Technical Note: Test Read/Write SNMP Security Stri...

FortiNAC

NOTE: FortiNAC is now named FortiNAC-F. For post-9.4 articles, see FortiNAC-F. FortiNAC is a zero-trust network access solution that provides users with enhanced visibility into the Internet of Things (IoT) devices on their enterprise networks.

Article Id 195868

Description

Test Read/Write SNMP Security Strings

Solution

To validate whether or not a community string is Read/Write on a wired switch, attempt to change the admin status of one of its ports in Network Sentry. If the string is read only, this test will not be successful.

Linux command:
snmpset -v1 -c <community string> <switch ip address> interfaces.ifTable.ifEntry.ifAdminStatus.<port number> i <admin state>

Admin state value:

2 = down

1 = up

Example 1: Disable port 3
snmpset -v1 -c private 192.168.34.15 interfaces.ifTable.ifEntry.ifAdminStatus.3 i 2

IF-MIB::ifAdminStatus.3 = INTEGER: down(2)

Example 1: Enable port 3
snmpset -v1 -c private 192.168.34.15 interfaces.ifTable.ifEntry.ifAdminStatus.3 i 1

IF-MIB::ifAdminStatus.3 = INTEGER: up(1)

1309

Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Technical Note: Test Read/Write SNMP Security Strings