Skip to main content
rcpdkc
rcpdkc
Explorer II
October 23, 2025
Question

Fortigate SNMP Problem

  • October 23, 2025
  • 4 replies
  • 1205 views

Hello, I've been experiencing issues with SNMP for a few days now. The branch offices have Fortigate firewalls and Fortiswitches. The logs constantly show that the switches are losing and regaining the connection. When I check, everything seems fine. My second issue is that when a user connects their computer to any port, the port lights up green, but the computer doesn't appear. After doing a few pools, the issue resolves itself.

 

sw1.PNG

 

 

4 replies

AEK
SuperUser
AEK
SuperUser
October 23, 2025

Hi

Which FNAC version?

Did you try tcpdump on FNAC to if the traps are properly reaching the NAC when cable is plugged?

AEK
    rcpdkc
    rcpdkcAuthor
    Explorer II
    October 23, 2025

    In such a situation, the device usually obtains an IP address from apipa. I am performing an SNMP test and no problem is apparent. Sometimes it obtains a quarantine IP address and still behaves this way. Version 7.2.4

    adambomb1219
    SuperUser
    adambomb1219
    SuperUser
    October 23, 2025

    Why 7.2.4 and not something newer? Also where is the DHCP server located? What is the path between FortiNAC and the remote site?

      AEK
      SuperUser
      AEK
      SuperUser
      October 23, 2025

      If the issue affects only branch office it is probably due to packet loss, bear in mind SNMP is connectionless, so in case one trap is lost then it is not sent again.

      AEK
        rcpdkc
        rcpdkcAuthor
        Explorer II
        October 24, 2025

        There is an IPSec connection between the headquarters and the branches. There doesn't seem to be any loss in the connections. Even if there is, it should come back after 10 minutes when it automatically pools.

        mbas
        mbas
        Explorer II
        October 23, 2025

        When you pool the FortiGate, FortiNAC connects to it and reads FortiSwitch MAC address table. If you have configured SNMP traps correctly on the switch, FortiNAC should receive an snmp traps event which is "Mac Learned".

         

        Can you connect to the FortiSwitch via CLI and check if the "L2MAC" events are enabled?

        You need to run these commands;

        • show system snmp community

        You should see this output;

        • set events cpu-high mem-low log-full intf-ip ent-conf-change llv l2mac

         

        Can you connect to the FortiNAC server with CLI and try to run this command to see if "Mac Learned" event is sending from FortiSwitch to FortiNAC?

        • execute tcpdump -i any host Switch_IP/Fortigate_IP and port 162
        rcpdkc
        rcpdkcAuthor
        Explorer II
        October 24, 2025

        When I enter this command in Fortiswitch, it doesn't respond. 

        • show system snmp community  , fortiswitches connected with fortilink
        AEK
        SuperUser
        AEK
        SuperUser
        October 26, 2025

        Hi rcp

        Before all I'd first update to 7.2.9 because it is the most stable of version 7.2.

        Then did you follow the this guide for integration?

        https://docs.fortinet.com/document/fortinac-f/7.6.0/fortiswitch-fortilink-integration/365563/overview

        AEK
        Terms & ConditionsAccessibility statement