Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Snmp security

    Scheduled Pinned Locked Moved SNMP
    2 Posts 2 Posters 6.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      skipzoid
      last edited by

      Are there any known security issues when enabling SNMP and allowing access on the WAN interface ?

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        The security offered by snmp v1 and v2 is simple and potentially easy to bypass. All they'd need to do is guess the community string. Even with snmp v3 I wouldn't trust exposing it to the WAN, and I don't think that is supported by bsnmpd as used in pfSense.

        Plus all of that data is sent unencrypted, exposing what could potentially be some private information to sniffing somewhere along the way.

        As with other services, you shouldn't expose things to the world on WAN unless you have no other choice, and even then you can probably do it over a VPN tunnel instead and negate any potential security issues.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.