Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

CLI Reference

config system snmp community

SNMP community configuration.

config system snmp community

Description: SNMP community configuration.

edit <id>

set name {string}

set status [enable|disable]

config hosts

Description: Configure IPv4 SNMP managers (hosts).

edit <id>

set source-ip {ipv4-address}

set ip {user}

set ha-direct [enable|disable]

set host-type [any|query|...]

next

end

config hosts6

Description: Configure IPv6 SNMP managers.

edit <id>

set source-ipv6 {ipv6-address}

set ipv6 {ipv6-prefix}

set ha-direct [enable|disable]

set host-type [any|query|...]

next

end

set query-v1-status [enable|disable]

set query-v1-port {integer}

set query-v2c-status [enable|disable]

set query-v2c-port {integer}

set trap-v1-status [enable|disable]

set trap-v1-lport {integer}

set trap-v1-rport {integer}

set trap-v2c-status [enable|disable]

set trap-v2c-lport {integer}

set trap-v2c-rport {integer}

set events {option1}, {option2}, ...

next

end

config system snmp community

Parameter name

Description

Type

Size

name

Community name.

string

Maximum length: 35

status

Enable/disable this SNMP community.

option

-

 

Option

Description

enable

Enable setting.

disable

Disable setting.

query-v1-status

Enable/disable SNMP v1 queries.

option

-

 

Option

Description

enable

Enable setting.

disable

Disable setting.

query-v1-port

SNMP v1 query port (default = 161).

integer

Minimum value: 1 Maximum value: 65535

query-v2c-status

Enable/disable SNMP v2c queries.

option

-

 

Option

Description

enable

Enable setting.

disable

Disable setting.

query-v2c-port

SNMP v2c query port (default = 161).

integer

Minimum value: 0 Maximum value: 65535

trap-v1-status

Enable/disable SNMP v1 traps.

option

-

 

Option

Description

enable

Enable setting.

disable

Disable setting.

trap-v1-lport

SNMP v1 trap local port (default = 162).

integer

Minimum value: 1 Maximum value: 65535

trap-v1-rport

SNMP v1 trap remote port (default = 162).

integer

Minimum value: 1 Maximum value: 65535

trap-v2c-status

Enable/disable SNMP v2c traps.

option

-

 

Option

Description

enable

Enable setting.

disable

Disable setting.

trap-v2c-lport

SNMP v2c trap local port (default = 162).

integer

Minimum value: 1 Maximum value: 65535

trap-v2c-rport

SNMP v2c trap remote port (default = 162).

integer

Minimum value: 1 Maximum value: 65535

events

SNMP trap events.

option

-

 

Option

Description

cpu-high

Send a trap when CPU usage is high.

mem-low

Send a trap when available memory is low.

log-full

Send a trap when log disk space becomes low.

intf-ip

Send a trap when an interface IP address is changed.

vpn-tun-up

Send a trap when a VPN tunnel comes up.

vpn-tun-down

Send a trap when a VPN tunnel goes down.

ha-switch

Send a trap after an HA failover when the backup unit has taken over.

ha-hb-failure

Send a trap when HA heartbeats are not received.

ips-signature

Send a trap when IPS detects an attack.

ips-anomaly

Send a trap when IPS finds an anomaly.

av-virus

Send a trap when AntiVirus finds a virus.

av-oversize

Send a trap when AntiVirus finds an oversized file.

av-pattern

Send a trap when AntiVirus finds file matching pattern.

av-fragmented

Send a trap when AntiVirus finds a fragmented file.

fm-if-change

Send a trap when FortiManager interface changes. Send a FortiManager trap.

fm-conf-change

Send a trap when a configuration change is made by a FortiGate administrator and the FortiGate is managed by FortiManager.

bgp-established

Send a trap when a BGP FSM transitions to the established state.

bgp-backward-transition

Send a trap when a BGP FSM goes from a high numbered state to a lower numbered state.

ha-member-up

Send a trap when an HA cluster member goes up.

ha-member-down

Send a trap when an HA cluster member goes down.

ent-conf-change

Send a trap when an entity MIB change occurs (RFC4133).

av-conserve

Send a trap when the FortiGate enters conserve mode.

av-bypass

Send a trap when the FortiGate enters bypass mode.

av-oversize-passed

Send a trap when AntiVirus passes an oversized file.

av-oversize-blocked

Send a trap when AntiVirus blocks an oversized file.

ips-pkg-update

Send a trap when the IPS signature database or engine is updated.

ips-fail-open

Send a trap when the IPS network buffer is full.

temperature-high

Send a trap when a temperature sensor registers a temperature that is too high.

voltage-alert

Send a trap when a voltage sensor registers a voltage that is outside of the normal range.

power-supply-failure

Send a trap when a power supply fails.

faz-disconnect

Send a trap when a FortiAnalyzer disconnects from the FortiGate.

fan-failure

Send a trap when a fan fails.

wc-ap-up

Send a trap when a managed FortiAP comes up.

wc-ap-down

Send a trap when a managed FortiAP goes down.

fswctl-session-up

Send a trap when a FortiSwitch controller session comes up.

fswctl-session-down

Send a trap when a FortiSwitch controller session goes down.

load-balance-real-server-down

Send a trap when a server load balance real server goes down.

device-new

Send a trap when a new device is found.

per-cpu-high

Send a trap when per-CPU usage is high.

config hosts

Parameter name

Description

Type

Size

source-ip

Source IPv4 address for SNMP traps.

ipv4-address

Not Specified

ip

IPv4 address of the SNMP manager (host).

user

Not Specified

ha-direct

Enable/disable direct management of HA cluster members.

option

-

 

Option

Description

enable

Enable setting.

disable

Disable setting.

host-type

Control whether the SNMP manager sends SNMP queries, receives SNMP traps, or both.

option

-

 

Option

Description

any

Accept queries from and send traps to this SNMP manager.

query

Accept queries from this SNMP manager but do not send traps.

trap

Send traps to this SNMP manager but do not accept SNMP queries from this SNMP manager.

config hosts6

Parameter name

Description

Type

Size

source-ipv6

Source IPv6 address for SNMP traps.

ipv6-address

Not Specified

ipv6

SNMP manager IPv6 address prefix.

ipv6-prefix

Not Specified

ha-direct

Enable/disable direct management of HA cluster members.

option

-

 

Option

Description

enable

Enable setting.

disable

Disable setting.

host-type

Control whether the SNMP manager sends SNMP queries, receives SNMP traps, or both.

option

-

 

Option

Description

any

Accept queries from and send traps to this SNMP manager.

query

Accept queries from this SNMP manager but do not send traps.

trap

Send traps to this SNMP manager but do not accept SNMP queries from this SNMP manager.

config system snmp community

SNMP community configuration.

config system snmp community

Description: SNMP community configuration.

edit <id>

set name {string}

set status [enable|disable]

config hosts

Description: Configure IPv4 SNMP managers (hosts).

edit <id>

set source-ip {ipv4-address}

set ip {user}

set ha-direct [enable|disable]

set host-type [any|query|...]

next

end

config hosts6

Description: Configure IPv6 SNMP managers.

edit <id>

set source-ipv6 {ipv6-address}

set ipv6 {ipv6-prefix}

set ha-direct [enable|disable]

set host-type [any|query|...]

next

end

set query-v1-status [enable|disable]

set query-v1-port {integer}

set query-v2c-status [enable|disable]

set query-v2c-port {integer}

set trap-v1-status [enable|disable]

set trap-v1-lport {integer}

set trap-v1-rport {integer}

set trap-v2c-status [enable|disable]

set trap-v2c-lport {integer}

set trap-v2c-rport {integer}

set events {option1}, {option2}, ...

next

end

config system snmp community

Parameter name

Description

Type

Size

name

Community name.

string

Maximum length: 35

status

Enable/disable this SNMP community.

option

-

 

Option

Description

enable

Enable setting.

disable

Disable setting.

query-v1-status

Enable/disable SNMP v1 queries.

option

-

 

Option

Description

enable

Enable setting.

disable

Disable setting.

query-v1-port

SNMP v1 query port (default = 161).

integer

Minimum value: 1 Maximum value: 65535

query-v2c-status

Enable/disable SNMP v2c queries.

option

-

 

Option

Description

enable

Enable setting.

disable

Disable setting.

query-v2c-port

SNMP v2c query port (default = 161).

integer

Minimum value: 0 Maximum value: 65535

trap-v1-status

Enable/disable SNMP v1 traps.

option

-

 

Option

Description

enable

Enable setting.

disable

Disable setting.

trap-v1-lport

SNMP v1 trap local port (default = 162).

integer

Minimum value: 1 Maximum value: 65535

trap-v1-rport

SNMP v1 trap remote port (default = 162).

integer

Minimum value: 1 Maximum value: 65535

trap-v2c-status

Enable/disable SNMP v2c traps.

option

-

 

Option

Description

enable

Enable setting.

disable

Disable setting.

trap-v2c-lport

SNMP v2c trap local port (default = 162).

integer

Minimum value: 1 Maximum value: 65535

trap-v2c-rport

SNMP v2c trap remote port (default = 162).

integer

Minimum value: 1 Maximum value: 65535

events

SNMP trap events.

option

-

 

Option

Description

cpu-high

Send a trap when CPU usage is high.

mem-low

Send a trap when available memory is low.

log-full

Send a trap when log disk space becomes low.

intf-ip

Send a trap when an interface IP address is changed.

vpn-tun-up

Send a trap when a VPN tunnel comes up.

vpn-tun-down

Send a trap when a VPN tunnel goes down.

ha-switch

Send a trap after an HA failover when the backup unit has taken over.

ha-hb-failure

Send a trap when HA heartbeats are not received.

ips-signature

Send a trap when IPS detects an attack.

ips-anomaly

Send a trap when IPS finds an anomaly.

av-virus

Send a trap when AntiVirus finds a virus.

av-oversize

Send a trap when AntiVirus finds an oversized file.

av-pattern

Send a trap when AntiVirus finds file matching pattern.

av-fragmented

Send a trap when AntiVirus finds a fragmented file.

fm-if-change

Send a trap when FortiManager interface changes. Send a FortiManager trap.

fm-conf-change

Send a trap when a configuration change is made by a FortiGate administrator and the FortiGate is managed by FortiManager.

bgp-established

Send a trap when a BGP FSM transitions to the established state.

bgp-backward-transition

Send a trap when a BGP FSM goes from a high numbered state to a lower numbered state.

ha-member-up

Send a trap when an HA cluster member goes up.

ha-member-down

Send a trap when an HA cluster member goes down.

ent-conf-change

Send a trap when an entity MIB change occurs (RFC4133).

av-conserve

Send a trap when the FortiGate enters conserve mode.

av-bypass

Send a trap when the FortiGate enters bypass mode.

av-oversize-passed

Send a trap when AntiVirus passes an oversized file.

av-oversize-blocked

Send a trap when AntiVirus blocks an oversized file.

ips-pkg-update

Send a trap when the IPS signature database or engine is updated.

ips-fail-open

Send a trap when the IPS network buffer is full.

temperature-high

Send a trap when a temperature sensor registers a temperature that is too high.

voltage-alert

Send a trap when a voltage sensor registers a voltage that is outside of the normal range.

power-supply-failure

Send a trap when a power supply fails.

faz-disconnect

Send a trap when a FortiAnalyzer disconnects from the FortiGate.

fan-failure

Send a trap when a fan fails.

wc-ap-up

Send a trap when a managed FortiAP comes up.

wc-ap-down

Send a trap when a managed FortiAP goes down.

fswctl-session-up

Send a trap when a FortiSwitch controller session comes up.

fswctl-session-down

Send a trap when a FortiSwitch controller session goes down.

load-balance-real-server-down

Send a trap when a server load balance real server goes down.

device-new

Send a trap when a new device is found.

per-cpu-high

Send a trap when per-CPU usage is high.

config hosts

Parameter name

Description

Type

Size

source-ip

Source IPv4 address for SNMP traps.

ipv4-address

Not Specified

ip

IPv4 address of the SNMP manager (host).

user

Not Specified

ha-direct

Enable/disable direct management of HA cluster members.

option

-

 

Option

Description

enable

Enable setting.

disable

Disable setting.

host-type

Control whether the SNMP manager sends SNMP queries, receives SNMP traps, or both.

option

-

 

Option

Description

any

Accept queries from and send traps to this SNMP manager.

query

Accept queries from this SNMP manager but do not send traps.

trap

Send traps to this SNMP manager but do not accept SNMP queries from this SNMP manager.

config hosts6

Parameter name

Description

Type

Size

source-ipv6

Source IPv6 address for SNMP traps.

ipv6-address

Not Specified

ipv6

SNMP manager IPv6 address prefix.

ipv6-prefix

Not Specified

ha-direct

Enable/disable direct management of HA cluster members.

option

-

 

Option

Description

enable

Enable setting.

disable

Disable setting.

host-type

Control whether the SNMP manager sends SNMP queries, receives SNMP traps, or both.

option

-

 

Option

Description

any

Accept queries from and send traps to this SNMP manager.

query

Accept queries from this SNMP manager but do not send traps.

trap

Send traps to this SNMP manager but do not accept SNMP queries from this SNMP manager.