Created on 05-15-2023 09:50 PM Edited on 08-22-2024 11:59 PM By Jean-Philippe_P
Description
This article describes a way to troubleshoot SNMP traps that are not sent by the FortiGate.
Scope
FortiGate.
Solution
To verify if the SNMP port 161 is in use by FortiGate, use the following command to show a corresponding entry:
diag sys udpsock | grep 161
0.0.0.0:2668->0.0.0.0:0 state= txq=0 rxq=0 uid=0 inode=90161112 process=337/dnsproxy
In this case, 161 is not part of the port (x.x.x.x:161): it is a coincidence. In the above output, port 161 is closed (in the current VDOM).
Possible cause: 'ha-direct' may be enabled on the SNMP user / community.
For SNMPv2:
config system snmp sysinfo
set status enable
set description "Dublin"
set contact-info "fortinet@example.com"
set location "Dublin, Ireland"
end
config system snmp community
edit 2
set name "Enter here the Community name"
config test
edit 1
set ip 10.5.6.100 255.255.255.255
set ha-direct disable
next
end
set query-v1-status disable
set trap-v1-status enable
set events cpu-high mem-low log-full intf-ip vpn-tun-up vpn-tun-down ha-switch ha-hb-failure ips-signature ips-anomaly av-virus av-oversize av-pattern av-fragmented fm-if-change bgp-established bgp-backward-transition ha-member-up ha-member-down ent-conf-change av-conserve av-bypass av-oversize-passed av-oversize-blocked ips-pkg-update ips-fail-open temperature-high voltage-alert power-supply-failure faz-disconnect wc-ap-up wc-ap-down fswctl-session-up fswctl-session-down load-balance-real-server-down device-new per-cpu-high dhcp pool-usage ospf-nbr-state-change ospf-virtnbr-state-change
next
end
To verify if the SNMP process is listening again via a command:
diag sys udpsock | grep 161
->0.0.0.0:0 state= txq=0 rxq=0 uid=0 inode=90220553 process=19744/snmpd <- Port 161 is in use.
0.0.0.0:2668->0.0.0.0:0 state= txq=0 rxq=0 uid=0 inode=90161112 process=337/dnsproxy
Related article:
Technical Tip: View which ports are actively open and in use by FortiGate
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.