We are trying to get our fortigate firewalls running version 5.2.4 by solar wind.
the firewall is in vdom's, monitoring will be through the management interface. Snmp has been configured with correct settings.
But , it is not successfully getting discovered. While checking logs, below are seen on firewall.
firewall-forti (mgt) # 2019-04-10 03:22:20 id=20085 trace_id=2947 func=print_pkt_detail line=4471 msg="vd-mgt received a packet(proto=17, 10.58.0.5:58427->10.78.46.12:161) from core-interface. "
2019-04-10 03:22:20 id=20085 trace_id=2947 func=resolve_ip_tuple_fast line=4532 msg="Find an existing session, id-e57284bd, original direction"
2019-04-10 03:22:20 id=20085 trace_id=2947 func=ipv4_fast_cb line=50 msg="enter fast path"
2019-04-10 03:22:20 id=20085 trace_id=2948 func=print_pkt_detail line=4471 msg="vd-vsys_hamgt received a packet(proto=17, 10.58.0.5:58427->10.78.46.12:161) from mgt1. "
2019-04-10 03:22:20 id=20085 trace_id=2948 func=init_ip_session_common line=4622 msg="allocate a new session-e572a274"
2019-04-10 03:22:20 id=20085 trace_id=2948 func=fw_local_in_handler line=385 msg="iprope_in_check() check failed on policy 0, drop"
i have also tried with using set ha-direct enable command from other posts, but that hasn't helped.
rule is present, but the last line says iprope drop. Please help. Thank you.
Has the SNMP agent been activated?
config system snmp sysinfo
set status enable
set description "Host at location"
set contact-info "email@example.com"
set location "NA"
NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C
and check, if you have already used the source IP at the Fortigate, see https://forum.fortinet.com/tm.aspx?m=142569 for details.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.