Fortinet black logo

Control Manager

SNMP

Copy Link
Copy Doc ID c0e495af-7299-11e9-81a4-00505692583a:887617
Download PDF

SNMP

Use the SNMP Properties view to select the SNMP protocol for devices that query FortiNAC for information. If SNMP is enabled, FortiNAC responds to SNMP communication from other devices, such as a Network Management system that might include the FortiNAC server in its own database.

Go to Settings > System Communication > SNMP.

In addition, this view is also used to set the SNMP protocol to accept SNMPv3 traps that register hosts and users. See Register hosts and users with SNMPv3 traps.

Both types of communication pass through port 161. Settings here are global. Therefore, if you choose to use SNMPv3 traps sent from other network devices to register hosts and users, then ALL other devices that query FortiNAC for information must also communicate using SNMPv3. You must modify the configuration of those external devices to use SNMPv3.

The SNMP protocols that are supported are SNMPv1/SNMPv2c and SNMPv3. SNMPv3 uses DES or AES encryption for the Privacy Password.

Privacy protocols supported are:

  • DES
  • Triple-DES
  • AES-128

SNMP MIBs used to communicate with FortiNAC are in:

/bsc/campusMgr/ui/runTime/docs/mibs/

Field

Description

Enable

If SNMP is enabled, FortiNAC responds to SNMP requests from other servers.

SNMP Protocol

Select the SNMP protocol FortiNAC will be responding to:

  • SNMPv1/SNMPv2c
  • SNMPv3-AuthPriv (SNMPv3 with Authentication and Privacy)
  • SNMPv3 AuthNoPriv (SNMPv3 with Authentication but no Privacy.)

SNMPv1/SNMPv2c

Security String

Enter the security string that FortiNAC will respond to when communicating with the server.

SNMPv3

User Name

User Name for the SNMPv3 credentials.

Authentication Protocol

Specify the SNMPv3 Authentication Protocol.

The available Authentication Protocols are

  • MD5
  • SHA1

Authentication
Password

Specify the Authentication Password required by FortiNAC when SNMPv3-AuthPriv or SNMPv3-AuthNoPriv queries are received.

Privacy Protocols

Specify the SNMPv3 Privacy Protocol.

The available privacy protocols are:

  • DES
  • Triple-DES
  • AES-128

Privacy Password

Specify the Privacy Password required by FortiNAC when SNMPv3-AuthPriv queries are received.

Management Hosts

IP Addresses

List of IP addresses of the devices that have communicated with FortiNAC through SNMP.

Set Up SNMP Communication With FortiNAC

  1. Click System > Settings.
  2. Expand the System Communication folder.
  3. Select SNMP from the tree.
  4. Click Enable and select an SNMP protocol.
  5. Enter the parameters as required for the selected protocol. See the field definitions above for additional information.
  6. Click Save Settings.

Disable SNMP communication with FortiNAC

  1. Click System > Settings.
  2. Expand the System Communication folder.
  3. Select SNMP from the tree.
  4. Click Disable.
  5. Click Save Settings.

SNMP

Use the SNMP Properties view to select the SNMP protocol for devices that query FortiNAC for information. If SNMP is enabled, FortiNAC responds to SNMP communication from other devices, such as a Network Management system that might include the FortiNAC server in its own database.

Go to Settings > System Communication > SNMP.

In addition, this view is also used to set the SNMP protocol to accept SNMPv3 traps that register hosts and users. See Register hosts and users with SNMPv3 traps.

Both types of communication pass through port 161. Settings here are global. Therefore, if you choose to use SNMPv3 traps sent from other network devices to register hosts and users, then ALL other devices that query FortiNAC for information must also communicate using SNMPv3. You must modify the configuration of those external devices to use SNMPv3.

The SNMP protocols that are supported are SNMPv1/SNMPv2c and SNMPv3. SNMPv3 uses DES or AES encryption for the Privacy Password.

Privacy protocols supported are:

  • DES
  • Triple-DES
  • AES-128

SNMP MIBs used to communicate with FortiNAC are in:

/bsc/campusMgr/ui/runTime/docs/mibs/

Field

Description

Enable

If SNMP is enabled, FortiNAC responds to SNMP requests from other servers.

SNMP Protocol

Select the SNMP protocol FortiNAC will be responding to:

  • SNMPv1/SNMPv2c
  • SNMPv3-AuthPriv (SNMPv3 with Authentication and Privacy)
  • SNMPv3 AuthNoPriv (SNMPv3 with Authentication but no Privacy.)

SNMPv1/SNMPv2c

Security String

Enter the security string that FortiNAC will respond to when communicating with the server.

SNMPv3

User Name

User Name for the SNMPv3 credentials.

Authentication Protocol

Specify the SNMPv3 Authentication Protocol.

The available Authentication Protocols are

  • MD5
  • SHA1

Authentication
Password

Specify the Authentication Password required by FortiNAC when SNMPv3-AuthPriv or SNMPv3-AuthNoPriv queries are received.

Privacy Protocols

Specify the SNMPv3 Privacy Protocol.

The available privacy protocols are:

  • DES
  • Triple-DES
  • AES-128

Privacy Password

Specify the Privacy Password required by FortiNAC when SNMPv3-AuthPriv queries are received.

Management Hosts

IP Addresses

List of IP addresses of the devices that have communicated with FortiNAC through SNMP.

Set Up SNMP Communication With FortiNAC

  1. Click System > Settings.
  2. Expand the System Communication folder.
  3. Select SNMP from the tree.
  4. Click Enable and select an SNMP protocol.
  5. Enter the parameters as required for the selected protocol. See the field definitions above for additional information.
  6. Click Save Settings.

Disable SNMP communication with FortiNAC

  1. Click System > Settings.
  2. Expand the System Communication folder.
  3. Select SNMP from the tree.
  4. Click Disable.
  5. Click Save Settings.