FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Article Id 267941

This article describes troubleshooting steps to undertake when an SNMP query from the SNMP manager to the firewall fails.

Scope All FortiGate models.

First, verify that there are indeed packets being sent from the SNMP manager to the firewall. To do so, run the following CLI command:


diag sniffer packet any 'host SNMP-manager-ip' 4 0 a


After executing this command, send an SNMP query from the SNMP manager to make sure there are packets reaching the firewall. If the packets do not reach the firewall, validate the internal network.


The SNMP manager IP must be added under System -> SNMP -> SNMP V2 or SNMP V3 settings as shown below:




Also, SNMP should be enabled in the corresponding firewall interface as shown in the image below:



Important: the SNMP community names mentioned in the firewall and the SNMP manager must be same.

For example: in the following SNMP setting, the SNMP community name was configured as 'public', so the same should be defined in the SNMP manager.




If the problem persists after verifying all of these settings, contact TAC for further support.