Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
vchauhan
Staff
Staff

Created on ‎05-28-2015 02:15 AM

Article Id 197071

Technical Note: How to Configure FortiGate SNMP Agent for Monitoring

Description
This article provides an example of the configuration of the FortiGate SNMP agent and an example SNMP manager so that the SNMP manager can get status information from the FortiGate unit and so that the FortiGate unit can send traps to the SNMP manager.

Scope
FortiOS 5.2.0, FortiOS 5.2.1, FortiOS 5.2.2, FortiOS 5.2.3.

Solution
1. Configuring the FortiGate SNMP agent

Go to System > Config > SNMP. Enable the SNMP Agent and add any necessary information.

Under SNMP v1/v2c, create a new community.

Add the IP address of SNMP manager. If required, change the query and trap ports to match the SNMP manager.

It is possible to add multiple SNMP managers, or set the IP address/Netmask to 0.0.0.0/0.0.0.0 and the Interface to ANY, so that any SNMP manager on any network connected to the FortiGate unit can use this SNMP community and receive traps from the FortiGate unit.

Enable the SNMP Events (traps) that are required. In most cases, leave them all enabled.

2. Enabling SNMP on a FortiGate interface

Go to System > Network >Interfaces and edit the interface connected to the same network as the SNMP manager.

Enable SNMP for Administrative Access.

3. Downloading the Fortinet MIB files and configuring an example SNMP manager

Two types of MIB files are available for FortiGate units: the Fortinet MIB and the FortiGate MIB. The Fortinet MIB contains traps, fields, and information that is common to all Fortinet products. The FortiGate MIB contains traps, fields, and information that are specific to FortiGate units.

Go to System > Config > SNMP and select Download FortiGate SNMP MIB File and Download Fortinet Core MIB File.  Configure the SNMP manager to receive traps from the FortiGate unit.  Install the FortiGate and Fortinet.

4. Results

Use  the SolarWinds SNMP trap viewer.

In the SolarWinds Toolset Launch Pad, go to SNMP > MIB Viewer and select Launch.

Choose Select Device, enter the IP address of the FortiGate unit, and choose the appropriate community string credentials.

Open the SNMP Trap Receiver and select Launch.

The SNMP Trap Receiver will appear.

On the FortiGate unit, perform an action to trigger a trap (for example, change the IP address of the DMZ interface).

Verify that the SNMP manager receives the trap.

Labels:
11561
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.