Table of Contents
Advertisement
—Read/write account using SHA-1 Authentication.
sha1_auth_mdsadmin
—Read only account using SHA-1 Authentication and Encryption.
sha1_enc_mdsviewer
—Read only account using SHA-1 Authentication.
sha1_auth_mdsviewer
Context Names
The following Context Names are used (please refer to RFC2574 for full details):
Admin accounts:
context_a
All accounts share the same default passwords:
Authentication default password:
Passwords can be changed either locally (via the console) or from an SNMP Manager, depending on how
the Agent is configured. If passwords are configured and managed locally, they are non-volatile and will
survive a power-cycle. If passwords are configured from an SNMP manager, they will be reset to whatever
has been stored for local management on power-cycle.
This behavior was chosen based on RFC specifications. The SNMP Manager and Agent don't exchange
passwords, but actually exchange keys based on passwords. If the Manager changes the Agent's password
the Agent doesn't know the new password; just the new key. In this case, only the Manager knows the new
password. This could cause problems if the Manager loses the password. If that happens, the Agent becomes
unmanageable. Resetting the Agent's passwords (and therefore keys) to what is stored in flash memory
upon power-cycle prevents the serious problem of losing the Agent's passwords.
If passwords are managed locally, they can be changed on the Agent (via the console). Any attempts to
change the passwords for the Agent via an SNMP Manager will fail when the Agent is in this mode. Locally
defined passwords will survive a power-cycle.
In either case, the SNMP Manager needs to know the initial passwords that are being used in order to talk
to the Agent. If the Agent's passwords are configured via the Manager, then they can be changed from the
Manager. If the passwords are managed locally, then the Manager must be re-configured with any password
changes in order to continue to talk to the Agent.
Password-Mode Management Changes
When the password management mode is changed, the active passwords used by the Agent may also
change. Some common scenarios are discussed below:
Common Scenarios
• Passwords are currently being handled by the Manager. The assigned passwords are
(Auth), and
Rochester
words stored on the radio were Fairport (Auth), and Churchville (Priv) (If local passwords have never
been used, then MDSAuthPwd and MDSPrivPwd will be used). These passwords will now be used
by the Agent to re-generate keys. The Manager will need to know these passwords in order to talk to
the Agent.
• Passwords are currently being managed locally. The local passwords are
(Priv). Configuration is changed to handle the passwords from the Manager. The same pass-
ville
words will continue to be used, but now the Manager can change them.
• Passwords are currently being managed locally. The local passwords are
(Priv). Passwords are changed to
ville
ately generate new keys based on these passwords and start using them. The Manager will have to
be re-configured to use these new passwords.
• Passwords are currently being managed locally. The local passwords are
(Priv). Configuration is changed to handle the passwords from the Manager. The Manager
ville
changes the passwords to
power-cycle, the radio will use the passwords stored in flash, which are
(Priv). The Manager will have to be re-configured to use these new passwords.
ville
05-2806A01, Rev. L
/ Viewer accounts:
context_v
/ Privacy default password:
MDSAuthPwd
(Priv). Configuration is changed to manage the passwords locally. The pass-
Brighton
(Auth) and
Brighton
MDS iNET Series Reference Manual
MDSPrivPwd
(Auth) and
(Priv). The Agent will immedi-
Perinton
(Priv). The radio is then rebooted. After a
Perinton
Microwave
(Auth) and
Fairport
Church-
(Auth) and
Fairport
Church-
(Auth) and
Fairport
Church-
(Auth) and
Fairport
Church-
121
Advertisement
Table of Contents
Troubleshooting
