Feb 08,2010 00:00
The SNMP community string is a shared “secret” among the SNMP management station and the SNMP network agents being managed. This is called a community key because it can be used to define a data-exchanging group of agent and management stations within a larger network. The default key for the PIX Firewall, like many network devices, is public. This is also a routine default entry in most sniffer, mapping, or other reconnaissance tools, so common sense says to change it.
The PIX Firewall uses the community key to determine if the incoming SNMP request is valid. Use the configuration mode snmp-server community command to enter the key value used by the SNMP management station(s). The key is case sensitive and can be up to 32 characters long. No spaces are allowed. Typing a new snmp-server community command replaces the default public entry or any other existing community key. Use the no form of the command to turn off the feature. The syntax is