Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
babakpirouznia
New Contributor

Created on ‎04-10-2021 03:36 AM

SNMP dont work!

hi everyone

we have 100f (6.2.2) in our production and our topology is as bellow :

 

we have 2 vdom root and global and port 1 is in vdom root.

we don't restrict admins by restricted host.

ping is ok between agent and manager.

 

we config snmp as follow:

 

1) Go to Network -> Interfaces 2) Choose an interface that an SNMP manager connects to (port1) and select 'Edit' 3) In Administrative Access, select 'SNMP' 4) Select 'OK'

 

[size="2"]To configure the SNMP agent 1) Go to System -> SNMP 2) Select 'Enable' for the SNMP Agent 3) Enter a descriptive name for the agent 4) Enter the location of the FortiGate unit 5) Enter a contact or administrator for the SNMP Agent or FortiGate unit 6) Select 'Apply' To add an SNMP v1/v2c community - GUI: 1) Go to System -> SNMP 2) In the SNMP v1/v2c area, select 'Create New' 3) Enter a Community Name 4) Enter the IP address and Identify the SNMP (192.168.30.21) 5) Select the interface if the SNMP manager is not on the same subnet as the FortiGate unit 6) Enter the Port number that the SNMP managers in this community use for SNMP v1 and SNMP v2c queries to receive configuration information from the FortiGate unit.     Select the Enable check box to activate queries for each SNMP version 7) Enter the Local and Remote port numbers that the FortiGate unit uses to send SNMP v1 and SNMP v2c traps to the SNMP managers in this community 8) Select the Enable check box to activate traps for each SNMP version 9) Select 'OK'[/size]

 

 

[size="2"]but when i want add fortigate by snmp to solarwind "Test faild"[/size]

[size="2"]and debug show error as bellow:[/size]

 

[size="2"]snmpd: trap request ent_conf_change(0000000000000001) -> queue 1 in 0, 0 interval snmpd: queue is 0 entries long. snmpd: queueing trap 8000000000200000@4356047167 (4356047167) snmpd: queue is 1 entries long. snmpd: dequeueing trap 8000000000200000@4356047167 (4356047167) snmpd: sending to hosts: ent_conf_change(1) snmpd: trap4 prep: connect 192.168.30.21:162 vd=-1 (type 1) errno=101 (Network is unreachable) snmpd: trap4 prep: connect 192.168.30.21:162 vd=-1 (type 1) errno=101 (Network is unreachable) snmpd: trap4 prep: connect 169.254.0.1:162 vd=3 (type 3) errno=101 (Network is unreachable) snmpd: updating cache: idx_cache snmpd: updating cache: idx_cache snmpd: updating cache: idx_cache snmpd: trap4 prep: connect 192.168.30.21:162 vd=-1 (type 1) errno=101 (Network is unreachable)snmpd: updating cache: idx_cache[/size]

 

 

and command "diagnose sniffer packet port1 'port 161' 4"

shows:

20.922433 port1 -- 192.168.30.21.63773 -> 172.17.17.2.161: udp 42

20.922433 port1 -- 192.168.30.21.63773 -> 172.17.17.2.161: udp 42

20.922433 port1 -- 192.168.30.21.63773 -> 172.17.17.2.161: udp 42

20.922433 port1 -- 192.168.30.21.63773 -> 172.17.17.2.161: udp 42

20.922433 port1 -- 192.168.30.21.63773 -> 172.17.17.2.161: udp 42

2076
0 Kudos
0 REPLIES 0
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.