Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
J13224
New Contributor III

SNMP OID ACL possible?

I have a client that recently started using a cloud hosted LOB application with an IPSEC Site 2 Site tunnel.  The  vender wants to be able to connect via SNMP to monitor the interface for any performance or connection issues.

I am not familiar with SNMP on Fortigates but I am concerned about giving too much information.  I don't want them accessing sensitive system/policy OIDs...

The SNMPv3 standard does have provisions for OID user permission (ACL) I think?  Does FortiGate support any of this?  I know it is not exposed in the GUI.

 

Am I being too paranoid?

 

Thanks,

 

2 REPLIES 2
emnoc
Esteemed Contributor III

Am I being too paranoid?

 

 

;) yes.... but it's safe to be safer.

 

What your asking for are snmp-views and I believe FortiOS does not support that  level of views yet to allow certain users  the rights to  read specific OIDs

 

 

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
J13224
New Contributor III

Thanks for the response!

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors