FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
spoojary
Staff
Staff
Description This article describes about using 3rd party vendors to manage all the device, by get alerts when FortiGate HA status changes in the SNMP managers.
Scope  FortiGate, All Firmware.
Solution

To achieve this, one needs to use an OID.

 

In the Simple Network Management Protocol (SNMP), OID means an 'Object Identifier'.

To define OID, it's an address used to uniquely identify managed devices and their statuses.

In FortiGate there are two SNMP traps so, enable 'HA cluster status change and HA heartbeat interface failure'.

So that when there would be failover, The FortiGate will send ha cluster status change trap to the SNMP managers.

 

1) HA cluster status change (fgtraphastatuschange).

2) HA heartbeat interface failure (fgtraphahbfail).

 

OID for HA in FortiGate are those that can be mention in the SNMP manager.

 

OID TRAPS DESCRIPTION
1.3.6.1.4.1.12356.101.2.0.402 fgTrapHaStateChange

Trap being sent when the HA cluster member changes its state.

1.3.6.1.4.1.12356.101.2.0.401 fgTrapHaSwitch

The specified cluster member has transitioned from a slave role to a master role.

1.3.6.1.4.1.12356.101.2.0.403 fgTrapHaHBFail

The heartbeat device failure count has exceeded the configured threshold.

1.3.6.1.4.1.12356.101.2.0.404 fgTrapHaMemberDown

The specified device (by serial number) is moving to a down state.

1.3.6.1.4.1.12356.101.2.0.405 fgTrapHaMemberUp

A new cluster member has joined the cluster.

 

Once the required OID is mentioned and whenever the OID gets triggered user will receive an alert indicating changes happened as per the OID. 

To get the values, one can do a SNMP walk for the OID values with any free SNMP walk software.

Contributors