Issue: Network Sentry is not receiving any SNMP traps from HP/Aruba Switches.
This behavior can occur if the public community name was removed or changed on the switch. Refer to pages 10-19 to 10-21 of the following document from HP:
ftp://ftp.hp.com/pub/networking/software/59903016_e5.pdf
"A trap receiver is a management station designated by the switch to receive SNMP traps sent from the switch. An authentication trap is a specialized SNMP trap sent to trap receivers when an unauthorized management station tries to access the switch.
Note: Fixed or “Well-Known” Traps: The Series 5300XL Switches automatically sends fixed traps (such as “coldStart”, “warmStart”, “linkDown”, and “linkUp”) to trap receivers using the public community name. These traps cannot be redirected to other communities. Thus, if you change or delete the default public community name, these traps will be lost.
Syntax: snmp-server host < community-string > < ip-address > "
Solution:
1. Configure the switch to send traps to Network Sentry Control Server eth0 IP address using the public community name.
2. Ensure SNMP traffic is not blocked:
UDP 161 (SNMP communication for management)
UDP 162 (SNMP traps)
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.