Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
rcpdkc
Contributor III

Created on ‎10-23-2025 01:19 AM

Fortigate SNMP Problem

Hello, I've been experiencing issues with SNMP for a few days now. The branch offices have Fortigate firewalls and Fortiswitches. The logs constantly show that the switches are losing and regaining the connection. When I check, everything seems fine. My second issue is that when a user connects their computer to any port, the port lights up green, but the computer doesn't appear. After doing a few pools, the issue resolves itself.

 

sw1.PNG

 

 

Labels:
97
0 Kudos
8 REPLIES 8
AEK
SuperUser
SuperUser

Created on ‎10-23-2025 02:29 AM

Hi

Which FNAC version?

Did you try tcpdump on FNAC to if the traps are properly reaching the NAC when cable is plugged?

AEK
AEK
80
rcpdkc
Contributor III
In response to AEK

Created on ‎10-23-2025 03:36 AM

In such a situation, the device usually obtains an IP address from apipa. I am performing an SNMP test and no problem is apparent. Sometimes it obtains a quarantine IP address and still behaves this way. Version 7.2.4

73
0 Kudos
adambomb1219
SuperUser
SuperUser
In response to rcpdkc

Created on ‎10-23-2025 06:13 AM

Why 7.2.4 and not something newer? Also where is the DHCP server located? What is the path between FortiNAC and the remote site?

55
rcpdkc
Contributor III
In response to adambomb1219

Created on ‎10-24-2025 02:19 AM

Version : 7.2.8.0149

There is IPsec between the Fortigate located at the center and the Fortigate located remotely. No configuration has been made within the Fortiswitch. All settings are managed by Fortilink. The DHCP server for quarantine is Fortinac. The Fortigate located remotely is for other VLANs.

13
0 Kudos
AEK
SuperUser
SuperUser

Created on ‎10-23-2025 04:12 AM

If the issue affects only branch office it is probably due to packet loss, bear in mind SNMP is connectionless, so in case one trap is lost then it is not sent again.

AEK
AEK
67
rcpdkc
Contributor III
In response to AEK

Created on ‎10-24-2025 02:20 AM

There is an IPSec connection between the headquarters and the branches. There doesn't seem to be any loss in the connections. Even if there is, it should come back after 10 minutes when it automatically pools.

12
0 Kudos
mbas
New Contributor

Created on ‎10-23-2025 01:42 PM Edited on ‎10-23-2025 01:43 PM

When you pool the FortiGate, FortiNAC connects to it and reads FortiSwitch MAC address table. If you have configured SNMP traps correctly on the switch, FortiNAC should receive an snmp traps event which is "Mac Learned".

 

Can you connect to the FortiSwitch via CLI and check if the "L2MAC" events are enabled?

You need to run these commands;

  • show system snmp community

You should see this output;

  • set events cpu-high mem-low log-full intf-ip ent-conf-change llv l2mac

 

Can you connect to the FortiNAC server with CLI and try to run this command to see if "Mac Learned" event is sending from FortiSwitch to FortiNAC?

  • execute tcpdump -i any host Switch_IP/Fortigate_IP and port 162
Solving a problem is the best feeling.
Solving a problem is the best feeling.
31
0 Kudos
rcpdkc
Contributor III
In response to mbas

Created on ‎10-24-2025 02:24 AM

When I enter this command in Fortiswitch, it doesn't respond. 

  • show system snmp community  , fortiswitches connected with fortilink
11
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.