set-up trap receivers can then be tested:
For an SMNP test, each device of the CS141 product family provides a practical test tool to check if the trap receiver is online and available: Simply select a trap from the list of available traps and click on the test button.
Your receiver should first display the trap and then remove it from the list of active system events.
Note:
Trap messages are automatically generated messages that do not request confirmation - a device that sends trap messages generally does not know whether the messages have arrived. Consequently, it will not be possible to log any information about receipt.
Configuring SNMP v3
The overview shows all configured users:
Since SNMPv3 is user-based, you need to configure single users instead of communities. Click + to configure a new user:
User
SNMP v3 dispenses with the possibility of setting up authorized IP addresses and user groups. Administrators need to add a local user inside the CS141 device.
Read-only / Read Write
As a standard, any user gets permission for both - reading and writing. In some cases, this may not be allowed by administrators. To prevent SNMP users from writing data, activate the option Read only
SNMP v3: Security Level description
Authentication
Defines security level and password control to access the CS141 device using SNMP v3:
No security no passwords or encryption is required
Authenticities Single password request.
Authentication and Privacy The connection is additionally encrypted, and two passwords are required.
Password for user-level data access
Maximum password length: 16 characters
Privacy Enhanced: The connection is encrypted
Maximum Password length: 16 characters
MD5 – Message-Digest Algorithm
With this method, a 128-bit hash value is generated from a message (e.g. a password), which can be used to check the transmission for correctness relatively easily. The advantage is the low computing power required for the process.
SHA – Secure Hash Algorithm
Basically, it does the same thing, is a little more flexible, but proceeds differently. This method refers to a group of standardized cryptological hash functions that calculate ahas value that cannot be traced back to the end.
Which of the two methods you must select for authentication depends on the specifications of the respective network operator.
Privacy Options
In addition to the authentication, you can encrypt the data transmission via the privacy options:
DES – Data Encryption Standard
DES is a very widely used standard that uses a symmetric encryption algorithm. An identical key is used for both encryption and decryption.
AES – Advanced Encryption Standard
AES is also widely used and belongs to the symmetric encryption methods. As the successor to DES, it has the advantage of being more flexible and that the hash value cannot be reverse-engineered. However, since different algorithms are used, it is not possible to decrypt DES-encrypted data with AES.
Which methods should I set?
The respective encryption methods differ fundamentally and are not compatible with each other. Since all methods with their concepts are largely considered "secure" at the current state, the specifications of the respective network advertising operator in which you want to integrate the CS141 must be observed for the correct settings. The following combinations are possible:
- MD5 / DES
- MD5 / AES
- SHA / DES
- SHA / AES
You will receive the necessary access data from the responsible network supervisor / administrator.
Note:
Please note that in addition to the correct access data, the encryption type must also be identical, otherwise no connection will be established.
Configure TRAP receiver dealing with SNMP v3
To set up a trap receiver dealing with SNMP v3, you need to create a suitable user. This user can then be selected as the trap recipient in SNMP v3.
The SNMP v3 Engine ID
The engine ID is used by SNMPv3 agents to uniquely identify a device. The CS141 uses its own MAC address with the prefix 80.00.1F.88.03.[XXX] by default.
The MAC address can be found clearly under System>About:
As an example, the Engine ID for this CS141 device is:
80.00.1F.88.03.00.30.D6.16.BB.D4
Trap receiver test
After configuration work is done, use the test function to test the SNMP v3 trap receiver:
To do this, simply select the desired trap and press the test button.
The test message should be displayed immediately at the corresponding receiving system after pressing the test button.
Note:
As with SNMP v2, the trap messages are automatically generated messages that do not request confirmation - a device that sends trap messages, generally does not know whether the messages have arrived. Consequently, it will not be possible to log any information about a receipt.
SNMP MIB File
A MIB (Management Information Base) is essentially a catalog or directory that contains all the information that can be queried about a network device using SNMP. This information is required by management systems, and as soon as specific customizations and extensions have been made to a device, it is advisable to request the MIB from the respective device manufacturer.
The current MIB file for GENEREX products can be found either on www.generex.de in the download area or, tailored to the respective firmware, at Services > SNMP Agent directly when selecting the SNMP version.
An overview of available OIDs is also available in the appendix of the CS141 manual.
v.: 2025-07-23 FW 2.16-2.26
Comments
0 comments
Please sign in to leave a comment.