Fortinet white logo
Fortinet white logo

Administration Guide

Fortinet MIBs

Fortinet MIBs

The FortiPAM SNMP agent supports Fortinet proprietary MIBs, as well as standard RFC 1213 and RFC 2665 MIBs. RFC support includes support for the parts of RFC 2665 (Ethernet-like MIB) and the parts of RFC 1213 (MIB II) that apply to FortiPAM unit configuration.

There are two MIB files for FortiPAM units; both files are required for proper SNMP data collection:

  • Fortinet MIB: contains traps, fields, and information that is common to all Fortinet products.

  • FortiPAM MIB: contains traps, fields, and information that is specific to FortiPAM units.

The Fortinet MIB and FortiPAM MIB, along with the two RFC MIBs, are listed in the table in this section.

To download the MIB files, go to System > SNMP and select a MIB link in the SNMP section. See SNMP.

Your SNMP manager may already include standard and private MIBs in a compiled database that is ready to use. You must add the Fortinet proprietary MIB to this database to have access to the Fortinet-specific information.

MIB files are updated for each version of FortiPAM. When upgrading the firmware, ensure that you update the Fortinet FortiPAM MIB file compiled in your SNMP manager as well.

MIB file name

Description

FORTINET-CORE-MIB.mib

The Fortinet MIB includes all system configuration information and trap information that is common to all Fortinet products. Your SNMP manager requires this information to monitor FortiPAM unit configuration settings and receive traps from the FortiPAM SNMP agent.

FORTINET-FortiPAM-MIB.mib

The FortiPAM MIB includes all system configuration information and trap information that is specific to FortiPAM units. Your SNMP manager requires this information to monitor FortiPAM configuration settings and receive traps from the FortiPAM SNMP agent. FortiManager systems require this MIB to monitor FortiPAM units.

SNMP get command syntax

Normally, to get configuration and status information for a FortiPAM unit, an SNMP manager would use an SNMP get command to get the information in a MIB field. The SNMP get command syntax would be similar to:

snmpget -v2c -c <community_name> <address_ipv4> {<OID> | <MIB_field>}

where:

  • <community_name> refers to the SNMP community name added to the FortiPAM configuration. You can add more than one community name to a FortiPAM SNMP configuration. The most commonly used community name is public. For security reasons, Fortinet recommends that neither public nor private be used for SNMP community names.

  • <address_ipv4> is the IP address of the FortiPAM interface that the SNMP manager connects to

  • {<OID> | <MIB_field>} is the object identifier for the MIB field or the MIB field name itself.

For example, to retrieve the serial number of the FortiPAM device, the following command could be issued:

snmpget -v2c -c fortinet 192.168.1.110 1.3.6.1.4.1.12356.100.1.1.1.0

iso.3.6.1.4.1.12356.100.1.1.1.0 = STRING: "FPXVM2TM22000445"

In this example, the community name is fortinet, the IP address of the interface configured for SNMP management access is 192.168.1.110. The serial number of the FortiPAM device is queried using the OID:

1.3.6.1.4.1.12356.100.1.1.1.0.

Fortinet MIBs

Fortinet MIBs

The FortiPAM SNMP agent supports Fortinet proprietary MIBs, as well as standard RFC 1213 and RFC 2665 MIBs. RFC support includes support for the parts of RFC 2665 (Ethernet-like MIB) and the parts of RFC 1213 (MIB II) that apply to FortiPAM unit configuration.

There are two MIB files for FortiPAM units; both files are required for proper SNMP data collection:

  • Fortinet MIB: contains traps, fields, and information that is common to all Fortinet products.

  • FortiPAM MIB: contains traps, fields, and information that is specific to FortiPAM units.

The Fortinet MIB and FortiPAM MIB, along with the two RFC MIBs, are listed in the table in this section.

To download the MIB files, go to System > SNMP and select a MIB link in the SNMP section. See SNMP.

Your SNMP manager may already include standard and private MIBs in a compiled database that is ready to use. You must add the Fortinet proprietary MIB to this database to have access to the Fortinet-specific information.

MIB files are updated for each version of FortiPAM. When upgrading the firmware, ensure that you update the Fortinet FortiPAM MIB file compiled in your SNMP manager as well.

MIB file name

Description

FORTINET-CORE-MIB.mib

The Fortinet MIB includes all system configuration information and trap information that is common to all Fortinet products. Your SNMP manager requires this information to monitor FortiPAM unit configuration settings and receive traps from the FortiPAM SNMP agent.

FORTINET-FortiPAM-MIB.mib

The FortiPAM MIB includes all system configuration information and trap information that is specific to FortiPAM units. Your SNMP manager requires this information to monitor FortiPAM configuration settings and receive traps from the FortiPAM SNMP agent. FortiManager systems require this MIB to monitor FortiPAM units.

SNMP get command syntax

Normally, to get configuration and status information for a FortiPAM unit, an SNMP manager would use an SNMP get command to get the information in a MIB field. The SNMP get command syntax would be similar to:

snmpget -v2c -c <community_name> <address_ipv4> {<OID> | <MIB_field>}

where:

  • <community_name> refers to the SNMP community name added to the FortiPAM configuration. You can add more than one community name to a FortiPAM SNMP configuration. The most commonly used community name is public. For security reasons, Fortinet recommends that neither public nor private be used for SNMP community names.

  • <address_ipv4> is the IP address of the FortiPAM interface that the SNMP manager connects to

  • {<OID> | <MIB_field>} is the object identifier for the MIB field or the MIB field name itself.

For example, to retrieve the serial number of the FortiPAM device, the following command could be issued:

snmpget -v2c -c fortinet 192.168.1.110 1.3.6.1.4.1.12356.100.1.1.1.0

iso.3.6.1.4.1.12356.100.1.1.1.0 = STRING: "FPXVM2TM22000445"

In this example, the community name is fortinet, the IP address of the interface configured for SNMP management access is 192.168.1.110. The serial number of the FortiPAM device is queried using the OID:

1.3.6.1.4.1.12356.100.1.1.1.0.