Hi all,
Since I upgraded the 300D in a HA pair to 5.6.4 I now no longer am able to get any SNMP stats from the device. I can't even SNMPwalk from our SNMP server.
When running a debug on SNMP I get the following
d=20085 trace_id=199 func=init_ip_session_common line=5470 msg="allocate a new session-27c03ddc" id=20085 trace_id=199 func=vf_ip_route_input_common line=2576 msg="find a route: flag=80000000 gw-10.253.2.4 via root" id=20085 trace_id=200 func=print_pkt_detail line=5311 msg="vd-root received a packet(proto=17, 10.254.252.8:35095->10.253.2.4:161) from Core_Link. " id=20085 trace_id=200 func=resolve_ip_tuple_fast line=5386 msg="Find an existing session, id-27c03ddc, original direction" id=20085 trace_id=201 func=print_pkt_detail line=5311 msg="vd-root received a packet(proto=17, 10.254.252.8:35095->10.253.2.4:161) from Core_Link. " id=20085 trace_id=201 func=resolve_ip_tuple_fast line=5386 msg="Find an existing session, id-27c03ddc, original direction" id=20085 trace_id=202 func=print_pkt_detail line=5311 msg="vd-root received a packet(proto=17, 10.254.252.8:35095->10.253.2.4:161) from Core_Link. " id=20085 trace_id=202 func=resolve_ip_tuple_fast line=5386 msg="Find an existing session, id-27c03ddc, original direction" id=20085 trace_id=203 func=print_pkt_detail line=5311 msg="vd-root received a packet(proto=17, 10.254.252.8:35095->10.253.2.4:161) from Core_Link. " id=20085 trace_id=203 func=resolve_ip_tuple_fast line=5386 msg="Find an existing session, id-27c03ddc, original direction" id=20085 trace_id=204 func=print_pkt_detail line=5311 msg="vd-root received a packet(proto=17, 10.254.252.8:35095->10.253.2.4:161) from Core_Link. " id=20085 trace_id=204 func=resolve_ip_tuple_fast line=5386 msg="Find an existing session, id-27c03ddc, original direction"
When I run a packet trace I see the SNMP packet arrive at the firewall, the firewall then replies with an ICMP packet on port 161 and I get a destination unreachable. Not sure why the Fortigate replies with an ICMP packet to be honest.
Everything appears to be set correct and nothing has changed on the config
Has anyone else had a similar issue?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1732 | |
1105 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.