Fortinet white logo
Fortinet white logo

CLI Reference

config system snmp community

config system snmp community

SNMP community configuration.

config system snmp community
    Description: SNMP community configuration.
    edit <id>
        set name {string}
        set status [enable|disable]
        config hosts
            Description: Configure IPv4 SNMP managers (hosts).
            edit <id>
                set source-ip {ipv4-address}
                set ip {user}
                set ha-direct [enable|disable]
                set host-type [any|query|...]
            next
        end
        config hosts6
            Description: Configure IPv6 SNMP managers.
            edit <id>
                set source-ipv6 {ipv6-address}
                set ipv6 {ipv6-prefix}
                set ha-direct [enable|disable]
                set host-type [any|query|...]
            next
        end
        set query-v1-status [enable|disable]
        set query-v1-port {integer}
        set query-v2c-status [enable|disable]
        set query-v2c-port {integer}
        set trap-v1-status [enable|disable]
        set trap-v1-lport {integer}
        set trap-v1-rport {integer}
        set trap-v2c-status [enable|disable]
        set trap-v2c-lport {integer}
        set trap-v2c-rport {integer}
        set events {option1}, {option2}, ...
    next
end

config system snmp community

Parameter

Description

Type

Size

Default

id

Community ID.

integer

Minimum value: 0 Maximum value: 4294967295

0

name

Community name.

string

Maximum length: 35

status

Enable/disable this SNMP community.

option

-

enable

Option

Description

enable

Enable setting.

disable

Disable setting.

query-v1-status

Enable/disable SNMP v1 queries.

option

-

enable

Option

Description

enable

Enable setting.

disable

Disable setting.

query-v1-port

SNMP v1 query port.

integer

Minimum value: 1 Maximum value: 65535

161

query-v2c-status

Enable/disable SNMP v2c queries.

option

-

enable

Option

Description

enable

Enable setting.

disable

Disable setting.

query-v2c-port

SNMP v2c query port.

integer

Minimum value: 0 Maximum value: 65535

161

trap-v1-status

Enable/disable SNMP v1 traps.

option

-

enable

Option

Description

enable

Enable setting.

disable

Disable setting.

trap-v1-lport

SNMP v1 trap local port.

integer

Minimum value: 1 Maximum value: 65535

162

trap-v1-rport

SNMP v1 trap remote port.

integer

Minimum value: 1 Maximum value: 65535

162

trap-v2c-status

Enable/disable SNMP v2c traps.

option

-

enable

Option

Description

enable

Enable setting.

disable

Disable setting.

trap-v2c-lport

SNMP v2c trap local port.

integer

Minimum value: 1 Maximum value: 65535

162

trap-v2c-rport

SNMP v2c trap remote port.

integer

Minimum value: 1 Maximum value: 65535

162

events

SNMP trap events.

option

-

cpu-high mem-low log-full intf-ip vpn-tun-up vpn-tun-down ha-switch ha-hb-failure ips-signature ips-anomaly av-virus av-oversize av-pattern av-fragmented fm-if-change ha-member-up ha-member-down ent-conf-change av-conserve av-bypass av-oversize-passed av-oversize-blocked ips-pkg-update ips-fail-open faz-disconnect load-balance-real-server-down per-cpu-high dhcp pool-usage

Option

Description

cpu-high

Send a trap when CPU usage is high.

mem-low

Send a trap when available memory is low.

log-full

Send a trap when log disk space becomes low.

intf-ip

Send a trap when an interface IP address is changed.

vpn-tun-up

Send a trap when a VPN tunnel comes up.

vpn-tun-down

Send a trap when a VPN tunnel goes down.

ha-switch

Send a trap after an HA failover when the backup unit has taken over.

ha-hb-failure

Send a trap when HA heartbeats are not received.

ips-signature

Send a trap when IPS detects an attack.

ips-anomaly

Send a trap when IPS finds an anomaly.

av-virus

Send a trap when AntiVirus finds a virus.

av-oversize

Send a trap when AntiVirus finds an oversized file.

av-pattern

Send a trap when AntiVirus finds file matching pattern.

av-fragmented

Send a trap when AntiVirus finds a fragmented file.

fm-if-change

Send a trap when FortiManager interface changes. Send a FortiManager trap.

fm-conf-change

Send a trap when a configuration change is made by a FortiProxy administrator and the FortiProxy is managed by FortiManager.

ha-member-up

Send a trap when an HA cluster member goes up.

ha-member-down

Send a trap when an HA cluster member goes down.

ent-conf-change

Send a trap when an entity MIB change occurs (RFC4133).

av-conserve

Send a trap when the FortiProxy enters conserve mode.

av-bypass

Send a trap when the FortiProxy enters bypass mode.

av-oversize-passed

Send a trap when AntiVirus passes an oversized file.

av-oversize-blocked

Send a trap when AntiVirus blocks an oversized file.

ips-pkg-update

Send a trap when the IPS signature database or engine is updated.

ips-fail-open

Send a trap when the IPS network buffer is full.

faz-disconnect

Send a trap when a FortiAnalyzer disconnects from the FortiProxy.

load-balance-real-server-down

Send a trap when a server load balance real server goes down.

device-new

Send a trap when a new device is found.

per-cpu-high

Send a trap when per-CPU usage is high.

dhcp

Send a trap when the DHCP server exhausts the IP pool, an IP address already is in use, or a DHCP client interface received a DHCP-NAK.

pool-usage

Send a trap about ippool usage.

config hosts

Parameter

Description

Type

Size

Default

id

Host entry ID.

integer

Minimum value: 0 Maximum value: 4294967295

0

source-ip

Source IPv4 address for SNMP traps.

ipv4-address

Not Specified

0.0.0.0

ip

IPv4 address of the SNMP manager (host).

user

Not Specified

ha-direct

Enable/disable direct management of HA cluster members.

option

-

disable

Option

Description

enable

Enable setting.

disable

Disable setting.

host-type

Control whether the SNMP manager sends SNMP queries, receives SNMP traps, or both. No traps will be sent when IP type is subnet.

option

-

any

Option

Description

any

Accept queries from and send traps to this SNMP manager.

query

Accept queries from this SNMP manager but do not send traps.

trap

Send traps to this SNMP manager but do not accept SNMP queries from this SNMP manager.

config hosts6

Parameter

Description

Type

Size

Default

id

Host6 entry ID.

integer

Minimum value: 0 Maximum value: 4294967295

0

source-ipv6

Source IPv6 address for SNMP traps.

ipv6-address

Not Specified

::

ipv6

SNMP manager IPv6 address prefix.

ipv6-prefix

Not Specified

::/0

ha-direct

Enable/disable direct management of HA cluster members.

option

-

disable

Option

Description

enable

Enable setting.

disable

Disable setting.

host-type

Control whether the SNMP manager sends SNMP queries, receives SNMP traps, or both.

option

-

any

Option

Description

any

Accept queries from and send traps to this SNMP manager.

query

Accept queries from this SNMP manager but do not send traps.

trap

Send traps to this SNMP manager but do not accept SNMP queries from this SNMP manager.

config system snmp community

config system snmp community

SNMP community configuration.

config system snmp community
    Description: SNMP community configuration.
    edit <id>
        set name {string}
        set status [enable|disable]
        config hosts
            Description: Configure IPv4 SNMP managers (hosts).
            edit <id>
                set source-ip {ipv4-address}
                set ip {user}
                set ha-direct [enable|disable]
                set host-type [any|query|...]
            next
        end
        config hosts6
            Description: Configure IPv6 SNMP managers.
            edit <id>
                set source-ipv6 {ipv6-address}
                set ipv6 {ipv6-prefix}
                set ha-direct [enable|disable]
                set host-type [any|query|...]
            next
        end
        set query-v1-status [enable|disable]
        set query-v1-port {integer}
        set query-v2c-status [enable|disable]
        set query-v2c-port {integer}
        set trap-v1-status [enable|disable]
        set trap-v1-lport {integer}
        set trap-v1-rport {integer}
        set trap-v2c-status [enable|disable]
        set trap-v2c-lport {integer}
        set trap-v2c-rport {integer}
        set events {option1}, {option2}, ...
    next
end

config system snmp community

Parameter

Description

Type

Size

Default

id

Community ID.

integer

Minimum value: 0 Maximum value: 4294967295

0

name

Community name.

string

Maximum length: 35

status

Enable/disable this SNMP community.

option

-

enable

Option

Description

enable

Enable setting.

disable

Disable setting.

query-v1-status

Enable/disable SNMP v1 queries.

option

-

enable

Option

Description

enable

Enable setting.

disable

Disable setting.

query-v1-port

SNMP v1 query port.

integer

Minimum value: 1 Maximum value: 65535

161

query-v2c-status

Enable/disable SNMP v2c queries.

option

-

enable

Option

Description

enable

Enable setting.

disable

Disable setting.

query-v2c-port

SNMP v2c query port.

integer

Minimum value: 0 Maximum value: 65535

161

trap-v1-status

Enable/disable SNMP v1 traps.

option

-

enable

Option

Description

enable

Enable setting.

disable

Disable setting.

trap-v1-lport

SNMP v1 trap local port.

integer

Minimum value: 1 Maximum value: 65535

162

trap-v1-rport

SNMP v1 trap remote port.

integer

Minimum value: 1 Maximum value: 65535

162

trap-v2c-status

Enable/disable SNMP v2c traps.

option

-

enable

Option

Description

enable

Enable setting.

disable

Disable setting.

trap-v2c-lport

SNMP v2c trap local port.

integer

Minimum value: 1 Maximum value: 65535

162

trap-v2c-rport

SNMP v2c trap remote port.

integer

Minimum value: 1 Maximum value: 65535

162

events

SNMP trap events.

option

-

cpu-high mem-low log-full intf-ip vpn-tun-up vpn-tun-down ha-switch ha-hb-failure ips-signature ips-anomaly av-virus av-oversize av-pattern av-fragmented fm-if-change ha-member-up ha-member-down ent-conf-change av-conserve av-bypass av-oversize-passed av-oversize-blocked ips-pkg-update ips-fail-open faz-disconnect load-balance-real-server-down per-cpu-high dhcp pool-usage

Option

Description

cpu-high

Send a trap when CPU usage is high.

mem-low

Send a trap when available memory is low.

log-full

Send a trap when log disk space becomes low.

intf-ip

Send a trap when an interface IP address is changed.

vpn-tun-up

Send a trap when a VPN tunnel comes up.

vpn-tun-down

Send a trap when a VPN tunnel goes down.

ha-switch

Send a trap after an HA failover when the backup unit has taken over.

ha-hb-failure

Send a trap when HA heartbeats are not received.

ips-signature

Send a trap when IPS detects an attack.

ips-anomaly

Send a trap when IPS finds an anomaly.

av-virus

Send a trap when AntiVirus finds a virus.

av-oversize

Send a trap when AntiVirus finds an oversized file.

av-pattern

Send a trap when AntiVirus finds file matching pattern.

av-fragmented

Send a trap when AntiVirus finds a fragmented file.

fm-if-change

Send a trap when FortiManager interface changes. Send a FortiManager trap.

fm-conf-change

Send a trap when a configuration change is made by a FortiProxy administrator and the FortiProxy is managed by FortiManager.

ha-member-up

Send a trap when an HA cluster member goes up.

ha-member-down

Send a trap when an HA cluster member goes down.

ent-conf-change

Send a trap when an entity MIB change occurs (RFC4133).

av-conserve

Send a trap when the FortiProxy enters conserve mode.

av-bypass

Send a trap when the FortiProxy enters bypass mode.

av-oversize-passed

Send a trap when AntiVirus passes an oversized file.

av-oversize-blocked

Send a trap when AntiVirus blocks an oversized file.

ips-pkg-update

Send a trap when the IPS signature database or engine is updated.

ips-fail-open

Send a trap when the IPS network buffer is full.

faz-disconnect

Send a trap when a FortiAnalyzer disconnects from the FortiProxy.

load-balance-real-server-down

Send a trap when a server load balance real server goes down.

device-new

Send a trap when a new device is found.

per-cpu-high

Send a trap when per-CPU usage is high.

dhcp

Send a trap when the DHCP server exhausts the IP pool, an IP address already is in use, or a DHCP client interface received a DHCP-NAK.

pool-usage

Send a trap about ippool usage.

config hosts

Parameter

Description

Type

Size

Default

id

Host entry ID.

integer

Minimum value: 0 Maximum value: 4294967295

0

source-ip

Source IPv4 address for SNMP traps.

ipv4-address

Not Specified

0.0.0.0

ip

IPv4 address of the SNMP manager (host).

user

Not Specified

ha-direct

Enable/disable direct management of HA cluster members.

option

-

disable

Option

Description

enable

Enable setting.

disable

Disable setting.

host-type

Control whether the SNMP manager sends SNMP queries, receives SNMP traps, or both. No traps will be sent when IP type is subnet.

option

-

any

Option

Description

any

Accept queries from and send traps to this SNMP manager.

query

Accept queries from this SNMP manager but do not send traps.

trap

Send traps to this SNMP manager but do not accept SNMP queries from this SNMP manager.

config hosts6

Parameter

Description

Type

Size

Default

id

Host6 entry ID.

integer

Minimum value: 0 Maximum value: 4294967295

0

source-ipv6

Source IPv6 address for SNMP traps.

ipv6-address

Not Specified

::

ipv6

SNMP manager IPv6 address prefix.

ipv6-prefix

Not Specified

::/0

ha-direct

Enable/disable direct management of HA cluster members.

option

-

disable

Option

Description

enable

Enable setting.

disable

Disable setting.

host-type

Control whether the SNMP manager sends SNMP queries, receives SNMP traps, or both.

option

-

any

Option

Description

any

Accept queries from and send traps to this SNMP manager.

query

Accept queries from this SNMP manager but do not send traps.

trap

Send traps to this SNMP manager but do not accept SNMP queries from this SNMP manager.