FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
spoojary
Staff
Staff
Article Id 216711
Description This article describes using 3rd party vendors to manage all the devices, by getting alerts when FortiGate HA status changes in the SNMP managers.
Scope  FortiGate, All Firmware.
Solution

To achieve this, one needs to use an OID.

 

In the Simple Network Management Protocol (SNMP), OID means an 'Object Identifier'.

To define OID, it's an address used to uniquely identify managed devices and their statuses.

In FortiGate, there are two SNMP traps, so enable 'HA cluster status change and HA heartbeat interface failure'.

So that when there is a failover, the FortiGate will send a HA cluster status change trap to the SNMP managers.

 

  1. HA cluster status change (fgtraphastatuschange).
  2. HA heartbeat interface failure (fgtraphahbfail).

 

OIDs for HA in FortiGate are those that can be mentioned in the SNMP manager.

 

OID TRAPS DESCRIPTION
1.3.6.1.4.1.12356.101.2.0.402 fgTrapHaStateChange

The trap is sent when the HA cluster member changes its state.

1.3.6.1.4.1.12356.101.2.0.401 fgTrapHaSwitch

The specified cluster member has transitioned from a secondary role to a primary role.

1.3.6.1.4.1.12356.101.2.0.403 fgTrapHaHBFail

The heartbeat device failure count has exceeded the configured threshold.

1.3.6.1.4.1.12356.101.2.0.404 fgTrapHaMemberDown

The specified device (by serial number) is moving to a down state.

1.3.6.1.4.1.12356.101.2.0.405 fgTrapHaMemberUp

A new cluster member has joined the cluster.

 

Once the required OID is mentioned and whenever the OID gets triggered user will receive an alert indicating changes happened as per the OID. 

To get the values, one can do an SNMP walk for the OID values with any free SNMP walk software.

Related article:
Technical Tip: OIDs for monitoring HA