Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
luca1994
New Contributor III

Created on ‎05-28-2024 03:12 AM

SNMP response

Hello team,

 

i have the following problem when try to configuring SNMP on interface LAN (not MGMT dedicated)

 

The monitoring system is reachable via ipsec tunnel. When I try to configure SNMP on the LAN interface, in the local firewall logs I see traffic but no return traffic.
The strange thing is that the same policy correctly allows SNMP traffic as well as HTTPS traffic from the ipsec tunnel to the ip address of the interface on which SNMP is enabled.

logsnmp.png

 

Thanks for the support

BR

Labels:
373
0 Kudos
1 Solution
ozkanaltas
Valued Contributor II

Created on ‎05-28-2024 03:18 AM

Hello @luca1994 ,

 

Did you check local traffic logs? Do you have a trusted host configuration on your admin users? 

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW

View solution in original post

If you have found a solution, please like and accept it to make it easily accessible to others.NSE 4-5-6-7 OT Sec - ENT FW
367
0 Kudos
6 REPLIES 6
ozkanaltas
Valued Contributor II

Created on ‎05-28-2024 03:18 AM

Hello @luca1994 ,

 

Did you check local traffic logs? Do you have a trusted host configuration on your admin users? 

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW
If you have found a solution, please like and accept it to make it easily accessible to others.NSE 4-5-6-7 OT Sec - ENT FW
368
0 Kudos
luca1994
New Contributor III
In response to ozkanaltas

Created on ‎05-28-2024 03:28 AM

Hello @ozkanaltas ,

 

the scrennshot you see is taken from the local log monitor.
Yes, I added the ip address as trusted host for administrative users

 

Thanks

BR

358
0 Kudos
ozkanaltas
Valued Contributor II
In response to luca1994

Created on ‎05-28-2024 03:32 AM

Hello @luca1994 ,

 

Can you add the IP address of the monitoring tool to the trusted host configuration? It doesn't matter which administrator account you configure. You can configure it to anyone.

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW
If you have found a solution, please like and accept it to make it easily accessible to others.NSE 4-5-6-7 OT Sec - ENT FW
355
0 Kudos
luca1994
New Contributor III
In response to luca1994

Created on ‎05-28-2024 03:33 AM

When I added the trusted host for ALL administrative users, the problem was solved.

BR

354
0 Kudos
HungDT
New Contributor III
In response to luca1994

Created on ‎06-03-2024 12:35 AM

Hi Luca,

 

You add trusted host on fortigate, access system -> Administrators, enable Restrict login to trusted hosts. Is that right ? I have the same problem with you.

 

199
0 Kudos
luca1994
New Contributor III
In response to HungDT

Created on ‎06-03-2024 08:36 AM

Hi @HungDT ,

 

yes, i have add trusted hosts for ALL administrative users. 

165
0 Kudos
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.