SNMP OIDs with details about authenticated users 7.2.1
The fgFwAuthUserTables SNMP table gathers information about authenticated users. These are users that have been authenticated by methods supported on the FortiGate (local, FSSO, RSSO, and so on). This table supports SNMP VDOM access control and OIDs for IPv4 and IPv6 authenticated users.
Category |
Name |
OID |
---|---|---|
Number of firewall authenticated users in each VDOM |
fgFwAuthUserTables.fgFwAuthUserInfoTable.fgFwAuthUserInfoEntry.fgFwAuthUserInfoVdom |
1.3.6.1.4.1.12356.101.5.2.3.1.1.1 |
fgFwAuthUserTables.fgFwAuthUserInfoTable.fgFwAuthUserInfoEntry.fgFwAuthIpv4UserNumber |
1.3.6.1.4.1.12356.101.5.2.3.1.1.2 |
|
fgFwAuthUserTables.fgFwAuthUserInfoTable.fgFwAuthUserInfoEntry.fgFwAuthIpv6UserNumber |
1.3.6.1.4.1.12356.101.5.2.3.1.1.3 |
|
List of authenticated users in each VDOM (IPv4) |
fgFwAuthUserTables.fgFwAuthIpv4UserTable.fgFwAuthIpv4UserEntry.fgFwAuthIpv4UserIndex |
1.3.6.1.4.1.12356.101.5.2.3.2.1.1 |
fgFwAuthUserTables.fgFwAuthIpv4UserTable.fgFwAuthIpv4UserEntry.fgFwAuthIpv4UserVdom |
1.3.6.1.4.1.12356.101.5.2.3.2.1.2 |
|
fgFwAuthUserTables.fgFwAuthIpv4UserTable.fgFwAuthIpv4UserEntry.fgFwAuthIpv4UserName |
1.3.6.1.4.1.12356.101.5.2.3.2.1.3 |
|
fgFwAuthUserTables.fgFwAuthIpv4UserTable.fgFwAuthIpv4UserEntry.fgFwAuthIpv4UserType |
1.3.6.1.4.1.12356.101.5.2.3.2.1.4 |
|
fgFwAuthUserTables.fgFwAuthIpv4UserTable.fgFwAuthIpv4UserEntry.fgFwAuthIpv4UserAddr |
1.3.6.1.4.1.12356.101.5.2.3.2.1.5 |
|
List of authenticated users in each VDOM (IPv6) |
fgFwAuthUserTables.fgFwAuthIpv6UserTable.fgFwAuthIpv6UserEntry.fgFwAuthIpv6UserIndex |
1.3.6.1.4.1.12356.101.5.2.3.3.1.1 |
fgFwAuthUserTables.fgFwAuthIpv6UserTable.fgFwAuthIpv6UserEntry.fgFwAuthIpv6UserVdom |
1.3.6.1.4.1.12356.101.5.2.3.3.1.2 |
|
fgFwAuthUserTables.fgFwAuthIpv6UserTable.fgFwAuthIpv6UserEntry.fgFwAuthIpv6UserName |
1.3.6.1.4.1.12356.101.5.2.3.3.1.3 |
|
fgFwAuthUserTables.fgFwAuthIpv6UserTable.fgFwAuthIpv6UserEntry.fgFwAuthIpv6UserType |
1.3.6.1.4.1.12356.101.5.2.3.3.1.4 |
|
fgFwAuthUserTables.fgFwAuthIpv6UserTable.fgFwAuthIpv6UserEntry.fgFwAuthIpv6UserAddr |
1.3.6.1.4.1.12356.101.5.2.3.3.1.5 |
Example 1: when there is an IPv4 and IPv6 authenticated user
SNMP query:
snmpwalk -v1 -c REGR-SYS 172.16.200.1 1.3.6.1.4.1.12356.101.5.2.3-----------------------------------------------------------------------------> fgFwAuthUserTable FORTINET-FORTIGATE-MIB::fgFwUsers.3.1.1.1.1 = INTEGER: 1----------------------------------------------------------------------------------->fgFwAuthUserInfoVdom (root) FORTINET-FORTIGATE-MIB::fgFwUsers.3.1.1.1.2 = INTEGER: 2----------------------------------------------------------------------------------->fgFwAuthUserInfoVdom (vdom1) FORTINET-FORTIGATE-MIB::fgFwUsers.3.1.1.1.3 = INTEGER: 3----------------------------------------------------------------------------------->fgFwAuthUserInfoVdom (vdom2) FORTINET-FORTIGATE-MIB::fgFwUsers.3.1.1.2.1 = INTEGER: 0----------------------------------------------------------------------------------->fgFwAuthIpv4UserNumber (root) FORTINET-FORTIGATE-MIB::fgFwUsers.3.1.1.2.2 = INTEGER: 1----------------------------------------------------------------------------------->fgFwAuthIpv4UserNumber (vdom1) FORTINET-FORTIGATE-MIB::fgFwUsers.3.1.1.2.3 = INTEGER: 0----------------------------------------------------------------------------------->fgFwAuthIpv4UserNumber (vdom2) FORTINET-FORTIGATE-MIB::fgFwUsers.3.1.1.3.1 = INTEGER: 0----------------------------------------------------------------------------------->fgFwAuthIpv6UserNumber (root) FORTINET-FORTIGATE-MIB::fgFwUsers.3.1.1.3.2 = INTEGER: 1----------------------------------------------------------------------------------->fgFwAuthIpv6UserNumber (vdom1) FORTINET-FORTIGATE-MIB::fgFwUsers.3.1.1.3.3 = INTEGER: 0----------------------------------------------------------------------------------->fgFwAuthIpv6UserNumber (vdom2) FORTINET-FORTIGATE-MIB::fgFwUsers.3.2.1.1.1 = INTEGER: 1----------------------------------------------------------------------------------->fgFwAuthIpv4UserIndex FORTINET-FORTIGATE-MIB::fgFwUsers.3.2.1.2.1 = INTEGER: 2----------------------------------------------------------------------------------->fgFwAuthIpv4UserVdom FORTINET-FORTIGATE-MIB::fgFwUsers.3.2.1.3.1 = STRING: "IPvUser"-------------------------------------------------------------------------->fgFwAuthIpv4UserName FORTINET-FORTIGATE-MIB::fgFwUsers.3.2.1.4.1 = INTEGER: 1----------------------------------------------------------------------------------->fgFwAuthIpv4UserType FORTINET-FORTIGATE-MIB::fgFwUsers.3.2.1.5.1 = IpAddress: 172.16.200.55----------------------------------------------------------------->fgFwAuthIpv4UserAddr FORTINET-FORTIGATE-MIB::fgFwUsers.3.3.1.1.1 = INTEGER: 1----------------------------------------------------------------------------------->fgFwAuthIpv6UserIndex FORTINET-FORTIGATE-MIB::fgFwUsers.3.3.1.2.1 = INTEGER: 2----------------------------------------------------------------------------------->fgFwAuthIpv6UserVdom FORTINET-FORTIGATE-MIB::fgFwUsers.3.3.1.3.1 = STRING: "IPv6prefUser"------------------------------------------------------------------->fgFwAuthIpv6UserName FORTINET-FORTIGATE-MIB::fgFwUsers.3.3.1.4.1 = INTEGER: 1----------------------------------------------------------------------------------->fgFwAuthIpv6UserType FORTINET-FORTIGATE-MIB::fgFwUsers.3.3.1.5.1 = Hex-STRING: 20 00 01 72 00 16 02 00 00 00 00 00 00 00 00 00--------------->fgFwAuthIpv6UserAddr
To verify the authenticated user list in FortiOS:
# diagnose firewall auth list 172.16.200.55, IPvUser type: rsso, id: 0, duration: 5, idled: 5 flag(12): deny radius server: vdom1 packets: in 0 out 0, bytes: in 0 out 0 ----- 1 listed, 0 filtered ------
# diagnose firewall auth ipv6 list 2000:172:16:200::/64, IPv6prefUser type: rsso, id: 0, duration: 183, idled: 183 flag(12): deny radius server: vdom1 packets: in 0 out 0, bytes: in 0 out 0 ----- 1 listed, 0 filtered ------
Example 2: when there is an IPv4 authenticated user and no IPv6 authenticated user
SNMP query:
snmpwalk -v1 -c REGR-SYS 172.16.200.1 1.3.6.1.4.1.12356.101.5.2.3-----------------------------------------------------------------------------> fgFwAuthUserTable FORTINET-FORTIGATE-MIB::fgFwUsers.3.1.1.1.1 = INTEGER: 1----------------------------------------------------------------------------------->fgFwAuthUserInfoVdom (root) FORTINET-FORTIGATE-MIB::fgFwUsers.3.1.1.1.2 = INTEGER: 2----------------------------------------------------------------------------------->fgFwAuthUserInfoVdom (vdom1) FORTINET-FORTIGATE-MIB::fgFwUsers.3.1.1.1.3 = INTEGER: 3----------------------------------------------------------------------------------->fgFwAuthUserInfoVdom (vdom2) FORTINET-FORTIGATE-MIB::fgFwUsers.3.1.1.2.1 = INTEGER: 0----------------------------------------------------------------------------------->fgFwAuthIpv4UserNumber (root) FORTINET-FORTIGATE-MIB::fgFwUsers.3.1.1.2.2 = INTEGER: 1----------------------------------------------------------------------------------->fgFwAuthIpv4UserNumber (vdom1) FORTINET-FORTIGATE-MIB::fgFwUsers.3.1.1.2.3 = INTEGER: 0----------------------------------------------------------------------------------->fgFwAuthIpv4UserNumber (vdom2) FORTINET-FORTIGATE-MIB::fgFwUsers.3.1.1.3.1 = INTEGER: 0----------------------------------------------------------------------------------->fgFwAuthIpv6UserNumber (root) FORTINET-FORTIGATE-MIB::fgFwUsers.3.1.1.3.2 = INTEGER: 1----------------------------------------------------------------------------------->fgFwAuthIpv6UserNumber (vdom1) FORTINET-FORTIGATE-MIB::fgFwUsers.3.1.1.3.3 = INTEGER: 0----------------------------------------------------------------------------------->fgFwAuthIpv6UserNumber (vdom2) FORTINET-FORTIGATE-MIB::fgFwUsers.3.2.1.1.1 = INTEGER: 1----------------------------------------------------------------------------------->fgFwAuthIpv4UserIndex FORTINET-FORTIGATE-MIB::fgFwUsers.3.2.1.2.1 = INTEGER: 2----------------------------------------------------------------------------------->fgFwAuthIpv4UserVdom FORTINET-FORTIGATE-MIB::fgFwUsers.3.2.1.3.1 = STRING: "IPvUser"-------------------------------------------------------------------------->fgFwAuthIpv4UserName FORTINET-FORTIGATE-MIB::fgFwUsers.3.2.1.4.1 = INTEGER: 1----------------------------------------------------------------------------------->fgFwAuthIpv4UserType FORTINET-FORTIGATE-MIB::fgFwUsers.3.2.1.5.1 = IpAddress: 172.16.200.55----------------------------------------------------------------->fgFwAuthIpv4UserAddr
To verify the authenticated user list in FortiOS:
# diagnose firewall auth list 172.16.200.55, IPvUser type: rsso, id: 0, duration: 127, idled: 127 flag(12): deny radius server: vdom1 packets: in 0 out 0, bytes: in 0 out 0 ----- 1 listed, 0 filtered ------
# diagnose firewall auth ipv6 list ----- 0 listed, 0 filtered ------
Example 3: when there is an IPv6 authenticated user and no IPv4 authenticated user
SNMP query:
snmpwalk -v1 -c REGR-SYS 172.16.200.1 1.3.6.1.4.1.12356.101.5.2.3-----------------------------------------------------------------------------> fgFwAuthUserTable FORTINET-FORTIGATE-MIB::fgFwUsers.3.1.1.1.1 = INTEGER: 1----------------------------------------------------------------------------------->fgFwAuthUserInfoVdom (root) FORTINET-FORTIGATE-MIB::fgFwUsers.3.1.1.1.2 = INTEGER: 2----------------------------------------------------------------------------------->fgFwAuthUserInfoVdom (vdom1) FORTINET-FORTIGATE-MIB::fgFwUsers.3.1.1.1.3 = INTEGER: 3----------------------------------------------------------------------------------->fgFwAuthUserInfoVdom (vdom2) FORTINET-FORTIGATE-MIB::fgFwUsers.3.1.1.2.1 = INTEGER: 0----------------------------------------------------------------------------------->fgFwAuthIpv4UserNumber (root) FORTINET-FORTIGATE-MIB::fgFwUsers.3.1.1.2.2 = INTEGER: 1----------------------------------------------------------------------------------->fgFwAuthIpv4UserNumber (vdom1) FORTINET-FORTIGATE-MIB::fgFwUsers.3.1.1.2.3 = INTEGER: 0----------------------------------------------------------------------------------->fgFwAuthIpv4UserNumber (vdom2) FORTINET-FORTIGATE-MIB::fgFwUsers.3.1.1.3.1 = INTEGER: 0----------------------------------------------------------------------------------->fgFwAuthIpv6UserNumber (root) FORTINET-FORTIGATE-MIB::fgFwUsers.3.1.1.3.2 = INTEGER: 1----------------------------------------------------------------------------------->fgFwAuthIpv6UserNumber (vdom1) FORTINET-FORTIGATE-MIB::fgFwUsers.3.1.1.3.3 = INTEGER: 0----------------------------------------------------------------------------------->fgFwAuthIpv6UserNumber (vdom2) FORTINET-FORTIGATE-MIB::fgFwUsers.3.3.1.1.1 = INTEGER: 1----------------------------------------------------------------------------------->fgFwAuthIpv6UserIndex FORTINET-FORTIGATE-MIB::fgFwUsers.3.3.1.2.1 = INTEGER: 2----------------------------------------------------------------------------------->fgFwAuthIpv6UserVdom FORTINET-FORTIGATE-MIB::fgFwUsers.3.3.1.3.1 = STRING: "IPv6prefUser"------------------------------------------------------------------->fgFwAuthIpv6UserName FORTINET-FORTIGATE-MIB::fgFwUsers.3.3.1.4.1 = INTEGER: 1----------------------------------------------------------------------------------->fgFwAuthIpv6UserType FORTINET-FORTIGATE-MIB::fgFwUsers.3.3.1.5.1 = Hex-STRING: 20 00 01 72 00 16 02 00 00 00 00 00 00 00 00 00--------------->fgFwAuthIpv6UserAddr
To verify the authenticated user list in FortiOS:
# diagnose firewall auth list ----- 0 listed, 0 filtered ------
# diagnose firewall auth ipv6 list 2000:172:16:200::/64, IPv6prefUser type: rsso, id: 0, duration: 69, idled: 69 flag(12): deny radius server: vdom1 packets: in 0 out 0, bytes: in 0 out 0 ----- 1 listed, 0 filtered ------
Example 4: when there are no authenticated users
SNMP query:
snmpwalk -v1 -c REGR-SYS 172.16.200.1 1.3.6.1.4.1.12356.101.5.2.3-----------------------------------------------------------------------------> fgFwAuthUserTable FORTINET-FORTIGATE-MIB::fgFwUsers.3.1.1.1.1 = INTEGER: 1----------------------------------------------------------------------------------->fgFwAuthUserInfoVdom (root) FORTINET-FORTIGATE-MIB::fgFwUsers.3.1.1.1.2 = INTEGER: 2----------------------------------------------------------------------------------->fgFwAuthUserInfoVdom (vdom1) FORTINET-FORTIGATE-MIB::fgFwUsers.3.1.1.1.3 = INTEGER: 3----------------------------------------------------------------------------------->fgFwAuthUserInfoVdom (vdom2) FORTINET-FORTIGATE-MIB::fgFwUsers.3.1.1.2.1 = INTEGER: 0----------------------------------------------------------------------------------->fgFwAuthIpv4UserNumber (root) FORTINET-FORTIGATE-MIB::fgFwUsers.3.1.1.2.2 = INTEGER: 0----------------------------------------------------------------------------------->fgFwAuthIpv4UserNumber (vdom1) FORTINET-FORTIGATE-MIB::fgFwUsers.3.1.1.2.3 = INTEGER: 0----------------------------------------------------------------------------------->fgFwAuthIpv4UserNumber (vdom2) FORTINET-FORTIGATE-MIB::fgFwUsers.3.1.1.3.1 = INTEGER: 0----------------------------------------------------------------------------------->fgFwAuthIpv6UserNumber (root) FORTINET-FORTIGATE-MIB::fgFwUsers.3.1.1.3.2 = INTEGER: 0----------------------------------------------------------------------------------->fgFwAuthIpv6UserNumber (vdom1) FORTINET-FORTIGATE-MIB::fgFwUsers.3.1.1.3.3 = INTEGER: 0----------------------------------------------------------------------------------->fgFwAuthIpv6UserNumber (vdom2)
To verify the authenticated user list in FortiOS:
# diagnose firewall auth list ----- 0 listed, 0 filtered ------
# diagnose firewall auth ipv6 list ----- 0 listed, 0 filtered -----