Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
HANDL_Eric
New Contributor

Created on ‎01-31-2025 08:06 AM

DHCP Details via SNMP

We're looking to monitor FortiGate DHCP information using SNMP from a remote appliance for historical and alerting purposes. We used the published KB to create an additional poller for the listed OID but the problem we're facing is we can't figure out how to corelate the utilization to a specific interface.

 

Being able to simply trigger off pool exhaustion is handy, but the historical data and even the alerts and semi-useless if we don't know which network or pool it corresponds to. Is anyone out there today familiar with this?

 

Ref:

SNMP traps and query for monitoring DHCP pool | FortiGate / FortiOS 6.4.0 | Fortinet Document Librar...

Monitor DHCP via SNMP - Fortinet Community

Labels:
301
0 Kudos
5 REPLIES 5
funkylicious
SuperUser
SuperUser

Created on ‎01-31-2025 08:09 AM

hi,

wouldn't be easier to create a automation stitch that looks for a fortios event log and a dhcp event in it ?

Screenshot 2025-01-31 at 18.08.56.png

"jack of all trades, master of none"
"jack of all trades, master of none"
298
0 Kudos
HANDL_Eric
New Contributor
In response to funkylicious

Created on ‎01-31-2025 12:21 PM

Not in our case. For historical utilization we would have to store those events for summarization and hope that things stay in sync. Even if we were to use events on the FortiGate to trigger tracking events (+1, -1, etc) there's still the possibility that a single event could get dropped somewhere along the way offsetting the counts for everything following.

 

We need a way to accurately and consistently have the FortiGate tell us DHCP stats and which networks they belong to.

270
0 Kudos
turhost
New Contributor II

Created on ‎02-01-2025 01:58 AM

To monitor FortiGate DHCP via SNMP and correlate it with specific interfaces, you need to use both IF-MIB for interface information and the relevant DHCP OIDs. The key is to combine interface-specific data with DHCP pool stats. If direct correlation isn’t available through SNMP, custom scripts or SNMP traps can help send the required data together for better tracking.

246
0 Kudos
HANDL_Eric
New Contributor
In response to turhost

Created on ‎02-01-2025 06:19 PM

I could be overlooking something however comparing at the RAW OIDs, there doesn't appear to be anything that corelates the DHCP pools which have a serialized trailing identifier to the interfaces. I spot checked some and they simply don't match, the pools on the box I checked were 1-7 were all indexed above 100. I would love if instead of using a serialized identifier, that the UID matched that of the interface/network the DHCP pool was associated with.

219
0 Kudos
turhost
New Contributor II
In response to HANDL_Eric

Created on ‎02-12-2025 01:53 AM

you're encountering an issue with matching the DHCP pool serial identifiers to interfaces in SNMP, which can sometimes be tricky with serialized OIDs. Since there isn’t a direct correlation, using custom scripts or SNMP traps might be a good workaround to correlate the data. You could also explore logging or monitoring tools that integrate with FortiGate for better insights.

151
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.