In this example, you configure the FortiGate SNMP agent and an example SNMP manager so that the SNMP manager can get status information from the FortiGate unit and so that the FortiGate unit can send traps to the SNMP manager.
The Simple Network Management Protocol (SNMP) enables you to monitor hardware on your network. You configure the hardware, such as the FortiGate SNMP agent, to report system information and send traps (alarms or event messages) to SNMP managers.
1. Configuring the FortiGate SNMP agent
Go to System > Config > SNMP. Enable the SNMP Agent and add any necessary information.
Under SNMP v1/v2c, create a new community.
Add the IP address of SNMP manager (in the example, 192.168.1.114/32). If required, change the query and trap ports to match the SNMP manager.
You can add multiple SNMP managers, or set the IP address/Netmask to 0.0.0.0/0.0.0.0 and the Interface to ANY, so that any SNMP manager on any network connected to the FortiGate unit can use this SNMP community and receive traps from the FortiGate unit.
Enable the SNMP Events (traps) that you need. In most cases, leave them all enabled.
2. Enabling SNMP on a FortiGate interface
Go to System > Network > Interfaces and edit the interface connected to the same network as the SNMP manager.
Enable SNMP for Administrative Access.
3. Downloading the Fortinet MIB files to and configuring an example SNMP manager
Two types of MIB files are available for FortiGate units: the Fortinet MIB and the FortiGate MIB. The Fortinet MIB contains traps, fields, and information that is common to all Fortinet products. The FortiGate MIB contains traps, fields, and information that is specific to FortiGate units.
Go to System > Config > SNMP and select Download FortiGate SNMP MIB File and Download Fortinet Core MIB File.Configure the SNMP manager to receive traps from the FortiGate unit. Install the FortiGate and Fortinet MIBs.
4. Results
This example uses the SolarWinds SNMP trap viewer.
In the SolarWinds Toolset Launch Pad, go to SNMP > MIB Viewer and select Launch.
Choose Select Device, enter the IP address of the FortiGate unit, and choose the appropriate community string credentials.
Open the SNMP Trap Receiver and select Launch.
The SNMP Trap Receiver will appear.
On the FortiGate unit, perform an action to trigger a trap (for example, change the IP address of the DMZ interface).
Verify that the SNMP manager receives the trap.