FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
sbaikadi
Staff
Staff
Description This article describes retrieving information via SNMP from FortiGate 6000 and 7000 Series.
Scope

FortiGate 6000 and 7000 all versions.

Solution

On FortiGate-6000 and 7000 series Chassis, SNMP information should be pulled from different slots for accurate information as the port numbers changes for each slot on the chassis.

 

Prerequisite:

Configure SNMP on FortiGate and allow SNMP access on management interface

 

Example:

 

FortiGate chassis have SNMP configured, running with V1 version and community as public.

 

To get the number of sessions is necessary to poll the MIB ID = 1.3.6.1.4.1.12356.101.4.1.8.0.

 

If 10.1.1.15 is the management IP of the FortiGate firewall:

 

From SNMP server, polling on default port (161) gives number of sessions from motherboard:

 

snmp-server:~$ snmpget -v1 -cpublic 10.1.1.15 1.3.6.1.4.1.12356.101.4.1.8.0

iso.3.6.1.4.1.12356.101.4.1.8.0 = Gauge32: 269

 

To get the number of sessions from Slot1, use port number 16101

 

snmp-server:~$ snmpget -v1 -cpublic 10.1.1.15:16101 1.3.6.1.4.1.12356.101.4.1.8.0.

 

iso.3.6.1.4.1.12356.101.4.1.8.0 = Gauge32: 1287

 

For Slot2, use port number 16102

 

snmp-server:~$ snmpget -v1 -cpublic 10.1.1.15:16102 1.3.6.1.4.1.12356.101.4.1.8.0.

 

iso.3.6.1.4.1.12356.101.4.1.8.0 = Gauge32: 1196

 

Similarly use the respective port number of each slot to get the required information for the SNMP MIB from that slot.

 

Information regarding port numbers for all slots on the chassis:

 

6000 Series: https://community.fortinet.com/t5/FortiGate/Technical-Tip-Port-Numbers-to-Login-Connect-to-individua...

 

7000 Series:

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Port-Numbers-to-login-connect-to-individua...

Contributors