config system : config system snmp community
 
config system snmp community
Use this command to configure SNMP community settings.
Before you begin:
You must have read-write permission for system settings.
Syntax
config system snmp community
edit <No.>
set name <string>
set queryportv1 <integer>
set queryportv2c <integer>
set queryv1-status {enable|disable}
set queryv2c-status {enable|disable}
set status {enable|disable}
set trapevent {cpu logdisk mem}
set trapportv1-local <integer>
set trapportv1-remote <integer>
set trapportv2c-local <integer>
set trapportv2c-remote <integer>
set trapv1-status <enable|disable>
set trapv2c-status <enable|disable>
config host
edit <No.>
set ip <address>
next
end
next
end
 
name
Name of the SNMP community to which the FortiADC system and at least one SNMP manager belongs, such as management.
You must configure the FortiADC system to belong to at least one SNMP community so that community’s SNMP managers can query system information and receive SNMP traps.
You can add up to three SNMP communities. Each community can have a different configuration for queries and traps, and the set of events that trigger a trap. You can also add the IP addresses of up to eight SNMP managers to each community to designate the destination of traps and which IP addresses are permitted to query the FortiADC system.
queryportv1
Port number on which the system listens for SNMP queries from the SNMP managers in this community. The default is 161.
queryportv2c
Port number on which the system listens for SNMP queries from the SNMP managers in this community. The default is 161.
queryv1-status
Enable/disable SNMP v1 queries.
queryv2c-status
Enable/disable SNMP v2c queries.
status
Enable/disable the configuration.
trapevent
Specify trap events:
CPU—CPU usage has exceeded 80%.
Memory—Memory (RAM) usage has exceeded 80%.
Log disk usage—Disk space usage for the log partition or disk has exceeded 90%.
trapportv1-local
Source (Local) port number for trap packets sent to SNMP managers in this community. The default is 162.
trapportv1-remote
Destination (Remote) port number for trap packets sent to SNMP managers in this community. The default is 162.
trapportv2c-local
Source (Local) port number for trap packets sent to SNMP managers in this community. The default is 162.
trapportv2c-remote
Destination (Remote) port number for trap packets sent to SNMP managers in this community. The default is 162.
trapv1-status
Enable/disable SNMP v1 traps.
trapv2c-status
Enable/disable SNMP v2c traps.
config host
 
ip
IP address of the SNMP manager to receive traps and be permitted to query the FortiADC system.
SNMP managers have read-only access. You can add up to 8 SNMP managers for a user.
To allow any IP address using this SNMP username to query the FortiADC system, enter 0.0.0.0. For security best practice reasons, however, this is not recommended.
Caution: The system sends security-sensitive traps, which should be sent only over a trusted network, and only to administrative equipment.
Note: If there are no other host IP entries, entering only 0.0.0.0 effectively disables traps because there is no specific destination for trap packets. If you do not want to disable traps, you must add at least one other entry that specifies the IP address of an SNMP manager.
Example
FortiADC-VM # config system snmp community
 
FortiADC-VM (community) # edit 1
Add new entry '1' for node 318
 
FortiADC-VM (1) # get
name :
status : enable
queryv1-status : enable
queryportv1 : 161
queryv2c-status : enable
queryportv2c : 161
trapv1-status : enable
trapportv1-local : 162
trapportv1-remote : 162
trapv2c-status : enable
trapportv2c-local : 162
trapportv2c-remote : 162
trapevent : cpu mem logdisk
 
FortiADC-VM (1) # set name community1
 
FortiADC-VM (1) # config host
<Enter>
 
FortiADC-VM (1) # config host
FortiADC-VM (host) # edit 1
Add new entry '1' for node 333
 
FortiADC-VM (1) # get
ip : 0.0.0.0
 
FortiADC-VM (1) # set ip 192.0.2.1
 
FortiADC-VM (1) # end
FortiADC-VM (1) # end