In continuation with Anthony's response, I searched on MS Technet. Here is what
I have found.
-----
Chapter 10 - Simple Network Management Protocol - from windows 2000 resource
kit.
-----
Securing SNMP Messages with IP Security
If you want to use IPSec to protect SNMP messages, you must configure all SNMP -
enabled systems to use IPSec, or the communications will fail. If you can�t
configure all SNMP- enabled systems to use IPSec, at a minimum, you must
configure the IPSec policies of the systems that are SNMP- enabled so that they
can send cleartext (unencrypted) information. However, this somewhat defeats the
idea of trying to secure messages because all communications will be unsecured.
IP Security does not automatically encrypt the SNMP protocol. You must create
filter specifications in the appropriate IP filter list for traffic between the
management systems and SNMP agents. The filter specification must include two
sets of settings.
The first set of filter specifications are for typical SNMP traffic (SNMP
messages) between the management system and the SNMP agents:
�Mirrored: enabled
�Protocol Type: TCP
�Source and Destination Ports: 161
�Mirrored: enabled
�Protocol Type: UDP
�Source and Destination Ports: 161
The second set of filter specifications are for SNMP trap messages sent to the
management system from the SNMP agents:
�Mirrored: enabled
�Protocol Type: TCP
�Source and Destination Ports: 162
�Mirrored: enabled
�Protocol Type: UDP
�Source and Destination Ports: 162
For additional information about creating filter specifications, see Windows
2000 Help.
-----
See if that helps.
Anthony Valuikas wrote:
> I found a paper from Microsoft about it in Technet. That is why I started to
> look. I'll see if I can find the number and forward it on. The title is
> something like "securing snmp with ip security".
>
> Thanks,
> Tv
>
Please visit http://www.ipswitch.com/support/mailing-lists.html
to be removed from this list.
An Archive of this list is available at:
http://www.mail-archive.com/whatsup_forum%40list.ipswitch.com/
