Hello Team!
I am using a FortiGate 40F model FG-40F with a configuration which consist of a VDOM root (management, operation mode NAT) and a VDOM transparent (operation mode transparent).
The VDOM root is only use to give access to internet:
The VDOM transparent is only use to stablish a firewall between a network called LAN and a network called WAN:
My objective is to monitor the Fortinet sending get SNMP from a PC connected to the port 2 (Inside lan 2).
I have configured the System > SNMP in this way:
My problem is that the Fortinet receives the SNMP get but not answer me:
I am sending the get SNMP with iReasoning Browser:
I amnot using HA or trusted hosts (I have tested to add my pc to trusted hosts but the behaviour does not change), I have checked the threads: SNMP don't response traffic, SNMP response and SNMP no response: timed out but I can not solve the problem. I give you more information that could be interesting:
I hope that you can help me, thanks in advance.
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Created on 07-24-2024 06:26 AM Edited on 07-24-2024 06:27 AM
Hi @Pablo1 ,
Normally this is possible.
https://docs.fortinet.com/document/fortigate/6.2.16/cookbook/986787/nat-and-transparent-mode
Can you change vdom link type PPP to Ethernet.
config system vdom-link
edit <VDOM_NAME>
set type ethernet
end
end
Hi @Pablo1
Please verify if ha-direct under snmp community is disabled
config system snmp community
edit 1
set name "abcd"
config hosts
edit 1
set ip x.x.x.x 255.255.255.255
set ha-direct enable <----- Set to disable
set host-type query
next
end
Hi kajlasunil
I think is disabled:
Regards
Hi All,
Thanks to your contributions I have solved the problem. It was necessary a last step regarding my last post, which consist of configure the route from my PC (or the element that execute the SNMP GET request) to the IP 11.11.11.13.
After that run the SNMP request to the IP 11.11.11.13, namely, the virtual IP at the end of the tunnel between VDOMs located in VDOM management.
Thanks again.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1640 | |
1069 | |
751 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.