SNMP V 1, 2, 3 and Your Xerox Printers

Simple Network Management (SNMP) seems to be a popular subject over on the Xerox Community Support Forum. There are hundreds of views every month of solutions regarding the use and disabling of SNMP.  Let’s look at what the forum and the online support say about this protocol.

SNMP is used in network management systems to monitor and manage network-attached devices for conditions that require administrative attention. It consists of a set of standards for network management including an application layer, a database schema, and a set of data objects.

The SNMP is used to report issues such as the machine going offline or paper jam occurrences. Occasionally, SNMP Status will incorrectly report the machine as offline. The incorrect status will cause Microsoft Windows clients to stop printing. To resolve this issue, disable SNMP Status over the Standard TCP/IP Port.

SNMP settings can be configured in CWIS. You can use the SNMP configuration pages in CentreWare Internet Services to:

• Enable or disable Authentication Failure Generic Traps.
• Enable SNMPv3 to create an encrypted channel for secure printer management.
• Assign privacy, authentication protocols, and keys to Administrative and key user accounts.
• Assign read and write access to User accounts.
• Limit SNMP access to the printer using hosts.

Agents, or software modules, reside in the printer’s SNMPv3 engine. A manager is a SNMPv3 management application, such as OpenView, that is used to monitor and configure devices on the network. The agent responds to read (GET) and write (SET) requests from the manager and can also generate alert messages, or Traps, based on certain events.

The following instructions may not be the exact instructions for your model of printer or multifunction device but the topics and process are generally the same.  For exact step-by-step instructions please search on SNMP in the knowledge base for your model of machine.

To enable (or disable) SNMP:

1. Login to CWIS / Embedded Web Server as the Administrator. The default username is “admin”, and the default password is “1111”.
2. Click on the [Properties] tab.
3. Click on [Connectivity] to expand the list of options.
4. Click on [Port Settings].
5. Click on the [Enabled] check box next to SNMP to insert a check mark. To disable SNMP, click to remove the check mark.
6. Select [UDP] or [IPX] to enable these transport protocols, if necessary.
7. If SNMP was enabled and needs to be configured, continue with the next step; otherwise, skip to step 16.

To configure SNMP v1/v2:

1. In the Embedded Web Server, log in as administrator, then click Connectivity.
2. In the Protocols area, click SNMP.
3. For Port, click the toggle button.
4. For Send Authentication Error Traps, click the toggle button.
5. Click SNMPv1/v2.
6. If needed, for Community Name Read Only, type an SNMP GET name.
7. If needed, for Community Name Read/Write, type an SNMP SET name.
8. If needed, for Default Trap Community Name, type an SNMP trap name.
9. In the System Administrator Login ID area, type the login ID for the administrator.
10. You can set Trap Destinations for LAN1 and Wi-Fi. For Trap Destination:
    1. Click an available field.
    2. Select the address type. Options include IPv4, IPv6, or Host Name.
    3. For IP Address/Host Name and Port, type the IP address or the network host name for the Trap Destination, then type the port number.
    4. For Trap Community Name, type a name.
    5. For Traps to Be Received, select the traps that the SNMP manager receives. For each item, enable the toggle button.
    6. Click OK.
11. Click OK.

SNMPv3 is the current standard version of SNMP defined by the Internet Engineering Task Force (IETF). It provides three important security features:

• Message integrity to ensure that a packet has not been tampered with in transit.
• Authentication to verify that the message is from a valid source.
• Encryption of packets to prevent unauthorized access.
• If SNMP v3 Protocol was selected, perform the following; otherwise, continue with the next step.

To configure SNMP v3

1. Click on [Edit SNMP v3 Properties].
2. Under Administrator Account, click on [Account Enabled] to create the administrator account.
3. Enter an Authentication password in the field provided, and then confirm the password. This password is used to generate a key used for authentication. NOTE: The password must be at least 8 characters in length and can include any characters except control characters.
4. Enter a Privacy password and confirm it. This password is used for encryption of SNMPv3 data. The pass phrase used to encrypt the data needs to match with the Server.
5. Under Print Drivers/Remote Clients Account, click on [Account Enabled].
6. Click on [Apply] and return to the SNMP Configuration window.
7. Under Authentication Failure Generic Traps, click on the check box next to [Enabled] to generate a trap for every SNMP request that is received by the printer that contains an invalid community name.
8. To add IP Trap destination addresses, click on [Advanced]; otherwise, continue with the next step.
   1. Under Trap Destination Addresses, click on [Add UDP IPv4 Address] or [Add UDP IPv6 Address].
   2. Enter the IP address of the host running the SNMP manager application to be used to receive traps. NOTE: Port 162/UDP is the default port for traps. You can select v1 or v2c based on what the trap receiving system supports.
   3. Under Traps, select the type of Traps to be Received by the SNMP manager.
   4. Click on [Apply] to accept the new settings or [Undo] to retain the previous settings.
9. Click on [Apply]. A “Settings have been changed” message will be displayed.
10. Click on [Reboot Machine]. A “Do you want to reboot?” message will be displayed.
11. Click on [OK].
12. Click on the [Logout] link in the upper, right corner to logout of CWIS.

Need more information or support on SNMP? Please consider posting a message to the Xerox Community Support Forum or contact your local support centre.