Fortinet black logo

CLI Reference

system snmp user

SNMP user configuration.

  config system snmp user
      Description: SNMP user configuration.
      edit <name>
          set status [enable|disable]
          set trap-status [enable|disable]
          set trap-lport {integer}
          set trap-rport {integer}
          set queries [enable|disable]
          set query-port {integer}
          set notify-hosts {ipv4-address}
          set notify-hosts6 {ipv6-address}
          set source-ip {ipv4-address}
          set source-ipv6 {ipv6-address}
          set ha-direct [enable|disable]
          set events {option1}, {option2}, ...
          set security-level [no-auth-no-priv|auth-no-priv|...]
          set auth-proto [md5|sha|...]
          set auth-pwd {password}
          set priv-proto [aes|des|...]
          set priv-pwd {password}
      next
  end

config system snmp user

Parameter Name Description Type Size
status Enable/disable this SNMP user.
enable: Enable setting.
disable: Disable setting.
option -
trap-status Enable/disable traps for this SNMP user.
enable: Enable setting.
disable: Disable setting.
option -
trap-lport SNMPv3 local trap port (default = 162). integer Minimum value: 0 Maximum value: 65535
trap-rport SNMPv3 trap remote port (default = 162). integer Minimum value: 0 Maximum value: 65535
queries Enable/disable SNMP queries for this user.
enable: Enable setting.
disable: Disable setting.
option -
query-port SNMPv3 query port (default = 161). integer Minimum value: 0 Maximum value: 65535
notify-hosts SNMP managers to send notifications (traps) to. ipv4-address Not Specified
notify-hosts6 IPv6 SNMP managers to send notifications (traps) to. ipv6-address Not Specified
source-ip Source IP for SNMP trap. ipv4-address Not Specified
source-ipv6 Source IPv6 for SNMP trap. ipv6-address Not Specified
ha-direct Enable/disable direct management of HA cluster members.
enable: Enable setting.
disable: Disable setting.
option -
events
security-level Security level for message authentication and encryption.
no-auth-no-priv: Message with no authentication and no privacy (encryption).
auth-no-priv: Message with authentication but no privacy (encryption).
auth-priv: Message with authentication and privacy (encryption).
option -
auth-proto Authentication protocol.
md5: HMAC-MD5-96 authentication protocol.
sha: HMAC-SHA-96 authentication protocol.
sha224: HMAC-SHA224 authentication protocol.
sha256: HMAC-SHA256 authentication protocol.
sha384: HMAC-SHA384 authentication protocol.
sha512: HMAC-SHA512 authentication protocol.
option -
auth-pwd Password for authentication protocol. password Not Specified
priv-proto Privacy (encryption) protocol.
aes: CFB128-AES-128 symmetric encryption protocol.
des: CBC-DES symmetric encryption protocol.
aes256: CFB128-AES-256 symmetric encryption protocol.
aes256cisco: CFB128-AES-256 symmetric encryption protocol compatible with CISCO.
option -
priv-pwd Password for privacy (encryption) protocol. password Not Specified

SNMP user configuration.

  config system snmp user
      Description: SNMP user configuration.
      edit <name>
          set status [enable|disable]
          set trap-status [enable|disable]
          set trap-lport {integer}
          set trap-rport {integer}
          set queries [enable|disable]
          set query-port {integer}
          set notify-hosts {ipv4-address}
          set notify-hosts6 {ipv6-address}
          set source-ip {ipv4-address}
          set source-ipv6 {ipv6-address}
          set ha-direct [enable|disable]
          set events {option1}, {option2}, ...
          set security-level [no-auth-no-priv|auth-no-priv|...]
          set auth-proto [md5|sha|...]
          set auth-pwd {password}
          set priv-proto [aes|des|...]
          set priv-pwd {password}
      next
  end

config system snmp user

Parameter Name Description Type Size
status Enable/disable this SNMP user.
enable: Enable setting.
disable: Disable setting.
option -
trap-status Enable/disable traps for this SNMP user.
enable: Enable setting.
disable: Disable setting.
option -
trap-lport SNMPv3 local trap port (default = 162). integer Minimum value: 0 Maximum value: 65535
trap-rport SNMPv3 trap remote port (default = 162). integer Minimum value: 0 Maximum value: 65535
queries Enable/disable SNMP queries for this user.
enable: Enable setting.
disable: Disable setting.
option -
query-port SNMPv3 query port (default = 161). integer Minimum value: 0 Maximum value: 65535
notify-hosts SNMP managers to send notifications (traps) to. ipv4-address Not Specified
notify-hosts6 IPv6 SNMP managers to send notifications (traps) to. ipv6-address Not Specified
source-ip Source IP for SNMP trap. ipv4-address Not Specified
source-ipv6 Source IPv6 for SNMP trap. ipv6-address Not Specified
ha-direct Enable/disable direct management of HA cluster members.
enable: Enable setting.
disable: Disable setting.
option -
events
security-level Security level for message authentication and encryption.
no-auth-no-priv: Message with no authentication and no privacy (encryption).
auth-no-priv: Message with authentication but no privacy (encryption).
auth-priv: Message with authentication and privacy (encryption).
option -
auth-proto Authentication protocol.
md5: HMAC-MD5-96 authentication protocol.
sha: HMAC-SHA-96 authentication protocol.
sha224: HMAC-SHA224 authentication protocol.
sha256: HMAC-SHA256 authentication protocol.
sha384: HMAC-SHA384 authentication protocol.
sha512: HMAC-SHA512 authentication protocol.
option -
auth-pwd Password for authentication protocol. password Not Specified
priv-proto Privacy (encryption) protocol.
aes: CFB128-AES-128 symmetric encryption protocol.
des: CBC-DES symmetric encryption protocol.
aes256: CFB128-AES-256 symmetric encryption protocol.
aes256cisco: CFB128-AES-256 symmetric encryption protocol compatible with CISCO.
option -
priv-pwd Password for privacy (encryption) protocol. password Not Specified