Chapter 10 Install and System Administration for FortiOS 5.0 : Monitoring : SNMP : SNMP community
  
SNMP community
An SNMP community is a grouping of devices for network administration purposes. Within that SNMP community, devices can communicate by sending and receiving traps and other information. One device can belong to multiple communities, such as one administrator terminal monitoring both a firewall SNMP and a printer SNMP community.
Add SNMP communities to your FortiGate unit so that SNMP managers can connect to view system information and receive SNMP traps.
You can add up to three SNMP communities. Each community can have a different configuration for SNMP queries and traps. Each community can be configured to monitor the FortiGate unit for a different set of events. You can also add the IP addresses of up to 8 SNMP managers to each community.
When the FortiGate unit is in virtual domain mode, SNMP traps can only be sent on interfaces in the management virtual domain. Traps cannot be sent over other interfaces.
To add an SNMP v1/v2c community - web-based manager
1. Go to System > Config > SNMP.
2. In the SNMP v1/v2c area, select Create New.
3. Enter a Community Name.
4. Enter the IP address and Identify the SNMP managers that can use the settings in this SNMP community to monitor the FortiGate unit.
5. Select the interface if the SNMP manager is not on the same subnet as the FortiGate unit.
6. Enter the Port number that the SNMP managers in this community use for SNMP v1 and SNMP v2c queries to receive configuration information from the FortiGate unit. Select the Enable check box to activate queries for each SNMP version.
7. Enter the Local and Remote port numbers that the FortiGate unit uses to send SNMP v1 and SNMP v2c traps to the SNMP managers in this community.
8. Select the Enable check box to activate traps for each SNMP version.
9. Select OK.
To add an SNMP v1/v2c community - CLI
config system snmp community
edit <index_number>
set events <events_list>
set name <community_name>
set query-v1-port <port_number>
set query-v1-status {enable | disable}
set query-v2c-port <port_number>
set query-v2c-status {enable | disable}
set status {enable | disable}
set trap-v1-lport <port_number>
set trap-v1-rport <port_number>
set trap-v1-status {enable | disable}
set trap-v2c-lport <port_number>
set trap-v2c-rport <port_number>
set trap-v2c-status {enable | disable}
end
To add an SNMP v3 community - web-based manager
1. Go to System > Config > SNMP.
2. In the SNMP v3 area, select Create New.
3. Enter a User Name.
4. Select a Security Level and associated authorization algorithms.
5. Enter the IP address of the Notification Host SNMP managers that can use the settings in this SNMP community to monitor the FortiGate unit.
6. Enter the Port number that the SNMP managers in this community use to receive configuration information from the FortiGate unit. Select the Enable check box to activate queries for each SNMP version.
7. Select the Enable check box to activate traps.
8. Select OK.
To add an SNMP v3 community - CLI
config system snmp user
edit <index_number>
set security-level [auth-priv | auth-no-priv | no-auth-no-priv}
set queries enable
set query-port <port_number>
set notify-hosts <ip_address>
set events <event_selections>
end
See Also
SNMP configuration settings
Gigabit interfaces
SNMP agent
Enabling on the interface
Fortinet MIBs
SNMP get command syntax