To enable SNMP on Sophos UTM firewalls, you’ll first need administrator access to the device, and be logged into the administrative console.
Basic Settings - SNMPv2c
- From the left-hand menus, navigate to Management, then SNMP.
- Under the Query tab, enable SNMP queries.
-
Under SNMP Version, select SNMP v2c.
- Under SNMP Access Control, select the “+” symbol in the Allowed Networks box to add allowed networks which can access your firewall via SNMP. You can either allow it for all networks or limit it to the Auvik collector’s IP address.
- Add your SNMP community string.
- Click on Apply to save your configuration.
Note – Allowed characters for the community string are: (a-z), (A-Z), (0-9), (+), (_), (@), (.), (-), (blank).
SNMPv3
If you're looking to set up SNMPv3, choose the version accordingly on the previous “Basic Settings” step:
- From the left-hand menus, navigate to Management, then > SNMP.
- Under the Query tab, enable SNMP queries. Click on SNMP Query and enable SNMP.
- Under SNMP Version, select SNMPv3.
Once you select v3, the menu will change. Instead of the community string field in the Allowed Networks box, you will see sections to configure users (see screenshot below).
- Add the SNMPv3 username.
- Add a password for this user. The password must be at least eight characters long.
-
SNMPv3 uses SHA for authentication and AES for encryption. Note that username and password are used for both of them.
- Click on Apply to save your configuration.
All done! Your Sophos UTM firewall can now be discovered and monitored using Auvik.