SNMP OID ACL possible?

Forum|Forum|7 years ago
December 13, 2018
1 reply
3650 views

I have a client that recently started using a cloud hosted LOB application with an IPSEC Site 2 Site tunnel. The vender wants to be able to connect via SNMP to monitor the interface for any performance or connection issues.

I am not familiar with SNMP on Fortigates but I am concerned about giving too much information. I don't want them accessing sensitive system/policy OIDs...

The SNMPv3 standard does have provisions for OID user permission (ACL) I think? Does FortiGate support any of this? I know it is not exposed in the GUI.

Am I being too paranoid?

Thanks,

emnoc

New Member

Am I being too paranoid?

;) yes.... but it's safe to be safer.

What your asking for are snmp-views and I believe FortiOS does not support that level of views yet to allow certain users the rights to read specific OIDs

J13224Author

Explorer

Thanks for the response!

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded