Configuring SNMP queries and traps
Go to System > Configuration > SNMP to configure SNMP to monitor FortiVoice Gateway events and thresholds.
To monitor FortiVoice Gateway information and receive FortiVoice traps, you must compile Fortinet proprietary MIBs as well as Fortinet-supported standard MIBs into your SNMP manager. RFC support includes support for most of RFC 2665 (Ethernet-like MIB) and most of RFC 1213 (MIB II). For more information, see FortiVoice MIBs.
The FortiVoice SNMP implementation is read-only. SNMP v1, v2c, and v3 compliant SNMP managers have read-only access to FortiVoice Gateway information and can receive FortiVoice traps.
The FortiVoice SNMP v3 implementation includes support for queries, traps, authentication, and privacy. Before you can use its SNMP queries, you must enable SNMP access on the network interfaces that SNMP managers will use to access the FortiVoice Gateway. For more information, see Creating or editing network interfaces.
This topic includes:
- Configuring an SNMP threshold
- Configuring an SNMP v1 and v2c community
- Configuring an SNMP v3 user
- FortiVoice MIBs
- FortiVoice traps
Configuring an SNMP threshold
Configure under what circumstances an event is triggered.
To set SNMP thresholds
- Go to System > Configuration > SNMP.
- Configure the following:
GUI field
Description
SNMP agent enabled
Enable to activate the FortiVoice SNMP agent. This must be enabled to accept queries from SNMP managers or send traps from the FortiVoice Gateway.
Description
Enter a descriptive name for the FortiVoice Gateway .
Location
Enter the location of the FortiVoice Gateway .
Contact
Enter administrator contact information.
SNMP Threshold
To change a value in the four editable columns, select the value in any row. It becomes editable. Change the value and click outside of the field. A red triangle appears in the field’s corner and remains until you click Apply.
Trap Type
Displays the type of trap, such as CPU Usage.
Trigger
You can enter either the percent of the resource in use or the number of times the trigger level must be reached before it is triggered.
For example, using the default value, if the mailbox disk is 90% or more full, it will trigger.
Threshold
Sets the number of triggers that will result in an SNMP trap.
For example, if the CPU level exceeds the set trigger percentage once before returning to a lower level, and the threshold is set to more than one, an SNMP trap will not be generated until that minimum number of triggers occurs during the sample period.
Sample Period(s)
Sets the time period in seconds during which the FortiVoice Gateway SNMP agent counts the number of triggers that occurred.
This value should not be less than the Sample Freq(s) value.
Sample Freq(s)
Sets the interval in seconds between measurements of the trap condition. You will not receive traps faster than this rate, depending on the selected sample period.
This value should be less than the Sample Period(s) value.
Community
Displays the list of SNMP communities (for SNMP v1 and v2c) added to the FortiVoice configuration. For information on configuring a community, see either Configuring an SNMP v1 and v2c community or Configuring an SNMP v3 user.
Enabled
Displays the status of the SNMP community and allows you to change it.
Name
Displays the name of the SNMP community. The SNMP Manager must be configured with this name.
Queries
A green check mark icon indicates that queries are enabled.
Traps
A green check mark icon indicates that traps are enabled.
User
Displays the list of SNMP v3 users added to the FortiVoice configuration. For information on configuring a v3 user, see Configuring an SNMP v3 user.
Enabled
Displays the status of the SNMP v3 user and allows you to change it.
Name
Displays the name of the SNMP v3 user. The SNMP Manager must be configured with this name.
Queries
A green check mark icon indicates that queries are enabled.
Traps
A green check mark icon indicates that traps are enabled.
Security Level
Displays the security level.
- Click Apply.
Configuring an SNMP v1 and v2c community
An SNMP community is a grouping of equipment for SNMP-based network administration purposes. You can add up to three SNMP communities so that SNMP managers can connect to the FortiVoice Gateway to view system information and receive SNMP traps. You can configure each community differently for SNMP traps and to monitor different events. You can add the IP addresses of up to eight SNMP managers to each community.
To configure an SNMP community
- Go to System > Configuration > SNMP.
- Under Community, click New to add a community or select a community and click Edit.
The SNMP Community page appears.
- Configure the following:
GUI field
Description
Enabled
Enable to send traps to and allow queries from the community’s SNMP managers.
Name
Enter a name to identify the SNMP community. If you are editing an existing community, you cannot change the name.
You can add up to 16 communities.
Community Hosts
Lists SNMP managers that can use the Setting in this SNMP community to monitor the FortiVoice Gateway . Click Create to create a new entry.
You can add up to 16 hosts.
IP Address
Enter the IP address of an SNMP manager. By default, the IP address is 0.0.0.0, so that any SNMP manager can use this SNMP community.
Create
(button)
Click to add a new default entry to the Hosts list that you can edit as needed.
Delete
(button)
Click to remove this SNMP manager.
Queries
Enter the Port number (161 by default) that the SNMP managers in this community use for SNMP v1 and SNMP v2c queries to receive configuration information from the FortiVoice Gateway . Mark the Enable check box to activate queries for each SNMP version.
Traps
Enter the Local Port and Remote Port numbers (162 local, 162 remote by default) that the FortiVoice Gateway uses to send SNMP v1 and SNMP v2c traps to the SNMP managers in this community. Enable traps for each SNMP version that the SNMP managers use.
Enable each SNMP event for which the FortiVoice Gateway should send traps to the SNMP managers in this community.
Not all events will trigger traps because FortiVoice Gateway checks its status in a scheduled interval. For example, FortiVoice Gateway checks its hardware status every 60 seconds. This means that if the power is off for a few seconds but is back on before the next status check, no system event trap will be sent.
- Click Create.
Configuring an SNMP v3 user
SNMP v3 adds more security by using authentication and privacy encryption. You can specify an SNMP v3 user on FortiVoice so that SNMP managers can connect to the FortiVoice Gateway to view system information and receive SNMP traps.
To configure an SNMP v3 user
- Go to System > Configuration > SNMP.
- Under User, click New to add a user or select a user and click Edit.
The SNMPv3 User page appears.
You can add up to 16 users.
- Configure the following:
GUI field
Description
Enabled
Enable to send traps to and allow queries from the user’s SNMP managers.
User name
Enter a name to identify the SNMP user. If you are editing an existing user, you cannot change the name.
Security level
Choose one of the three security levels:
- No authentication, no privacy: This option is similar to SNMP v1 and v2.
- Authentication, no privacy: This option enables authentication only. The SNMP manager needs to supply a password that matches the password you specify on FortiVoice. You must also specify the authentication protocol (either SHA1 or MD5).
- Authentication, privacy: This option enables both authentication and encryption. You must specify the protocols and passwords. Both the protocols and passwords on the SNMP manager and FortiVoice must match.
Authentication Protocol
For Security level, if you select either Authentication option, you must specify the authentication protocol and password. Both the authentication protocol and password on the SNMP manager and FortiVoice must match.
Privacy protocol
For Security level, if you select Privacy, you must specify the encryption protocol and password. Both the encryption protocol and password on the SNMP manager and FortiVoice must match.
Notification Hosts
Lists the SNMP managers that FortiVoice will send traps to. Click Create to create a new entry. You can add up to 16 host.
IP Address
(button)
Enter the IP address of an SNMP manager. By default, the IP address is 0.0.0.0, so that any SNMP manager can use this SNMP user.
Create
(button)
Click to add a new default entry to the Hosts list that you can edit as needed.
Delete
(button)
Click to remove this SNMP manager.
Queries
Double click the default port number (161) to enter the Port number that the SNMP managers use for SNMP v3 queries to receive configuration information from the FortiVoice Gateway . Select the Enable check box to activate queries.
Traps
Double click the default local port (162) and remote port number (162) to enter the Local Port and Remote Port numbers that the FortiVoice Gateway uses to send SNMP v3 traps to the SNMP managers. Select the Enable check box to activate traps.
Enable each SNMP event for which the FortiVoice Gateway should send traps to the SNMP managers.
Not all events trigger traps because the FortiVoice Gateway checks its status at a scheduled interval. For example, FortiVoice checks its hardware status every 60 seconds. This means that if the power is off for a few seconds but is back on before the next status check, no system event trap will be sent.
- Click Create.
FortiVoice MIBs
The FortiVoice SNMP agent supports Fortinet proprietary Management Information Base (MIB) as well as standard RFC 1213 and RFC 2665 MIBs. RFC support includes support for the parts of RFC 2665 (Ethernet-like MIB) and the parts of RFC 1213 (MIB II) that apply to FortiVoice Gateway configuration.
The FortiVoice MIBs are listed in FortiVoice MIBs. You can obtain these MIB files from Fortinet technical support. To communicate with the SNMP agent, you must compile these MIBs into your SNMP manager.
Your SNMP manager may already include standard and private MIBs in a compiled database that is ready to use. You must add the Fortinet proprietary MIB to this database. If the standard MIBs used by the Fortinet SNMP agent are already compiled into your SNMP manager you do not have to compile them again.
MIB file name |
Description |
---|---|
FortiVoice.mib |
Displays the proprietary Fortinet MIB includes detailed FortiVoice Gateway configuration information. Your SNMP manager requires this information to monitor FortiVoice configuration Setting. For more information, see MIB fields. |
FortiVoice traps
The FortiVoice Gateway's SNMP agent can send traps to SNMP managers that you have added to SNMP communities. To receive traps, you must load and compile the FortiVoice trap MIB into the SNMP manager.
All traps sent include the trap message as well as the FortiVoice Gateway serial number and host name.
MIB fields
Trap |
Description |
---|---|
fvTrapStorageDiskHighThreshold |
Trap sent if log disk usage and mailbox disk usage become too high. |
fvTrapSystemEvent |
Trap sent when the system performs actions such as shutting down, rebooting, and upgrading. |
fmlTrapHAEvent |
Trap sent when an HA event occurs. |
The Fortinet MIB contains fields reporting current FortiVoice Gateway status information. The tables below list the names of the MIB fields and describe the status information available for each. You can view more details about the information available from all Fortinet MIB fields by compiling the MIB file into your SNMP manager and browsing the MIB fields.
System session MIB fields
MIB field |
Description |
---|---|
fvSysModel |
FortiVoice Gateway model number. |
fvSysSerial |
FortiVoice Gateway serial number. |
fvSysVersion |
The firmware version currently running on the FortiVoice Gateway . |
fvSysCpuUsage |
The current CPU usage (%). |
fvSysMemUsage |
The current memory utilization (%). |
fvSysLogDiskUsage |
The log disk usage (%). |
fvSysStorageDiskUsage |
The storage disk usage (%). |
fvSysEventCode |
System component events. |
fvSysload |
Current system load. |