Configuring system settings : Configuring system time, options, and other system options : Configuring SNMP queries and traps : Configuring an SNMP v3 user
Configuring an SNMP v3 user
SNMP v3 adds more security by using authentication and privacy encryption. You can specify an SNMP v3 user on FortiMail so that SNMP managers can connect to the FortiMail unit to view system information and receive SNMP traps.
To configure an SNMP v3 user
1. Go to System > Configuration > SNMP.
2. Under Users, click New to add a user or select a user and click Edit.
The SNMPv3 User page appears.
You can add up to 16 users.
3. Configure the following:
 
GUI item
Description
User name
Enter a name to identify the SNMP user. If you are editing an existing user, you cannot change the name.
Enable
Enable to send traps to and allow queries from the user’s SNMP managers.
Security level
Choose one of the three security levels:
No authentication, no privacy: This option is similar to SNMP v1 and v2.
Authentication, no privacy: This option enables authentication only. The SNMP manager needs to supply a password that matches the password you specify on FortiMail. You must also specify the authentication protocol (either SHA1 or MD5).
Authentication, privacy: This option enables both authentication and encryption. You must specify the protocols and passwords. Both the protocols and passwords on the SNMP manager and FortiMail must match.
 
Authentication Protocol
For Security level, if you select either Authentication option, you must specify the authentication protocol and password. Both the authentication protocol and password on the SNMP manager and FortiMail must match.
 
Privacy protocol
For Security level, if you select Privacy, you must specify the encryption protocol and password. Both the encryption protocol and password on the SNMP manager and FortiMail must match.
Notification Hosts
Lists the SNMP managers that FortiMail will send traps to. Click Create to create a new entry. You can add up to 16 host.
 
IP Address
Enter the IP address of an SNMP manager. By default, the IP address is 0.0.0.0, so that any SNMP manager can use this SNMP user.
 
Delete
(button)
Click to remove this SNMP manager.
 
Create
(button)
Click to add a new default entry to the Hosts list that you can edit as needed.
Queries
Enter the Port number (161 by default) that the SNMP managers use for SNMP v3 queries to receive configuration information from the FortiMail unit. Select the Enable check box to activate queries.
Traps
Enter the Local Port and Remote Port numbers (162 local, 162 remote by default) that the FortiMail unit uses to send SNMP v3 traps to the SNMP managers. Select the Enable check box to activate traps.
SNMP Event
Enable each SNMP event for which the FortiMail unit should send traps to the SNMP managers.
Note: Since FortiMail checks its status in a scheduled interval, not all the events will trigger traps. For example, FortiMail checks its hardware status every 60 seconds. This means that if the power is off for a few seconds but is back on before the next status check, no system event trap will be sent.