Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Not applicable

verify SNMP settings

Hi All, I recently configured SNMP settings for fortigate-60B. I would like to know how can I verify that SNMP settings are working as they should be. I have not received any traps of my SNMP manager uptil now. Thanks
14 REPLIES 14
abelio
SuperUser
SuperUser

hello and welcome, did you compile or added the Fortinet MIB to your snmp manager database?

regards




/ Abel

regards / Abel
Not applicable

thanks for the reply abelio. I am using labtech to monitor the fortinet devices. In labtech there is no option of compiling or adding MIBs. You create SNMP monitor or SNMP trap and give it the relevant OID and it starts listening for that OID. I did download relevant MIB files and gave my SNMP traps relevant OIDs for fortinet devices. I have got other SNMP traps working in the same way, for example SNMP traps for printers, servers etc. In Fortinet bit, I configured SNMP by enabling it in configuration, creating community and then enabling it on interface. is that right?
willem
New Contributor

Hi and welcome, there' s probably a diag command to start sending snmp, but I don' t know it by heart. What you can always do, is start a sniffer via the CLI to find out if the firewall is sending out SNMP-traffic (command: diagnose sniffer packet any " port 162" 4). W.
Willem __________________________________ FCNSP (Fortinet Certified Network Security Professional)
Willem __________________________________ FCNSP (Fortinet Certified Network Security Professional)
ede_pfau
SuperUser
SuperUser

AFAIK you don' t need to ' start' SNMP. Get a tool like getif (SNMP MIB browser), compile the Fortinet MIB and walk the tree. To test a trap just produce one: link down is one, or any you' ve configured in the SNMP config. Sniffing as a last resort. UDP/161 for messages, UDP/162 for traps.
Ede Kernel panic: Aiee, killing interrupt handler!
Ede Kernel panic: Aiee, killing interrupt handler!
willem
New Contributor

Hi Ede, I didn' t express myself correctly. What I meant is that there' s probably a diag command that triggers the firewall to send a test trap of some kind.
Willem __________________________________ FCNSP (Fortinet Certified Network Security Professional)
Willem __________________________________ FCNSP (Fortinet Certified Network Security Professional)
Not applicable

thanks both of you. may be thats right, there is a capability of sending some test trap because i saw a test trap OID in the Fortinet MIB. I`ll report back shortly after carrying out the recommendations from you guys.
Not applicable

okay, got it working, thanks every one for the help & support and warm welcome into the community. cheers
nvelocity
New Contributor

What got it working for you? If you find an answer, share it. Others may have the same problem.
ede_pfau
SuperUser
SuperUser

 gate # diag snmp trap send 
 Generating test trap...
 Test trap successfully sent to snmp daemon.
 
BTW this attitude is uncommon in these forums but there are exceptions.
Ede Kernel panic: Aiee, killing interrupt handler!
Ede Kernel panic: Aiee, killing interrupt handler!
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors