FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Hassan09
Staff
Staff
Article Id 271323
Description This article describes how to configure SNMP polling for both instances within a FortiGate HA cluster deployed in Microsoft Azure. In some scenarios, only the Master instance is being polled via SNMP while the Secondary instance is not polled using SNMP
Scope FortiGate in public cloud.
Solution

This article outlines the steps to ensure both instances are accessible through SNMP polling.

 

Enable SNMP Service on Port4.


To establish SNMP communication with the FortiGate HA cluster instances, SNMP service must be enabled on Port4, the default management port. Follow these steps:

 

config system interface

edit "port4"

set ip 10.10.10.4 255.255.255.228

set allowaccess ping https ssh snmp

next

end


Configure SNMPv2 polling.


For SNMPv2 polling, follow these steps:

 

config system snmp community

edit 1

config hosts

edit 1

set ha-direct enable

next

next

end


Configure SNMPv3 Polling.


For SNMPv3 polling, follow these steps:

 

config system snmp user

edit 1

set ha-direct enable

next

end

 

It is possible to limit SNMP access to specific IP addresses for security.

 

 config system snmp community

edit 1

config hosts

edit 1

                                set source-ip SOURCE_IP_ADDRESS   

     next

 next

 end


By following these steps, SNMP polling can be successfully configured for both instances within a FortiGate HA cluster in the Microsoft Azure environment. This ensures that both the Master and Secondary instances can be polled via SNMP, enhancing the monitoring and management capabilities of the cluster.