Description
This article describes how to configure SNMP on FortiAP managed by FortiGate.
Helpful Links.
Page#50 SNMP config and implementation https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/daf31b55-67cc-11ea-9384-005056...
Page#112 Downloading FortiAP and Fortinet Core MIB files, FortiAP SNMP trap messages, FortiAP SNMP queries https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/c3f3bf9d-a5fd-11ea-8b7d-005056...
Solution
This feature enables SNMP directly on FortiAP by implementing a SNMPD daemon/subagent on the FortiAP side.
FortiAP-S and FortiAP-W2 version 6.2.0 and later support Simple Network Management Protocol (SNMP) queries and trap messages based on wireless-controller SNMP settings configured on FortiGate.
FortiAP-S and FortiAP-W2 support all SNMP versions (v1,v2,andv3).
Find the below steps to enable FortiAP direct SNMP along with SNMP host configuration.
To configure SNMP operation settings per VDOM:
# config wireless-controller snmp
set engine-id "fap-fortinet"
set contact-info "fosqa@fortinet.com"
set trap-high-cpu-threshold 80
set trap-high-mem-threshold 80
# config community
edit 1
set name "MP-fap-comm-1"
set status enable
set query-v1-status enable
set query-v2c-status enable
set trap-v1-status enable
set trap-v2c-status enable
config hosts
edit 1
set ip 172.16.200.55 255.255.255.255 <----- This an example (IP address of SNMP host server).
next
end
next
end
# config user
edit "fap"
set status enable
set queries enable
set trap-status enable
set security-level no-auth-no-priv
next
end
end
To allow SNMP access in FortiAP profiles or per FortiAP.
# config wireless-controller wtp-profile
edit FAP423E-default
append allowaccess snmp
next
end
