In SNMPv1 and v2c, does it matter if I leave the community string set to public? I have left it at public and also changed it to something else, but I still get the traps, so it seems it doesn't matter. What is it really for?
In SNMPv1 and v2c the community string was used to authenticate the SNMP management station and SNMP agent. Here is how it is works:
Whenever any SNMP management station sends a request to get or set some data on an SNMP agent, it also sends the community string, which is configured in it along with the request. When the request reaches the SNMP agent, it tries to match this community string with the one you have defined in the agent. If the two strings match, then the SNMP agent answers the request. If not, it rejects the request as an unauthorized request. This way, you can stop unauthorized SNMP management stations from changing parameters on your SNMP agents. Now the important part – you should never leave the community string to public on any of your SNMP agents. This is the default community string, and this way you expose your SNMP agent to any SNMP management station. Anyone with an SNMP manager software installed on his/her PC can make changes to your SNMP agents. So it's always better to change the community string to something else.
Dig deeper on Network Hardware
Related Q&A from Retired expert - Nandan Gijare
Is it possible to connect PRI interface using a E1 link?continue reading
Can I connect two computers through Ethernet on a WAN?continue reading
Our networking expert explains how you can determine the peak bandwidth of a WAN connection in your enterprise network, in this expert answer.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.