Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
motorbass
New Contributor III

Created on ‎04-05-2024 01:39 AM

Can't use SNMPv3 on Meraki AP on FortiNAC

Hi

We're currently trying FortiNAC v7.2.5.0101, everything runs smoothly for most of our devices except for Meraki AP.

 

We follow this guide for configuring/adding the AP https://docs.fortinet.com/document/fortinac-f/7.2.0/network-device-modeling/785561/cisco-meraki-ms-s...

 

Indeed, even though SNMPv3 is enabled on our Meraki oraganization and so AP ( snmpwalk -v3 is ok) FortiNAC always throws an error while trying to add it using S/N as UserName and API Key as Password as you can see below:

fortinac_meraki.png

 

From a firewall perspective we got not deny or any filtering, proof is we can add the same AP using SNMPv2c for instance.

 

From a FortiNAC perspective, there's no such log or information that may helps to troubleshoot this.

 

Any of you guys succeed to use SNMPv3 between FortiNAC and Meraki ?

Thanks a lot for your help & advices

 

FortiNAC  

 

 

 

Labels:
2488
0 Kudos
1 Solution
motorbass
New Contributor III

Created on ‎04-05-2024 07:42 AM

I finally found the solution from here https://support.auvik.com/hc/en-us/articles/204356740-How-to-enable-SNMP-on-Meraki-devices

 

So credentials to use are those from Network-wide, we agree, but in any case, it has to be SHA1 & DES.

It works pretty smooth, happy to have learnt something today ! :)

View solution in original post

2300
27 REPLIES 27
motorbass
New Contributor III
In response to ndumaj

Created on ‎04-05-2024 07:31 AM

Just tried for instance with only SHA25 - SNMPv3 AuthNoPriv andresult is same but wireshark changes a little bit.forti3.png

In any case, frame details got some missing parameters so I guess FNAC or Meraki doesn't seems to "talk the same way"

frame_details.png

680
0 Kudos
ozkanaltas
Valued Contributor III
In response to motorbass

Created on ‎04-05-2024 07:33 AM

Can you share the Meraki snmp setting with us? 

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW
If you have found a solution, please like and accept it to make it easily accessible to others.NSE 4-5-6-7 OT Sec - ENT FW
677
0 Kudos
motorbass
New Contributor III
In response to ozkanaltas

Created on ‎04-05-2024 07:37 AM

For sure :

From the Network-Side :

network_side.png

Username & passphrase configured are those that works when I explained that it works through snmpwalk -v3

 

From the Organisation Side snmpv3 is also enabled with Auth and privkey, but If this one is disabled, snmpwalk -v3 still continue to works :

orga_side.png

672
0 Kudos
motorbass
New Contributor III

Created on ‎04-05-2024 07:42 AM

I finally found the solution from here https://support.auvik.com/hc/en-us/articles/204356740-How-to-enable-SNMP-on-Meraki-devices

 

So credentials to use are those from Network-wide, we agree, but in any case, it has to be SHA1 & DES.

It works pretty smooth, happy to have learnt something today ! :)

2301
ozkanaltas
Valued Contributor III

Created on ‎04-05-2024 07:46 AM

I'm glad it worked. However, I shared this document in my first messages. I guess you didn't read :) 

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW
If you have found a solution, please like and accept it to make it easily accessible to others.NSE 4-5-6-7 OT Sec - ENT FW
665
0 Kudos
motorbass
New Contributor III
In response to ozkanaltas

Created on ‎04-07-2024 11:46 PM

Hi, i'm so sorry ,indeed you mentionned the url, however my workmate told me he already tried this url that's why I misclick. But thanks again for your help, i do really appreciate it :)

602
0 Kudos
ndumaj
Staff
Staff

Created on ‎04-05-2024 08:01 AM

I'm glad to hear that it worked.
Well done!

BR

- Happy to help, hit like and accept the solution -
660
0 Kudos
motorbass
New Contributor III
In response to ndumaj

Created on ‎04-07-2024 11:47 PM

Thanks a lot for your help ! :)

602
0 Kudos
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.