FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Not applicable
Article Id 194269

Article

This technical note describes how to monitor a FortiGate unit’s system resources using SNMP polling.

PRTG Traffic Grapher is an easy-to-use Microsoft Windows application that monitors network parameters using SNMP. The software is available for download at www.paessler.com. The Freeware edition enables you to monitor one type of resource. The software also enables email alerts based on configured thresholds.

Configuring the FortiGate to allow SNMP polling

You must first configure the FortiGate unit to allow SNMP polling. There are three steps to enabling SNMP polling:

  • Enable the SNMP agent
  • Create a new Community
  • Activate SNMP on the interface.

Enable the SNMP agent

To configure the FortiGate unit

  1. Go to System>Config>SNMP v1/v2c.
  2. Select Enable for the SNMP Agent.
  3. Enter a Description, Location and Contact information.
  4. Select Apply.

Creating a new Community

To create a new Community

  1. Go to System>Config>SNMP v1/v2c.
  2. Select Create New.
  3. Enter a Community Name.

    Leave the remainder of the settings as the default.

    To make a secure community, specify IP addresses that will be allowed to pool the FortiGate unit with SNMP. You can also define which interface the IP addresses will be allowed to communicate with the FortiGate unit.

  4. To do this, enter the IP addresses, select the Interface and select Add. Select OK.

Activating SNMP on the Interface

To activate SNMP

  1. Go to System>Network>Interface.
  2. For the interface allowing SNMP traffic, select Edit.
  3. Select SNMP for Administrative Access.
  4. Select OK.

Configuring PRTG

Use the Add Sensor Wizard to setup a new SNMP sensore for monitoring an interface.

To add a new sensor in PRTG Traffic Grapher

  1. Go to Sensors>Add, and select Next.
  2. Select Custom SNMP Sensor and select Next.
  3. Enter the following in the Device Selection window and select Next:
    Device Name/Alias Enter the name of the FortiGate unit, for example FGT-60.
    IP Address/DNS Name Enter the IP address of the FortiGate unit.
    SNMP Community String Enter the name of the SNMP community created on the FortiGate unit.
    SNMP Port Enter the port number PRTG will use to contact the FortiGate unit.
  4. Enter one of the following OIDs and select Test this OID. When successful, a result will appear in the Value area:
    fnSysCpuUsage 1.3.6.1.4.1.12356.1.8.0
    fnSysMemUsage 1.3.6.1.4.1.12356.1.9.0
    fnSysSesCount 1.3.6.1.4.1.12356.1.10.0
  5. Set the Type as Gauge (absolute value) and select Next.
  6. Enter an appropriate Group name, the Scanning Interval, and select Next.
  7. Select the charting parameters.
  8. Select Finish.

Repeat theses steps for additional resources you want to monitor.

To monitor the display, go to Sensor>Edit or Panel>Edit.

See the related articles for more information.



Related Articles

Where to find the MIB files for FortiGate units - FortiOS MIBs download location

Technical Note : Fortinet OID values to use with SNMP

Technical Tip: SNMP and HA clusters

Contributors