Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
luca1994
New Contributor III

SNMP response

Hello team,

 

i have the following problem when try to configuring SNMP on interface LAN (not MGMT dedicated)

 

The monitoring system is reachable via ipsec tunnel. When I try to configure SNMP on the LAN interface, in the local firewall logs I see traffic but no return traffic.
The strange thing is that the same policy correctly allows SNMP traffic as well as HTTPS traffic from the ipsec tunnel to the ip address of the interface on which SNMP is enabled.

logsnmp.png

 

Thanks for the support

BR

1 Solution
ozkanaltas
Valued Contributor III

Hello @luca1994 ,

 

Did you check local traffic logs? Do you have a trusted host configuration on your admin users? 

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW

View solution in original post

If you have found a solution, please like and accept it to make it easily accessible to others.NSE 4-5-6-7 OT Sec - ENT FW
6 REPLIES 6
ozkanaltas
Valued Contributor III

Hello @luca1994 ,

 

Did you check local traffic logs? Do you have a trusted host configuration on your admin users? 

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW
If you have found a solution, please like and accept it to make it easily accessible to others.NSE 4-5-6-7 OT Sec - ENT FW
luca1994
New Contributor III

Hello @ozkanaltas ,

 

the scrennshot you see is taken from the local log monitor.
Yes, I added the ip address as trusted host for administrative users

 

Thanks

BR

ozkanaltas
Valued Contributor III

Hello @luca1994 ,

 

Can you add the IP address of the monitoring tool to the trusted host configuration? It doesn't matter which administrator account you configure. You can configure it to anyone.

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW
If you have found a solution, please like and accept it to make it easily accessible to others.NSE 4-5-6-7 OT Sec - ENT FW
luca1994
New Contributor III

When I added the trusted host for ALL administrative users, the problem was solved.

BR

HungDT
New Contributor III

Hi Luca,

 

You add trusted host on fortigate, access system -> Administrators, enable Restrict login to trusted hosts. Is that right ? I have the same problem with you.

 

luca1994
New Contributor III

Hi @HungDT ,

 

yes, i have add trusted hosts for ALL administrative users. 

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors