SNMP bridge MIB module support

This feature is only available on FortiGate Rugged 30D, which supports 802.1p.

SNMP bridge MIB module support is available on FortiGates with 802.1p to monitor STP activity.

The following OIDs have been added:

Object name	OID
dot1dBridge.dot1dBase.dot1dBaseBridgeAddress	1.3.6.1.2.1.17.1.1
dot1dBridge.dot1dBase.dot1dBaseNumPorts	1.3.6.1.2.1.17.1.2
dot1dBridge.dot1dBase.Type	1.3.6.1.2.1.17.1.3
dot1dBridge.dot1dBase.dot1dBasePortEntry.dot1dBasePortIfIndex	1.3.6.1.2.1.17.1.4.1.2
dot1dBridge.dot1dBase.dot1dBasePortEntry.dot1dBasePortCircuit	1.3.6.1.2.1.17.1.4.1.3
dot1dBridge.dot1dBase.dot1dBasePortEntry.dot1dBasePortDelayExceededDiscards	1.3.6.1.2.1.17.1.4.1.5
dot1dBridge.dot1dBase.dot1dBasePortEntry.dot1dBasePortMtuExceededDiscards	1.3.6.1.2.1.17.1.4.1.5
dot1dBridge.dot1dStp.dot1dStpProtocolSpecification	1.3.6.1.2.1.17.2.1
dot1dBridge.dot1dStp.dot1dStpPriority	1.3.6.1.2.1.17.2.2
dot1dBridge.dot1dStp.dot1dStpDesignatedRoot	1.3.6.1.2.1.17.2.5
dot1dBridge.dot1dStp.dot1dStpRootCost	1.3.6.1.2.1.17.2.6
dot1dBridge.dot1dStp.dot1dStpRootPort	1.3.6.1.2.1.17.2.7
dot1dBridge.dot1dStp.dot1dStpMaxAge	1.3.6.1.2.1.17.2.8
dot1dBridge.dot1dStp.dot1dStpHelloTime	1.3.6.1.2.1.17.2.9
dot1dBridge.dot1dStp.dot1dStpForwardDelay	1.3.6.1.2.1.17.2.11
dot1dBridge.dot1dStp.dot1dStpBridgeMaxAge	1.3.6.1.2.1.17.2.12
dot1dBridge.dot1dStp.dot1dStpBridgeHelloTime	1.3.6.1.2.1.17.2.13
dot1dBridge.dot1dStp.dot1dStpBridgeForwardDelay	1.3.6.1.2.1.17.2.14
dot1dBridge.dot1dStp.dot1dStpPortEntry.dot1dStpPortPriority	1.3.6.1.2.1.17.2.15.1.2
dot1dBridge.dot1dStp.dot1dStpPortEntry.dot1dStpPortState	1.3.6.1.2.1.17.2.15.1.3
dot1dBridge.dot1dStp.dot1dStpPortEntry.dot1dStpPortEnable	1.3.6.1.2.1.17.2.15.1.4
dot1dBridge.dot1dStp.dot1dStpPortEntry.dot1dStpPortPathCost	1.3.6.1.2.1.17.2.15.1.5

To configure an SNMP bridge MIB module:

On the FortiGate, configure SNMP:

config system snmp sysinfo
    set status enable
    set description "BRIDGE_MIB"
    set contact-info "Strike Freedom"
    set location "QA LAB"
end

config system snmp community
    edit 1
        set name "REGR-SWITCH"
        config hosts
            edit 1
                set ip 172.16.200.55 255.255.255.255
            next
            edit 2
                set ip 172.18.60.149 255.255.255.255
            next
        end
        set events cpu-high mem-low log-full intf-ip vpn-tun-up vpn-tun-down ha-switch ha-hb-failure ips-anomaly av-oversize av-fragmented fm-conf-change ha-member-up ha-member-down av-conserve av-bypass av-oversize-blocked ips-pkg-update ips-fail-open faz-disconnect
    next
end

On the SNMP server, run snmpwalk on the OID from the newly added bridge MIB.
The OID is for the bridge hello time. The SNMP server is able to query the bridge hello time from the FortiGate:
```
root@ControlPC:~# snmpwalk -v1 -c REGR-SWITCH 172.16.200.2 1.3.6.1.2.1.17.2.13
BRIDGE-MIB::dot1dStpBridgeHelloTime.0 = INTEGER: 200 centi-seconds
```

SNMP bridge MIB module support

This feature is only available on FortiGate Rugged 30D, which supports 802.1p.

SNMP bridge MIB module support is available on FortiGates with 802.1p to monitor STP activity.

The following OIDs have been added:

Object name

OID

dot1dBridge.dot1dBase.dot1dBaseBridgeAddress

1.3.6.1.2.1.17.1.1

dot1dBridge.dot1dBase.dot1dBaseNumPorts

1.3.6.1.2.1.17.1.2

dot1dBridge.dot1dBase.Type

1.3.6.1.2.1.17.1.3

dot1dBridge.dot1dBase.dot1dBasePortEntry.dot1dBasePortIfIndex

1.3.6.1.2.1.17.1.4.1.2

dot1dBridge.dot1dBase.dot1dBasePortEntry.dot1dBasePortCircuit

1.3.6.1.2.1.17.1.4.1.3

dot1dBridge.dot1dBase.dot1dBasePortEntry.dot1dBasePortDelayExceededDiscards

1.3.6.1.2.1.17.1.4.1.5

dot1dBridge.dot1dBase.dot1dBasePortEntry.dot1dBasePortMtuExceededDiscards

1.3.6.1.2.1.17.1.4.1.5

dot1dBridge.dot1dStp.dot1dStpProtocolSpecification

1.3.6.1.2.1.17.2.1

dot1dBridge.dot1dStp.dot1dStpPriority

1.3.6.1.2.1.17.2.2

dot1dBridge.dot1dStp.dot1dStpDesignatedRoot

1.3.6.1.2.1.17.2.5

dot1dBridge.dot1dStp.dot1dStpRootCost

1.3.6.1.2.1.17.2.6

dot1dBridge.dot1dStp.dot1dStpRootPort

1.3.6.1.2.1.17.2.7

dot1dBridge.dot1dStp.dot1dStpMaxAge

1.3.6.1.2.1.17.2.8

dot1dBridge.dot1dStp.dot1dStpHelloTime

1.3.6.1.2.1.17.2.9

dot1dBridge.dot1dStp.dot1dStpForwardDelay

1.3.6.1.2.1.17.2.11

dot1dBridge.dot1dStp.dot1dStpBridgeMaxAge

1.3.6.1.2.1.17.2.12

dot1dBridge.dot1dStp.dot1dStpBridgeHelloTime

1.3.6.1.2.1.17.2.13

dot1dBridge.dot1dStp.dot1dStpBridgeForwardDelay

1.3.6.1.2.1.17.2.14

dot1dBridge.dot1dStp.dot1dStpPortEntry.dot1dStpPortPriority

1.3.6.1.2.1.17.2.15.1.2

dot1dBridge.dot1dStp.dot1dStpPortEntry.dot1dStpPortState

1.3.6.1.2.1.17.2.15.1.3

dot1dBridge.dot1dStp.dot1dStpPortEntry.dot1dStpPortEnable

1.3.6.1.2.1.17.2.15.1.4

dot1dBridge.dot1dStp.dot1dStpPortEntry.dot1dStpPortPathCost

1.3.6.1.2.1.17.2.15.1.5

To configure an SNMP bridge MIB module:

On the FortiGate, configure SNMP:

config system snmp sysinfo
    set status enable
    set description "BRIDGE_MIB"
    set contact-info "Strike Freedom"
    set location "QA LAB"
end

config system snmp community
    edit 1
        set name "REGR-SWITCH"
        config hosts
            edit 1
                set ip 172.16.200.55 255.255.255.255
            next
            edit 2
                set ip 172.18.60.149 255.255.255.255
            next
        end
        set events cpu-high mem-low log-full intf-ip vpn-tun-up vpn-tun-down ha-switch ha-hb-failure ips-anomaly av-oversize av-fragmented fm-conf-change ha-member-up ha-member-down av-conserve av-bypass av-oversize-blocked ips-pkg-update ips-fail-open faz-disconnect
    next
end

On the SNMP server, run snmpwalk on the OID from the newly added bridge MIB.

The OID is for the bridge hello time. The SNMP server is able to query the bridge hello time from the FortiGate:

root@ControlPC:~# snmpwalk -v1 -c REGR-SWITCH 172.16.200.2 1.3.6.1.2.1.17.2.13
BRIDGE-MIB::dot1dStpBridgeHelloTime.0 = INTEGER: 200 centi-seconds

New Features

SNMP bridge MIB module support

SNMP bridge MIB module support

To configure an SNMP bridge MIB module:

SNMP bridge MIB module support

To configure an SNMP bridge MIB module: