Skip to main content
Bigred38
Bigred38
New Member
July 22, 2022
Question

SNMP problem

  • July 22, 2022
  • 2 replies
  • 1770 views

Hello I have 2 fortinet 101E in high availability.

I try to do snmp on my 2 fortinet to know their state.

HA IP: XX.XX.30.10

IP forti 1: XX.XX.31.1

IP forti 2: XX.XX.31.2

 

First problem, the name of the forti for the snmp is the same.

 

If I go to snmp from my poller on the ip XX.XX.30.10 it works.

My poller has a virtual ip in XX.XX.31.10, but when I want to do an snmpwal on IP XX.XX.31.1 I have a timeout.

I followed this: here 

When I do this:

  • diagnostic test application snmpd 99

My value of

  • snmpd:set mac_host_timeout is 0

Here is my setup:

config system snmp community edit 1 set name "public" config hosts edit 1 setip 10.240.31.10 255.255.0.0 next end set query-v1-status disable set trap-v1-status disable set events cpu-high mem-low log-full intf-ip vpn-tun-up vpn-tun-down ha-switch ha-hb-failure ips-signature ips-anomaly av-virus av-oversize av-pattern av-fragmented bgp-established bgp-backward-transition ha-member-up ha-member-down ent-conf-change av-conserve av-bypass av-oversize-passed av-oversize-blocked ips-pkg-update ips-fail-open faz -disconnect wc-ap-up wc-ap-down fswctl-session-up fswctl-session-down next end

2 replies

A
Anonymous_User
Contributor
July 25, 2022

Hello @Bigred38 ,

 

Thank you for using the Community Forum.

 

I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.

 

Regards,

   Fortinet Community Team.
A
Anonymous_User
Contributor
July 26, 2022

Hi @Bigred38 ,

 

By default, you only can monitor active unit only. Either Unit1 or Unit2.
If you need to monitor both unit, this required "ha-direct" to be enabled. 

This reference will be helpful: https://community.fortinet.com/t5/FortiGate/Technical-Tip-FortiGate-SNMP-polling-via-the-dedicated-HA/ta-p/196034

 

Hope that helps.

Terms & ConditionsAccessibility statement