|
If the SNMP has been configured and the snmpwalk has not been received successfully, refer to the below points that must be considered when configuring SNMP in FortiGate.
- Check in which interface of FortiGate the SNMP request is sent. Make sure the SNMP service is enabled on that interface.
- If the trusthost is configured under administrator settings, make sure snmpserver IP is configured as trusthost under administrator setting.
Refer to the below link to understand how to add the device in trusthost under the administrator setting:
Technical Tip: System administrator best practices
- If the HA direct is enabled, make sure the SNMP service must be enabled on that dedicated management interface.
- If the HA dedicated management port is configured, make sure to have ha-direct enabled under the SNMP setting. Refer to Technical Tip: How to Configure FortiGate SNMP Agent for Monitoring for steps to enable ha-direct under SNMP settings.
- Make sure that snmp sysinfo is enabled in the configuration:
config system snmp sysinfo
set status enable
If there is still the issue, collect the below logs and share them with the TAC:
Terminal 1:
diag sniffer packet any "host x.x.x.x and port 161" 6 0 l <----- x.x.x.x=snmp server IP address.
Terminal 2:
diag sniffer packet any "host x.x.x.x and port 161" 4 0 l <----- x.x.x.x=snmp server IP address.
Terminal 3:
get router info routing-table details x.x.x.x <----- x.x.x.x=snmp server IP address.
Terminal 4:
diag debug application snmpd -1
diag debug enable
Now perform snmpwalk from the snmpserver. Once the error message appears in snmpserver, stop the above debug using the below command:
For terminal 1 and terminal 2:
Press Ctrl+C
For terminal 4:
diag debug disable
|
