Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
sramesh1
Staff
Staff

Created on ‎07-15-2025 03:49 AM

Article Id 399227

Technical Tip: FortiGate System Interface Information via SNMP OID

Description

 

This article explains how to retrieve system interface information from a FortiGate firewall using SNMP by querying the appropriate Object Identifiers (OIDs). This is useful for monitoring network interface status, IP assignments, and traffic statistics using an SNMP manager.

 

Scope

 

FortiGate.

 

Solution

 

Prerequisites

  • SNMP is enabled on the FortiGate device.
  • An SNMP community string is configured (for SNMP v1/v2c), or the user and security level are set (for SNMP v3).
  • Have access to an SNMP manager or SNMP polling tool (e.g., snmpwalk, SolarWinds, PRTG, Zabbix).
 

Relevant OID for System Interface Table:
The primary OID to get information about the FortiGate’s interfaces is .1.3.6.1.2.1.2.2.1 (ifTable)

 

| Sub-OID | Description | Example |
|--------------------------|-------------------------------------|---------------------|
| .1.3.6.1.2.1.2.2.1.1 | ifIndex – Interface index | 1, 2... |
| .1.3.6.1.2.1.2.2.1.2 | ifDescr – Interface name | "port1", "wan1" |
| .1.3.6.1.2.1.2.2.1.8 | ifOperStatus – Operational status | 1 = up, 2 = down |
| .1.3.6.1.2.1.2.2.1.10 | ifInOctets – Bytes received | Counter |
| .1.3.6.1.2.1.2.2.1.16 | ifOutOctets – Bytes transmitted | Counter |
| .1.3.6.1.2.1.4.20.1.2 | IP address to interface index | For IP mapping |

 

Example SNMP Command (Linux / CLI):


snmpwalk -v2c -c public 192.168.1.99 .1.3.6.1.2.1.2.2.1.2 <----- Returns the names of all configured interfaces on the FortiGate.

 

To get operational status:


snmpwalk -v2c -c public 192.168.1.99 .1.3.6.1.2.1.2.2.1.8

 

Additional OIDs (Useful for Interfaces)


.1.3.6.1.2.1.4.20.1.1 – IP addresses configured on the system
.1.3.6.1.2.1.31.1.1.1.18 – Interface alias/description
.1.3.6.1.2.1.31.1.1.1.6 – High capacity ifInOctets
.1.3.6.1.2.1.31.1.1.1.10 – High capacity ifOutOctets

 

Note:

  • FortiGate supports standard MIB-2 OIDs (IF-MIB) for interface queries.
  • Custom Fortinet MIBs (e.g., FORTINET-FORTIGATE-MIB) can offer more advanced per-interface metrics.
  • Ensure SNMP access is permitted and that credentials are properly configured.

 

By using standard SNMP OIDs, administrators can monitor FortiGate interface status and traffic metrics efficiently. Ideal for integration with network monitoring tools.

824
0 Kudos
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.