FortiSwitch
FortiSwitch: secure, simple and scalable Ethernet solutions
ssripathi
Staff
Staff
Article Id 393108
Description

 

This article describes the unavailability of the source-address option for SNMPv3 traps on FortiSwitch.

 

Scope

 

FortiSwitch, FortiOS.

 

Solution

 

Currently, there is no option to specify the source-address for system generated traps from a FortiSwitch device using SNMPV3. 

The option is available for SNMPv1/v2. 

 

SNMPv1/V2:

 

config system snmp community

 

<Output redacted.>

 

edit <host_number>
   set interface <interface_name>
   set ip <IPv4_address/mask>
   set source-ip <IPv4_address> <<<<
end

 

SNMPV3:

 

config system snmp user
   edit <index_number>
      set queries enable
      set query-port <port_number>
      set security-level [auth-priv | auth-no-priv | no-auth-no-priv}
      set auth-proto {md5 | sha1 | sha224 | sha256 | sha384 | sha512}
      set events {cpu-high | ent-conf-change | fan-detect | fsTrapStitch1 | fsTrapStitch2 | fsTrapStitch3 |                   fsTrapStitch4 | fsTrapStitch5 | intf-ip | ip-conflict | l2mac | llv | log-full | mem-low | psu-status |             sensor-alarm       | sensor-fault | storm-control | tkmem-hb-oo-sync}
      set notify-hosts <IP_address>
      set auth-pwd <password>
      set priv-proto {aes128 | aes192 | aes192c | aes256 | aes256c | des}
      set priv-pwd <password>
   end

 

This is an expected behavior and will require an NFR to be raised if the user requires this feature. 

Contributors