| Description | This article describes how to enable non-management VDOMs queries using SNMP v3 on FortiOS 7.6. |
| Scope | FortiGate. |
| Solution |
Although non-management and management VDOMs perform queries using SNMP v3, the example below shows how to enable a non-management VDOM to send queries.
In the topology below, Device01 IP Address 192.168.2.100 connects to the port on FortiGate for the non-management VDOM, and SNMP v3 queries from non-management VDOMs are enabled.
Device02 IP Address 192.168.1.200 connects to the port on FortiGate for the management VDOM. With this configuration, SNMP queries are performed by both the non-management and the management VDOMs.
FortiGate offers the following commands to enable this configuration.
Enable non-management VDOM queries:
show full-configuration
config system snmp sysinfo
set non-mgmt-vdom-query disable <- Enable.
end
This example uses the SNMP walk to confirm that both management and non-management VDOMs are performing SNMP queries to Device01 and Device02.
DEVICE01:~$ snmpwalk -v3 -u v3user 192.168.2.100 1.3.6.1.4.1.12356.101.5.1.2.1.1.1
FORTINET-FORTIGATE-MIB::fgFwPolID.1.0 = INTEGER: 0
FORTINET-FORTIGATE-MIB::fgFwPolID.1.1 = INTEGER: 1
FORTINET-FORTIGATE-MIB::fgFwPolID.2.0 = INTEGER: 0
DEVICE02~$ snmpwalk -v3 -u v3user 192.168.1.200 1.3.6.1.4.1.12356.101.5.1.2.1.1.1
FORTINET-FORTIGATE-MIB::fgFwPolID.1.0 = INTEGER: 0
FORTINET-FORTIGATE-MIB::fgFwPolID.1.1 = INTEGER: 1
FORTINET-FORTIGATE-MIB::fgFwPolID.2.0 = INTEGER: 0
|
