Technical Tip: SNMPv3 monitoring of BGP/OSPF in multiple VDOMs

In general, only management VDOM can return information about device.

But there is expectation, that BGP/OSPF will be running also on different VDOMs, not only in management.

With SNMPv2, you can do this via community. With SNMPv3, it is possible to do it with username.

Unit has 2 VDOMs. Root is management, LAB is VDOM with BGP/OSPF.

To query for SNMPv3 information from other VDOMs, this is the syntax:

snmpwalk -v3 -l authPriv -u username-VDOM -a SHA -A "PASSWORD1" -x AES -X "PASSWORD1" IP_ADDRESS OID

So if only username is used, information will be from management VDOM, in this case root.

If username-LAB syntax is used, information will be from LAB VDOM.

snmpwalk -v3 -l authPriv -u user-LAB -a SHA -A fortinet -x AES -X fortinet 10.109.21.93 1.3.6.1.2.1.15
iso.3.6.1.2.1.15.1.0 = Hex-STRING: 10
iso.3.6.1.2.1.15.2.0 = INTEGER: 65119 < Local AS number
iso.3.6.1.2.1.15.4.0 = IpAddress: 0.0.0.0