Skip to main content
A
Anonymous_User
Contributor
December 13, 2010
Question

verify SNMP settings

  • December 13, 2010
  • 13 replies
  • 21915 views
Hi All, I recently configured SNMP settings for fortigate-60B. I would like to know how can I verify that SNMP settings are working as they should be. I have not received any traps of my SNMP manager uptil now. Thanks

    13 replies

    abelio
    SuperUser
    abelio
    SuperUser
    December 13, 2010
    hello and welcome, did you compile or added the Fortinet MIB to your snmp manager database?
    A
    Anonymous_UserAuthor
    Contributor
    December 14, 2010
    thanks for the reply abelio. I am using labtech to monitor the fortinet devices. In labtech there is no option of compiling or adding MIBs. You create SNMP monitor or SNMP trap and give it the relevant OID and it starts listening for that OID. I did download relevant MIB files and gave my SNMP traps relevant OIDs for fortinet devices. I have got other SNMP traps working in the same way, for example SNMP traps for printers, servers etc. In Fortinet bit, I configured SNMP by enabling it in configuration, creating community and then enabling it on interface. is that right?
    willem
    willem
    New Member
    December 14, 2010
    Hi and welcome, there' s probably a diag command to start sending snmp, but I don' t know it by heart. What you can always do, is start a sniffer via the CLI to find out if the firewall is sending out SNMP-traffic (command: diagnose sniffer packet any " port 162" 4). W.
    ede_pfau
    SuperUser
    ede_pfau
    SuperUser
    December 14, 2010
    AFAIK you don' t need to ' start' SNMP. Get a tool like getif (SNMP MIB browser), compile the Fortinet MIB and walk the tree. To test a trap just produce one: link down is one, or any you' ve configured in the SNMP config. Sniffing as a last resort. UDP/161 for messages, UDP/162 for traps.
    willem
    willem
    New Member
    December 14, 2010
    Hi Ede, I didn' t express myself correctly. What I meant is that there' s probably a diag command that triggers the firewall to send a test trap of some kind.
    A
    Anonymous_UserAuthor
    Contributor
    December 14, 2010
    thanks both of you. may be thats right, there is a capability of sending some test trap because i saw a test trap OID in the Fortinet MIB. I`ll report back shortly after carrying out the recommendations from you guys.
    A
    Anonymous_UserAuthor
    Contributor
    December 14, 2010
    okay, got it working, thanks every one for the help & support and warm welcome into the community. cheers
    nvelocity
    nvelocity
    New Member
    April 20, 2011
    What got it working for you? If you find an answer, share it. Others may have the same problem.
    ede_pfau
    SuperUser
    ede_pfau
    SuperUser
    April 20, 2011
     gate # diag snmp trap send   Generating test trap...  Test trap successfully sent to snmp daemon.
    BTW this attitude is uncommon in these forums but there are exceptions.
    nvelocity
    nvelocity
    New Member
    April 20, 2011
    Thanks for the info. I guess I wasn' t clear and misread part of the thread. I am looking for the OID to measure in/out traffic on the WAN interface. I' ve used getif to walk the tree but I can' t find this simple measurement and I know my SNMP is working. I am already loggin in MRTG but I want to add WAN traffic to a monitoring system that only asks for OID. Anyone have this specific info?
    ede_pfau
    SuperUser
    ede_pfau
    SuperUser
    April 20, 2011
    Then get the MIB, it documents all OIDs. To be found on the ftp site, firmware, Fortigate, current release, subfolder SNMP.
    Show more replies
    Terms & ConditionsAccessibility statement