Fortinet Document Library

Version:


Table of Contents

CLI Reference

6.2.1
Copy Link

SNMP community configuration.

  config system snmp community
      Description: SNMP community configuration.
      edit <id>
          set name {string}
          set status [enable|disable]
          config hosts
              Description: Configure IPv4 SNMP managers (hosts).
              edit <id>
                  set source-ip {ipv4-address}
                  set ip {user}
                  set ha-direct [enable|disable]
                  set host-type [any|query|...]
              next
          end
          config hosts6
              Description: Configure IPv6 SNMP managers.
              edit <id>
                  set source-ipv6 {ipv6-address}
                  set ipv6 {ipv6-prefix}
                  set ha-direct [enable|disable]
                  set host-type [any|query|...]
              next
          end
          set query-v1-status [enable|disable]
          set query-v1-port {integer}
          set query-v2c-status [enable|disable]
          set query-v2c-port {integer}
          set trap-v1-status [enable|disable]
          set trap-v1-lport {integer}
          set trap-v1-rport {integer}
          set trap-v2c-status [enable|disable]
          set trap-v2c-lport {integer}
          set trap-v2c-rport {integer}
          set events {option1}, {option2}, ...
      next
  end

config system snmp community

Parameter Name Description Type Size
name Community name. string Maximum length: 35
status Enable/disable this SNMP community.
enable: Enable setting.
disable: Disable setting.
option -
query-v1-status Enable/disable SNMP v1 queries.
enable: Enable setting.
disable: Disable setting.
option -
query-v1-port SNMP v1 query port (default = 161). integer Minimum value: 1 Maximum value: 65535
query-v2c-status Enable/disable SNMP v2c queries.
enable: Enable setting.
disable: Disable setting.
option -
query-v2c-port SNMP v2c query port (default = 161). integer Minimum value: 0 Maximum value: 65535
trap-v1-status Enable/disable SNMP v1 traps.
enable: Enable setting.
disable: Disable setting.
option -
trap-v1-lport SNMP v1 trap local port (default = 162). integer Minimum value: 1 Maximum value: 65535
trap-v1-rport SNMP v1 trap remote port (default = 162). integer Minimum value: 1 Maximum value: 65535
trap-v2c-status Enable/disable SNMP v2c traps.
enable: Enable setting.
disable: Disable setting.
option -
trap-v2c-lport SNMP v2c trap local port (default = 162). integer Minimum value: 1 Maximum value: 65535
trap-v2c-rport SNMP v2c trap remote port (default = 162). integer Minimum value: 1 Maximum value: 65535
events SNMP trap events.
cpu-high: Send a trap when CPU usage is high.
mem-low: Send a trap when available memory is low.
log-full: Send a trap when log disk space becomes low.
intf-ip: Send a trap when an interface IP address is changed.
vpn-tun-up: Send a trap when a VPN tunnel comes up.
vpn-tun-down: Send a trap when a VPN tunnel goes down.
ha-switch: Send a trap after an HA failover when the backup unit has taken over.
ha-hb-failure: Send a trap when HA heartbeats are not received.
ips-signature: Send a trap when IPS detects an attack.
ips-anomaly: Send a trap when IPS finds an anomaly.
av-virus: Send a trap when AntiVirus finds a virus.
av-oversize: Send a trap when AntiVirus finds an oversized file.
av-pattern: Send a trap when AntiVirus finds file matching pattern.
av-fragmented: Send a trap when AntiVirus finds a fragmented file.
fm-if-change: Send a trap when FortiManager interface changes. Send a FortiManager trap.
fm-conf-change: Send a trap when a configuration change is made by a FortiGate administrator and the FortiGate is managed by FortiManager.
bgp-established: Send a trap when a BGP FSM transitions to the established state.
bgp-backward-transition: Send a trap when a BGP FSM goes from a high numbered state to a lower numbered state.
ha-member-up: Send a trap when an HA cluster member goes up.
ha-member-down: Send a trap when an HA cluster member goes down.
ent-conf-change: Send a trap when an entity MIB change occurs (RFC4133).
av-conserve: Send a trap when the FortiGate enters conserve mode.
av-bypass: Send a trap when the FortiGate enters bypass mode.
av-oversize-passed: Send a trap when AntiVirus passes an oversized file.
av-oversize-blocked: Send a trap when AntiVirus blocks an oversized file.
ips-pkg-update: Send a trap when the IPS signature database or engine is updated.
ips-fail-open: Send a trap when the IPS network buffer is full.
faz-disconnect: Send a trap when a FortiAnalyzer disconnects from the FortiGate.
wc-ap-up: Send a trap when a managed FortiAP comes up.
wc-ap-down: Send a trap when a managed FortiAP goes down.
fswctl-session-up: Send a trap when a FortiSwitch controller session comes up.
fswctl-session-down: Send a trap when a FortiSwitch controller session goes down.
load-balance-real-server-down: Send a trap when a server load balance real server goes down.
device-new: Send a trap when a new device is found.
per-cpu-high: Send a trap when per-CPU usage is high.
option -

config hosts

Parameter Name Description Type Size
source-ip Source IPv4 address for SNMP traps. ipv4-address Not Specified
ip IPv4 address of the SNMP manager (host). user Not Specified
ha-direct Enable/disable direct management of HA cluster members.
enable: Enable setting.
disable: Disable setting.
option -
host-type Control whether the SNMP manager sends SNMP queries, receives SNMP traps, or both.
any: Accept queries from and send traps to this SNMP manager.
query: Accept queries from this SNMP manager but do not send traps.
trap: Send traps to this SNMP manager but do not accept SNMP queries from this SNMP manager.
option -

config hosts6

Parameter Name Description Type Size
source-ipv6 Source IPv6 address for SNMP traps. ipv6-address Not Specified
ipv6 SNMP manager IPv6 address prefix. ipv6-prefix Not Specified
ha-direct Enable/disable direct management of HA cluster members.
enable: Enable setting.
disable: Disable setting.
option -
host-type Control whether the SNMP manager sends SNMP queries, receives SNMP traps, or both.
any: Accept queries from and send traps to this SNMP manager.
query: Accept queries from this SNMP manager but do not send traps.
trap: Send traps to this SNMP manager but do not accept SNMP queries from this SNMP manager.
option -

SNMP community configuration.

  config system snmp community
      Description: SNMP community configuration.
      edit <id>
          set name {string}
          set status [enable|disable]
          config hosts
              Description: Configure IPv4 SNMP managers (hosts).
              edit <id>
                  set source-ip {ipv4-address}
                  set ip {user}
                  set ha-direct [enable|disable]
                  set host-type [any|query|...]
              next
          end
          config hosts6
              Description: Configure IPv6 SNMP managers.
              edit <id>
                  set source-ipv6 {ipv6-address}
                  set ipv6 {ipv6-prefix}
                  set ha-direct [enable|disable]
                  set host-type [any|query|...]
              next
          end
          set query-v1-status [enable|disable]
          set query-v1-port {integer}
          set query-v2c-status [enable|disable]
          set query-v2c-port {integer}
          set trap-v1-status [enable|disable]
          set trap-v1-lport {integer}
          set trap-v1-rport {integer}
          set trap-v2c-status [enable|disable]
          set trap-v2c-lport {integer}
          set trap-v2c-rport {integer}
          set events {option1}, {option2}, ...
      next
  end

config system snmp community

Parameter Name Description Type Size
name Community name. string Maximum length: 35
status Enable/disable this SNMP community.
enable: Enable setting.
disable: Disable setting.
option -
query-v1-status Enable/disable SNMP v1 queries.
enable: Enable setting.
disable: Disable setting.
option -
query-v1-port SNMP v1 query port (default = 161). integer Minimum value: 1 Maximum value: 65535
query-v2c-status Enable/disable SNMP v2c queries.
enable: Enable setting.
disable: Disable setting.
option -
query-v2c-port SNMP v2c query port (default = 161). integer Minimum value: 0 Maximum value: 65535
trap-v1-status Enable/disable SNMP v1 traps.
enable: Enable setting.
disable: Disable setting.
option -
trap-v1-lport SNMP v1 trap local port (default = 162). integer Minimum value: 1 Maximum value: 65535
trap-v1-rport SNMP v1 trap remote port (default = 162). integer Minimum value: 1 Maximum value: 65535
trap-v2c-status Enable/disable SNMP v2c traps.
enable: Enable setting.
disable: Disable setting.
option -
trap-v2c-lport SNMP v2c trap local port (default = 162). integer Minimum value: 1 Maximum value: 65535
trap-v2c-rport SNMP v2c trap remote port (default = 162). integer Minimum value: 1 Maximum value: 65535
events SNMP trap events.
cpu-high: Send a trap when CPU usage is high.
mem-low: Send a trap when available memory is low.
log-full: Send a trap when log disk space becomes low.
intf-ip: Send a trap when an interface IP address is changed.
vpn-tun-up: Send a trap when a VPN tunnel comes up.
vpn-tun-down: Send a trap when a VPN tunnel goes down.
ha-switch: Send a trap after an HA failover when the backup unit has taken over.
ha-hb-failure: Send a trap when HA heartbeats are not received.
ips-signature: Send a trap when IPS detects an attack.
ips-anomaly: Send a trap when IPS finds an anomaly.
av-virus: Send a trap when AntiVirus finds a virus.
av-oversize: Send a trap when AntiVirus finds an oversized file.
av-pattern: Send a trap when AntiVirus finds file matching pattern.
av-fragmented: Send a trap when AntiVirus finds a fragmented file.
fm-if-change: Send a trap when FortiManager interface changes. Send a FortiManager trap.
fm-conf-change: Send a trap when a configuration change is made by a FortiGate administrator and the FortiGate is managed by FortiManager.
bgp-established: Send a trap when a BGP FSM transitions to the established state.
bgp-backward-transition: Send a trap when a BGP FSM goes from a high numbered state to a lower numbered state.
ha-member-up: Send a trap when an HA cluster member goes up.
ha-member-down: Send a trap when an HA cluster member goes down.
ent-conf-change: Send a trap when an entity MIB change occurs (RFC4133).
av-conserve: Send a trap when the FortiGate enters conserve mode.
av-bypass: Send a trap when the FortiGate enters bypass mode.
av-oversize-passed: Send a trap when AntiVirus passes an oversized file.
av-oversize-blocked: Send a trap when AntiVirus blocks an oversized file.
ips-pkg-update: Send a trap when the IPS signature database or engine is updated.
ips-fail-open: Send a trap when the IPS network buffer is full.
faz-disconnect: Send a trap when a FortiAnalyzer disconnects from the FortiGate.
wc-ap-up: Send a trap when a managed FortiAP comes up.
wc-ap-down: Send a trap when a managed FortiAP goes down.
fswctl-session-up: Send a trap when a FortiSwitch controller session comes up.
fswctl-session-down: Send a trap when a FortiSwitch controller session goes down.
load-balance-real-server-down: Send a trap when a server load balance real server goes down.
device-new: Send a trap when a new device is found.
per-cpu-high: Send a trap when per-CPU usage is high.
option -

config hosts

Parameter Name Description Type Size
source-ip Source IPv4 address for SNMP traps. ipv4-address Not Specified
ip IPv4 address of the SNMP manager (host). user Not Specified
ha-direct Enable/disable direct management of HA cluster members.
enable: Enable setting.
disable: Disable setting.
option -
host-type Control whether the SNMP manager sends SNMP queries, receives SNMP traps, or both.
any: Accept queries from and send traps to this SNMP manager.
query: Accept queries from this SNMP manager but do not send traps.
trap: Send traps to this SNMP manager but do not accept SNMP queries from this SNMP manager.
option -

config hosts6

Parameter Name Description Type Size
source-ipv6 Source IPv6 address for SNMP traps. ipv6-address Not Specified
ipv6 SNMP manager IPv6 address prefix. ipv6-prefix Not Specified
ha-direct Enable/disable direct management of HA cluster members.
enable: Enable setting.
disable: Disable setting.
option -
host-type Control whether the SNMP manager sends SNMP queries, receives SNMP traps, or both.
any: Accept queries from and send traps to this SNMP manager.
query: Accept queries from this SNMP manager but do not send traps.
trap: Send traps to this SNMP manager but do not accept SNMP queries from this SNMP manager.
option -