SNMP monitoring

In this example, you configure the FortiGate SNMP agent and an example SNMP manager so that the SNMP manager can get status information from the FortiGate unit and so that the FortiGate unit can send traps to the SNMP manager.

The Simple Network Management Protocol (SNMP) enables you to monitor hardware on your network. You configure the hardware, such as the FortiGate SNMP agent, to report system information and send traps (alarms or event messages) to SNMP managers.

1. Configuring the FortiGate SNMP agent

Go to System > Config > SNMP. Enable the SNMP Agent and add any necessary information.  

Under SNMP v1/v2c, create a new community.

Add the IP address of SNMP manager (in the example, If required, change the query and trap ports to match the SNMP manager.

You can add multiple SNMP managers, or set the IP address/Netmask to and the Interface to ANY, so that any SNMP manager on any network connected to the FortiGate unit can use this SNMP community and receive traps from the FortiGate unit.

Enable the SNMP Events (traps) that you need. In most cases, leave them all enabled.


2. Enabling SNMP on a FortiGate interface

Go to System > Network > Interfaces and edit the interface connected to the same network as the SNMP manager.

Enable SNMP for Administrative Access.


3. Downloading the Fortinet MIB files to and configuring an example SNMP manager

Two types of MIB files are available for FortiGate units: the Fortinet MIB and the FortiGate MIB. The Fortinet MIB contains traps, fields, and information that is common to all Fortinet products. The FortiGate MIB contains traps, fields, and information that is specific to FortiGate units.

Go to System > Config > SNMP and select Download FortiGate SNMP MIB File and Download Fortinet Core MIB File.Configure the SNMP manager to receive traps from the FortiGate unit. Install the FortiGate and Fortinet MIBs.


4. Results

This example uses the SolarWinds SNMP trap viewer.

In the SolarWinds Toolset Launch Pad, go to SNMP > MIB Viewer and select Launch.

Choose Select Device, enter the IP address of the FortiGate unit, and choose the appropriate community string credentials.  
Open the SNMP Trap Receiver and select Launch.  
The SNMP Trap Receiver
will appear.
On the FortiGate unit, perform an action to trigger a trap (for example, change the IP address of the DMZ interface).  
Verify that the SNMP manager receives the trap.

For further reading, check out SNMP in the FortiOS 5.2 Handbook.

Victoria Martin

Technical Writer at Fortinet
Victoria Martin works in Ottawa as part of the FortiOS technical documentation team. She graduated with a Bachelor's degree from Mount Allison University, after which she attended Humber College's book publishing program, followed by the more practical technical writing program at Algonquin College. She does need glasses but also likes wearing them, since glasses make you look smarter.
Victoria Martin

Latest posts by Victoria Martin (see all)