Fortinet 100 Configuring SNMP

134 Fortinet Inc.

Configuring the FortiGate unit for SNMP monitoring System configuration

Configuring SNMP

Configure the FortiGate SNMP agent to report system information and send traps to

SNMP managers. The FortiGate SNMP agent supports SNMP v1 and v2c. RFC

support includes RFC 1213 and RFC 2665. The FortiGate SNMP implementation is

read-only. SNMP v1 and v2c compliant SNMP manager have read-only access to

FortiGate system information and can received FortiGate traps. To monitor FortiGate

system information and receive FortiGate traps you must compile the Fortinet

proprietary MIBs and the standard MIBs into the SNMP manager.

This section describes:

•Configuring the FortiGate unit for SNMP monitoring

•Configuring FortiGate SNMP support

•FortiGate MIBs

•FortiGate traps

Configuring the FortiGate unit for SNMP monitoring

Before a remote SNMP manager can connect to the FortiGate agent, you must

configure one or more FortiGate interfaces to accept SNMP connections. For

information about how to do this, see “Controlling management access to an

interface” on page 111 and related interface configuration sections.

Configuring FortiGate SNMP support

1Go to System > Config > SNMP v1/v2c.

2Select Enable SNMP.

3Configure SNMP settings:

System Name Automatically set to the FortiGate host name. To change the System

Name, see “Changing the FortiGate host name” on page 70.

System Location Describe the physical location of the FortiGate unit. The system location

description can be up to 31 characters long and can contain spaces,

numbers (0-9), uppercase and lowercase letters (A-Z, a-z), and the

special characters - and _. The \ < > [ ] ` $ % & characters are not

allowed.

Contact Information Add the contact information for the person responsible for this FortiGate

unit. The contact information can be up to 31 characters long and can

contain spaces, numbers (0-9), uppercase and lowercase letters (A-Z,

a-z), and the special characters - and _. The \ < > [ ] ` $ % & characters

are not allowed.

Get Community Also called read community, get community is a password to identify

SNMP get requests sent to the FortiGate unit. When an SNMP manager

sends a get request to the FortiGate unit, it must include the correct get

community string.

The default get community string is “public”. Change the default get

community string to keep intruders from using get requests to retrieve

information about your network configuration. The get community string

must be used in your SNMP manager to enable it to access FortiGate

SNMP information.

The get community string can be up to 31 characters long and can

contain numbers (0-9), uppercase and lowercase letters (A-Z, a-z), and

the special characters - and _. Spaces and the \ < > [ ] ` $ % &

characters are not allowed.