I would like to be able to configure a ForrtiSwitch in link mode to send L2Mac Events when a mac is added and or removed from a switch port, but I do not want LinkUp or LinkDown trap sent for the same connection. How do I enable L2Mac Events (mac-notification traps) but disable Link traps?
FG version 7.0.1.3
FSW version 7.4.1
My current config that sends a L2Mac Events via SNMP and the Link state trap is as follows:
FortiGate Config
show switch-controller global
config switch-controller global
set mac-aging-interval 30
set mac-retention-period 0
set mac-event-logging enable
FortiSwitch Config
config system snmp community
edit 1
set events cpu-high mem-low log-full intf-ip ent-conf-change
config hosts
edit 1
set ip <IP and mask>
next
end
set name "XXXXXXX"
set trap-v2c-status disable
next
end
config switch interface
edit "port2"
set native-vlan 721
set untagged-vlans 4093
set snmp-index 2
set log-mac-event enable
next
end
Thanks
This is useful for integration with NAC solution.
have you tried leaving only this event (l2mac) under community configurations:
config system snmp community
edit 1
set events l2mac
Is the switch still sending the link state traps?
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.