Fortinet Document Library

Version:


Table of Contents

New Features

6.4.0
Download PDF
Copy Link

SNMP polling extensions to support new OIDs 6.4.2

New OIDs are added to support SNMP query for license details and IPsec tunnels.

To configure SNMP:
config system snmp community
    edit 1
        set name "SNMP-TEST"
        config hosts
            edit 1
                set ip 10.1.100.11 255.255.255.255
            next
            edit 2
                set ip 172.16.200.55 255.255.255.255
            next
        end
        config hosts6
            edit 1
                set ipv6 2000:172:16:200::55/128
            next
            edit 2
                set ipv6 2000:10:1:100::11/128
            next
        end
        set events cpu-high mem-low log-full intf-ip vpn-tun-up vpn-tun-down ha-switch ha-hb-failure ips-signature ips-anomaly av-virus av-oversize av-pattern av-fragmented fm-if-change fm-conf-change ha-member-up ha-member-down ent-conf-change av-conserve av-bypass av-oversize-passed av-oversize-blocked ips-pkg-update faz-disconnect
    next
end

License details

New OIDs are added in fgSystemInfoAdvanced to support SNMP query for license details, including the following two tables.

fgLicContracts 1.3.6.1.4.1.12356.101.4.6.3.1

snmpwalk -v2c -c SNMP-TEST 172.16.200.1 1.3.6.1.4.1.12356.101.4.6.3.1
FORTINET-FORTIGATE-MIB::fgLicContractCount.0 = INTEGER: 28
FORTINET-FORTIGATE-MIB::fgLicContractDesc.1 = STRING: Hardware
FORTINET-FORTIGATE-MIB::fgLicContractDesc.2 = STRING: Enhanced
FORTINET-FORTIGATE-MIB::fgLicContractDesc.3 = STRING: Firmware & general updates
FORTINET-FORTIGATE-MIB::fgLicContractDesc.4 = STRING: FortiClient
FORTINET-FORTIGATE-MIB::fgLicContractDesc.5 = STRING: Webfilter
FORTINET-FORTIGATE-MIB::fgLicContractDesc.6 = STRING: Virus Definitions
FORTINET-FORTIGATE-MIB::fgLicContractDesc.7 = STRING: Security Rating license
FORTINET-FORTIGATE-MIB::fgLicContractDesc.8 = STRING: SPRT
...
fgLicVersions 1.3.6.1.4.1.12356.101.4.6.3.2           

snmpwalk -v2c -c SNMP-TEST  172.16.200.1 1.3.6.1.4.1.12356.101.4.6.3.2 (Version info)
FORTINET-FORTIGATE-MIB::fgLicVersionCount.0 = INTEGER: 25
FORTINET-FORTIGATE-MIB::fgLicVersionDesc.1 = STRING: Application Definitions
FORTINET-FORTIGATE-MIB::fgLicVersionDesc.2 = STRING: Virus Definitions
FORTINET-FORTIGATE-MIB::fgLicVersionDesc.3 = STRING: Extended set
FORTINET-FORTIGATE-MIB::fgLicVersionDesc.4 = STRING: Extreme set
FORTINET-FORTIGATE-MIB::fgLicVersionDesc.5 = STRING: Mobile Malware Definitions
FORTINET-FORTIGATE-MIB::fgLicVersionDesc.6 = STRING: Flow-based Virus Definitions
FORTINET-FORTIGATE-MIB::fgLicVersionDesc.7 = STRING: Botnet Domain Database
FORTINET-FORTIGATE-MIB::fgLicVersionDesc.8 = STRING: Attack Definitions
FORTINET-FORTIGATE-MIB::fgLicVersionDesc.9 = STRING: Attack Extended Definitions
...

IPsec tunnels

New OIDs are added in fgVpn to support SNMP query for IPv4 and IPv6 IPsec tunnels, including the following two tables.

fgVpn2DialupTable 1.3.6.1.4.1.12356.101.12.4.1

snmpwalk  -v2c -c SNMP-TEST 172.16.200.1 1.3.6.1.4.1.12356.101.12.4.1
FORTINET-FORTIGATE-MIB::fgVpn2DialupIndex.1 = INTEGER: 1
FORTINET-FORTIGATE-MIB::fgVpn2DialupIndex.2 = INTEGER: 2
FORTINET-FORTIGATE-MIB::fgVpn2DialupIndex.3 = INTEGER: 3
FORTINET-FORTIGATE-MIB::fgVpn2DialupIndex.4 = INTEGER: 4
FORTINET-FORTIGATE-MIB::fgVpn2DialupIndex.5 = INTEGER: 5
FORTINET-FORTIGATE-MIB::fgVpn2DialupIndex.6 = INTEGER: 6
FORTINET-FORTIGATE-MIB::fgVpn2DialupGatewayType.1 = INTEGER: ipv6(2)
FORTINET-FORTIGATE-MIB::fgVpn2DialupGatewayType.2 = INTEGER: ipv6(2)
FORTINET-FORTIGATE-MIB::fgVpn2DialupGatewayType.3 = INTEGER: ipv4(1)
FORTINET-FORTIGATE-MIB::fgVpn2DialupGatewayType.4 = INTEGER: ipv4(1)
FORTINET-FORTIGATE-MIB::fgVpn2DialupGatewayType.5 = INTEGER: ipv4(1)
FORTINET-FORTIGATE-MIB::fgVpn2DialupGatewayType.6 = INTEGER: ipv4(1)
...
fgVpn2TunTable 1.3.6.1.4.1.12356.101.12.4.2

snmpwalk  -v2c -c SNMP-TEST 172.16.200.1 1.3.6.1.4.1.12356.101.12.4.2 (Tunnel VPN)
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase1Name.3.1 = STRING: tovd6
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase1Name.4.1 = STRING: tovd7
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase1Name.6.1 = STRING: dailToVd1
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase1Name.7.1 = STRING: vd3-dial-vd1
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase1Name.8.1 = STRING: spoke1
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase1Name.8.2 = STRING: spoke1
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase1Name.9.2 = STRING: spoke1v6
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase1Name.9.3 = STRING: spoke1v6
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase1Name.10.1 = STRING: Spoke2
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase1Name.10.2 = STRING: Spoke2
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase1Name.11.1 = STRING: spoke2v6
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase1Name.12.1 = STRING: tovd1
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase1Name.13.1 = STRING: vd7to1-ip6
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase2Name.3.1 = STRING: tovd6
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase2Name.4.1 = STRING: tovd7
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase2Name.6.1 = STRING: dailToVd1
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase2Name.7.1 = STRING: vd3-to-vd1
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase2Name.8.1 = STRING: spoke1
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase2Name.8.2 = STRING: spoke1-v2
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase2Name.9.2 = STRING: spoke1v6-2
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase2Name.9.3 = STRING: spoke1v6
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase2Name.10.1 = STRING: Spoke2
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase2Name.10.2 = STRING: spoke2-p2
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase2Name.11.1 = STRING: spoke2v6
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase2Name.12.1 = STRING: tovd1
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase2Name.13.1 = STRING: vd7to1-ip6
FORTINET-FORTIGATE-MIB::fgVpn2TunRemGwyIpType.3.1 = INTEGER: ipv4(1)
FORTINET-FORTIGATE-MIB::fgVpn2TunRemGwyIpType.4.1 = INTEGER: ipv6(2)
FORTINET-FORTIGATE-MIB::fgVpn2TunRemGwyIpType.6.1 = INTEGER: ipv4(1)
...

SNMP polling extensions to support new OIDs 6.4.2

New OIDs are added to support SNMP query for license details and IPsec tunnels.

To configure SNMP:
config system snmp community
    edit 1
        set name "SNMP-TEST"
        config hosts
            edit 1
                set ip 10.1.100.11 255.255.255.255
            next
            edit 2
                set ip 172.16.200.55 255.255.255.255
            next
        end
        config hosts6
            edit 1
                set ipv6 2000:172:16:200::55/128
            next
            edit 2
                set ipv6 2000:10:1:100::11/128
            next
        end
        set events cpu-high mem-low log-full intf-ip vpn-tun-up vpn-tun-down ha-switch ha-hb-failure ips-signature ips-anomaly av-virus av-oversize av-pattern av-fragmented fm-if-change fm-conf-change ha-member-up ha-member-down ent-conf-change av-conserve av-bypass av-oversize-passed av-oversize-blocked ips-pkg-update faz-disconnect
    next
end

License details

New OIDs are added in fgSystemInfoAdvanced to support SNMP query for license details, including the following two tables.

fgLicContracts 1.3.6.1.4.1.12356.101.4.6.3.1

snmpwalk -v2c -c SNMP-TEST 172.16.200.1 1.3.6.1.4.1.12356.101.4.6.3.1
FORTINET-FORTIGATE-MIB::fgLicContractCount.0 = INTEGER: 28
FORTINET-FORTIGATE-MIB::fgLicContractDesc.1 = STRING: Hardware
FORTINET-FORTIGATE-MIB::fgLicContractDesc.2 = STRING: Enhanced
FORTINET-FORTIGATE-MIB::fgLicContractDesc.3 = STRING: Firmware & general updates
FORTINET-FORTIGATE-MIB::fgLicContractDesc.4 = STRING: FortiClient
FORTINET-FORTIGATE-MIB::fgLicContractDesc.5 = STRING: Webfilter
FORTINET-FORTIGATE-MIB::fgLicContractDesc.6 = STRING: Virus Definitions
FORTINET-FORTIGATE-MIB::fgLicContractDesc.7 = STRING: Security Rating license
FORTINET-FORTIGATE-MIB::fgLicContractDesc.8 = STRING: SPRT
...
fgLicVersions 1.3.6.1.4.1.12356.101.4.6.3.2           

snmpwalk -v2c -c SNMP-TEST  172.16.200.1 1.3.6.1.4.1.12356.101.4.6.3.2 (Version info)
FORTINET-FORTIGATE-MIB::fgLicVersionCount.0 = INTEGER: 25
FORTINET-FORTIGATE-MIB::fgLicVersionDesc.1 = STRING: Application Definitions
FORTINET-FORTIGATE-MIB::fgLicVersionDesc.2 = STRING: Virus Definitions
FORTINET-FORTIGATE-MIB::fgLicVersionDesc.3 = STRING: Extended set
FORTINET-FORTIGATE-MIB::fgLicVersionDesc.4 = STRING: Extreme set
FORTINET-FORTIGATE-MIB::fgLicVersionDesc.5 = STRING: Mobile Malware Definitions
FORTINET-FORTIGATE-MIB::fgLicVersionDesc.6 = STRING: Flow-based Virus Definitions
FORTINET-FORTIGATE-MIB::fgLicVersionDesc.7 = STRING: Botnet Domain Database
FORTINET-FORTIGATE-MIB::fgLicVersionDesc.8 = STRING: Attack Definitions
FORTINET-FORTIGATE-MIB::fgLicVersionDesc.9 = STRING: Attack Extended Definitions
...

IPsec tunnels

New OIDs are added in fgVpn to support SNMP query for IPv4 and IPv6 IPsec tunnels, including the following two tables.

fgVpn2DialupTable 1.3.6.1.4.1.12356.101.12.4.1

snmpwalk  -v2c -c SNMP-TEST 172.16.200.1 1.3.6.1.4.1.12356.101.12.4.1
FORTINET-FORTIGATE-MIB::fgVpn2DialupIndex.1 = INTEGER: 1
FORTINET-FORTIGATE-MIB::fgVpn2DialupIndex.2 = INTEGER: 2
FORTINET-FORTIGATE-MIB::fgVpn2DialupIndex.3 = INTEGER: 3
FORTINET-FORTIGATE-MIB::fgVpn2DialupIndex.4 = INTEGER: 4
FORTINET-FORTIGATE-MIB::fgVpn2DialupIndex.5 = INTEGER: 5
FORTINET-FORTIGATE-MIB::fgVpn2DialupIndex.6 = INTEGER: 6
FORTINET-FORTIGATE-MIB::fgVpn2DialupGatewayType.1 = INTEGER: ipv6(2)
FORTINET-FORTIGATE-MIB::fgVpn2DialupGatewayType.2 = INTEGER: ipv6(2)
FORTINET-FORTIGATE-MIB::fgVpn2DialupGatewayType.3 = INTEGER: ipv4(1)
FORTINET-FORTIGATE-MIB::fgVpn2DialupGatewayType.4 = INTEGER: ipv4(1)
FORTINET-FORTIGATE-MIB::fgVpn2DialupGatewayType.5 = INTEGER: ipv4(1)
FORTINET-FORTIGATE-MIB::fgVpn2DialupGatewayType.6 = INTEGER: ipv4(1)
...
fgVpn2TunTable 1.3.6.1.4.1.12356.101.12.4.2

snmpwalk  -v2c -c SNMP-TEST 172.16.200.1 1.3.6.1.4.1.12356.101.12.4.2 (Tunnel VPN)
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase1Name.3.1 = STRING: tovd6
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase1Name.4.1 = STRING: tovd7
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase1Name.6.1 = STRING: dailToVd1
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase1Name.7.1 = STRING: vd3-dial-vd1
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase1Name.8.1 = STRING: spoke1
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase1Name.8.2 = STRING: spoke1
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase1Name.9.2 = STRING: spoke1v6
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase1Name.9.3 = STRING: spoke1v6
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase1Name.10.1 = STRING: Spoke2
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase1Name.10.2 = STRING: Spoke2
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase1Name.11.1 = STRING: spoke2v6
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase1Name.12.1 = STRING: tovd1
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase1Name.13.1 = STRING: vd7to1-ip6
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase2Name.3.1 = STRING: tovd6
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase2Name.4.1 = STRING: tovd7
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase2Name.6.1 = STRING: dailToVd1
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase2Name.7.1 = STRING: vd3-to-vd1
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase2Name.8.1 = STRING: spoke1
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase2Name.8.2 = STRING: spoke1-v2
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase2Name.9.2 = STRING: spoke1v6-2
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase2Name.9.3 = STRING: spoke1v6
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase2Name.10.1 = STRING: Spoke2
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase2Name.10.2 = STRING: spoke2-p2
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase2Name.11.1 = STRING: spoke2v6
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase2Name.12.1 = STRING: tovd1
FORTINET-FORTIGATE-MIB::fgVpn2TunPhase2Name.13.1 = STRING: vd7to1-ip6
FORTINET-FORTIGATE-MIB::fgVpn2TunRemGwyIpType.3.1 = INTEGER: ipv4(1)
FORTINET-FORTIGATE-MIB::fgVpn2TunRemGwyIpType.4.1 = INTEGER: ipv6(2)
FORTINET-FORTIGATE-MIB::fgVpn2TunRemGwyIpType.6.1 = INTEGER: ipv4(1)
...