Technical Tip: How to change the FortiGate source IP to send SNMP traffic across IPsec VPN
| Description | This article describes the command needed to source SNMP traffic from FortiGate using an internal address routable in the IPsec VPN tunnel to reach a SNMP server on a remote network. |
| Scope | FortiGate. |
| Solution | By default, the FortiGate will use the routing table to send SNMP traffic. To route the traffic via the tunnel interface, the 'set source-ip' command needs to be added as follows:
config system snmp community set name <community name> config hosts edit <ID> set source-ip x.x.x.x <- Set an address which belongs to a local network in VPN phase2 selectors. next end next end
For SNMPv3:
config system snmp user set source-ip x.x.x.x <- Set an address which belongs to a local network in VPN phase2 selectors. next end
|