Support for SNMP (read-only) and traps
As an SNMP agent, FortiExtender responds to SNMP managers query on v1/v2c and v3 protocol. It supports the following SNMP trap events (which can be configured in both SNMP community and user events):
- system-reboot
- data-exhausted
- session-disconnect
- low-signal-strength
- os-image-fallback
- mode-switch
- fgt-backup-mode-switch
Typical SNMP commands
The following are commands commonly used to configure SNMP in FortiExtender.
FX201E5919000054 # config snmp
FX201E5919000054 (snmp) # show
config snmp
config sysinfo
set status enable
set description
set contact-info
set location
end
config community
edit fext
set status enable
set hosts lan
set query-v1-status enable
set query-v1-port 161
set query-v2c-status enable
set query-v2c-port 161
set trap-v1-status enable
set trap-v1-lport 162
set trap-v1-rport 162
set trap-v2c-status disable
set trap-v2c-lport 162
set trap-v2c-rport 162
set events
next
end
config user
end
config hosts
edit lan
set host-ip 172.30.0.0/16
set host-type any
next
end
end
Sample SNMP commands
FX201E5919000054 # config snmp
FX201E5919000054 (snmp) # show
config snmp
config sysinfo
set status disable
set description
set contact-info
set location
end
config community
end
config user
end
config hosts
end
end
FX201E5919000054 (snmp) # config
sysinfo SNMP system info setting
community SNMP v1/v2c community setting
user SNMP v3 user setting
hosts SNMP hosts setting
FX201E5919000054 (snmp) # config sysinfo
FX201E5919000054 (sysinfo) # show
config snmp sysinfo
set status disable
set description
set contact-info
set location
end
FX201E5919000054 (sysinfo) # set
status Enable/disable SNMP
description System description. size[127]
contact-info Contact information
location System location. size[127]
FX201E5919000054 (sysinfo) # end
FX201E5919000054 # config snmp hosts
FX201E5919000054 (hosts) # edit lan
FX201E5919000054 (lan) <M> # set
*host-ip IPv4 address of the SNMP manager(host), syntax: X.X.X.X/24
host-type Control whether the SNMP manager sends SNMP queries, receives SNMP traps, or both
FX201E5919000054 (hosts) # end
FX201E5919000054 # config snmp community
FX201E5919000054 (community) # edit fext
FX201E5919000054 (fext) <M> # set
status Enable/disable this SNMP community
hosts Configure IPv4 SNMP managers (hosts)
query-v1-status Enable/disable SNMP v1 queries
query-v1-port SNMP v1 query port (default = 161)
query-v2c-status Enable/disable SNMP v2c queries
query-v2c-port SNMP v2c query port (default = 161)
trap-v1-status Enable/disable SNMP v1 traps
trap-v1-lport SNMP v1 trap local port (default = 162)
trap-v1-rport SNMP v1 trap remote port (default = 162)
trap-v2c-status Enable/disable SNMP v2c traps
trap-v2c-lport SNMP v2c trap local port (default = 162)
trap-v2c-rport SNMP v2c trap remote port (default = 162)
events SNMP trap events
FX201E5919000054 (community) # end
FX201E5919000054 # config snmp user
FX201E5919000054 (user) # edit lan
FX201E5919000054 (lan) <M> # set
status Enable/disable this SNMP user
notify-hosts SNMP managers to send notifications (traps) to
trap-status Enable/disable traps for this SNMP user
trap-lport SNMPv3 local trap port (default = 162)
trap-rport SNMPv3 trap remote port (default = 162)
queries Enable/disable SNMP queries for this user
query-port SNMPv3 query port (default = 161)
events SNMP trap events
security-level Security level for message authentication and encryption
FX201E5919000054 (user) # end
Executable SNMP commands
FX201E5919000054 # execute snmpmibs
download Export SNMP MIBs to tftp server
FX201E5919000054 # execute snmpmibs download
tftp download through TFTP.
FX201E5919000054 # execute snmpmibs download tftp
FORTINET-CORE-MIB.mib download FORTINET-CORE-MIB.mib
FORTINET-FORTIEXTENDER-MIB.mib download FORTINET-FORTIEXTENDER-MIB.mib
FX201E5919000054 # execute snmpmibs download tftp FORTINET-CORE-MIB.mib
Usage: snmpmibs export mib_file tftp tftp_server
<mpmibs download tftp FORTINET-FORTIEXTENDER-MIB.mib
Usage: snmpmibs export mib_file tftp tftp_server
FX201E5919000054 #