Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
aguerriero
Contributor II

SNMP v3 on 30E 3G4G

I have a site with 3 firewalls. Two 101e and a 30e. I can get snmp working on the 101e just fine but the 30e will not work I tried adding it to the both the GUI and the through the CLI so I could configure the switch controller settings. The only difference I can think of is that there isn't a dedicated management port on the 30E so I used port 4 as a management port and added SNMP access to that interface. I tried setting the configs in one place then the other and finally both. I still get a time out. My diag shows packets coming in but I get the below message

id=20085 trace_id=25 func=print_pkt_detail line=5618 msg="vd-root:0 received a packet(proto=17, 172.19.80.5:36881->172.31.8.65:161) from Inband-MGMT. "
id=20085 trace_id=25 func=init_ip_session_common line=5788 msg="allocate a new session-0003ced2"
id=20085 trace_id=25 func=vf_ip_route_input_common line=2595 msg="find a route: flag=80000000 gw-172.31.8.65 via root"
id=20085 trace_id=26 func=print_pkt_detail line=5618 msg="vd-root:0 received a packet(proto=17, 172.19.80.5:36881->172.31.8.65:161) from Inband-MGMT. "
id=20085 trace_id=26 func=resolve_ip_tuple_fast line=5698 msg="Find an existing session, id-0003ced2, original direction"
id=20085 trace_id=27 func=print_pkt_detail line=5618 msg="vd-root:0 received a packet(proto=17, 172.19.80.5:36881->172.31.8.65:161) from Inband-MGMT. "
id=20085 trace_id=27 func=resolve_ip_tuple_fast line=5698 msg="Find an existing session, id-0003ced2, original direction"
id=20085 trace_id=28 func=print_pkt_detail line=5618 msg="vd-root:0 received a packet(proto=17, 172.19.80.5:36881->172.31.8.65:161) from Inband-MGMT. "
id=20085 trace_id=28 func=resolve_ip_tuple_fast line=5698 msg="Find an existing session, id-0003ced2, original direction"
id=20085 trace_id=29 func=print_pkt_detail line=5618 msg="vd-root:0 received a packet(proto=17, 172.19.80.5:36881->172.31.8.65:161) from Inband-MGMT. "
id=20085 trace_id=29 func=resolve_ip_tuple_fast line=5698 msg="Find an existing session, id-0003ced2, original direction"
id=20085 trace_id=30 func=print_pkt_detail line=5618 msg="vd-root:0 received a packet(proto=17, 172.19.80.5:36881->172.31.8.65:161) from Inband-MGMT. "
id=20085 trace_id=30 func=resolve_ip_tuple_fast line=5698 msg="Find an existing session, id-0003ced2, original direction"
 

 

 

###Configured through GUI

config system snmp sysinfo      set status enable      set description "OOBM FW"      set location "SiteName" end

config system snmp user      edit "v3username"      set notify-hosts 172.19.80.5      set security-level auth-priv      set auth-pwd authpass1234$      set priv-pwd privpass1234$ next end

 

###Configure through CLI

config switch-controller snmp-sysinfo      set status enable      set description "OOBM FW"      set location "SiteName" end

config switch-controller snmp-user      edit "v3username"      set security-level auth-priv      set auth-pwd authpass1234$      set priv-pwd privpass1234$ next end

1 REPLY 1
aguerriero
Contributor II

I added V1/V2 configs and those are working. I will run with those and put in a ticket with support.

 

Labels
Top Kudoed Authors