FortiMonitor is a holistic, SaaS-based digital experience and network performance monitoring solution which combines monitoring, network incident management, automation, and network configuration management into a single source of truth
Article Id 214781

This document will help in troubleshooting/isolating the issue with the connectivity between our Onsight and a network device.

Scope FortiMonitor, Onsight, Network Devices.

Few considerations of network topology:


1) FortiGate and Onsight reside in different network.


2) FortiGate's IP is and Onsight's IP is


The first step is to verify the connectivity from Onsight to FortiGate: 


- Let's run the 'ping' command from the host of the Onsight  to FortiGate to check the connectivity. 






- If the ping FAILS run the 'traceroute' command from the host machine to check the path/hops between the Onsight and the FortiGate and isolate the connectivity issue.


# traceroute


- Once the connectivity is successful, run the 'nmap' command from Onsight to verify if port 161 (SNMP service) is 'open':


# sudo nmap -sU -p 161




- Once, the connectivity and port check is confirmed between the Onsight and FortiGate, we can apply captures to verify if the packet is exiting correctly from Onsight and then reaching the FortiGate.


The second step is to apply the captures on FortiGate and Onsight:


1) Applying capture on Onsight.


- To apply captures on Onsight we will be using the 'tcpdump' utility tool, and the command is as follows:


tcpdump -A -w <capture name>.pcap -i <interface name> dst <destination IP>​


- Below is an example of the actual command from Onsight.


tcpdump -A -w capture1.pcap -i ens160 dst​


- Note: ens160 is the Onsight NIC interface, which might differ. It can be verified by running the command 'ifconfig'.


- To view the TCP dump, run the below command:


tcpdump -r <capture name>​


- In this example, it would be tcpdump -r capture1.pcap.


2) Applying captures on FortiGate:


- To apply captures on FortiGate, navigate to the CLI of FortiGate and run the command:


# dia sniffer packet any ‘host <IP address> and port <port no>’ 4 0


Example command:


# dia sniffer packet any ‘host and port 161’ 4 0​


- Once both the captures are applied, try onboarding the network device on FortiMonitor via SNMP and then view the captures to identify the issue.


Note: For this document, FortiGate is used as a network device. To apply the captures to the non-Fortinet network device, refer to the vendor guide and then apply the captures.