12 Replies Latest reply on Sep 14, 2018 3:30 PM by surfertom

    FortiGate 100E Monitoring

    alec_j123

      Hi all. First ever post!

      So, we upgraded our edge firewalls from FortiGate 200Bs and 300Cs to 100Es in order to support the 5.4.x code, but once we upgraded and rediscovered our firewalls, not all the interfaces are showing up in the discovery process. I started poking around custom poller creation and noticed that the 100E is not in the MIB database. My question is this: Is there a way for me to append the MIB file (that I verified has 100E stuff in it) to the MIBs.cfg file in NPM? Or, is there a way for us to send the MIB file to SolarWinds so they can publish a new MIBs.cfg file?

      Thanks!

        • Re: FortiGate 100E Monitoring
          TerryHarding

          Raise a Support Call requesting inclusion of the MIB with SolarWinds and attach the MIB file. They will update the cfg file and let you know when it is available.

          • Re: FortiGate 100E Monitoring
            Peter Monaghan, CBCP, SCP, ITIL ver.3

            ...And then post here so the rest of us can benefit from your efforts.  :-) And you will be showered with Thwack points as your reward.

            • Re: FortiGate 100E Monitoring
              sja

              Hi

              I will say that solarwinds doesn't have to do with all that

              solarwinds use ONLY rfc1213 to get that information

              Your HW vendor is probably missing some standard features...

              What object IDs (OIDs) does NPM poll for interface information - SolarWinds Worldwide, LLC. Help and Support

               

               

              No Interface Bandwidth Utilization Data available (Data is not available)

              • Re: FortiGate 100E Monitoring
                alec_j123

                Just an update for everyone:

                I'm stuck between a battle of finger pointing between SolarWinds and FortiNet support. SolarWinds says that FortiNet doesn't seem to be using standard OIDs (which I'm siding with at this point) and FortiNet is hinting that the SolarWinds MIB database isn't good and I should be using a different poller that allows me to use their MIBs directly to monitor our devices.

                • Re: FortiGate 100E Monitoring
                  alec_j123

                  I finally got an engineer who had a 100e-series firewall in their lab. It turns out that when we moved our configs from old firewall to new, the interface SNMP indexes got messed up, which is why only random ports were being returned by NPM. Only random SNMP indexes were correct. For example, "port1" is supposed to have "set snmp-index 27", but in our config is was 15 or something like that. When changing the SNMP index numbers to what the engineer provided worked in his lab, NPM was able to see and poll interface information properly.

                  1 of 1 people found this helpful
                    • Re: FortiGate 100E Monitoring
                      rana468

                      Hi,

                       

                      But how to change the SNMP index number? I am also getting the same problem as most of our fortigate devices have been upgraded to latest firmware 5.4 with 100E and 100D model.

                        • Re: FortiGate 100E Monitoring
                          alec_j123

                          You must CLI in to the FortiGates.

                          config system interface

                          edit "port1"

                          set snmp-index #

                          next

                          edit "port2"

                          set snmp-index #

                          next

                          ...etc and so on...

                          end

                           

                          What I did is assign them all to really high numbers first to avoid the FortiGate saying the SNMP index number was already used, then reassigned them back to what FortiNet support told me they should be which is posted below. I trimmed out some of the configs they sent, but all the indexes should be there.

                           

                          config system interface

                          edit "dmz"

                          set snmp-index 1

                          next

                          edit "mgmt"

                          set snmp-index 2

                          next

                          edit "wan1"

                          set snmp-index 3

                          next

                          edit "wan2"

                          set snmp-index 4

                          next

                          edit "ha1"

                          set snmp-index 5

                          next

                          edit "ha2"

                          set snmp-index 6

                          next

                          edit "npu0_vlink0"

                          set vdom "root"

                          set status down

                          set type physical

                          set snmp-index 7

                          next

                          edit "npu0_vlink1"

                          set vdom "root"

                          set status down

                          set type physical

                          set snmp-index 8

                          next

                          edit "modem"

                          set vdom "root"

                          set mode pppoe

                          set type physical

                          set snmp-index 9

                          next

                          edit "ssl.root"

                          set vdom "root"

                          set type tunnel

                          set alias "SSL VPN interface"

                          set snmp-index 10

                          next

                          edit "port16"

                          set vdom "root"

                          set type physical

                          set snmp-index 12

                          next

                          edit "port15"

                          set vdom "root"

                          set type physical

                          set snmp-index 13

                          next

                          edit "port14"

                          set vdom "root"

                          set type physical

                          set snmp-index 14

                          next

                          edit "port13"

                          set vdom "root"

                          set type physical

                          set snmp-index 15

                          next

                          edit "port12"

                          set vdom "root"

                          set type physical

                          set snmp-index 16

                          next

                          edit "port11"

                          set vdom "root"

                          set type physical

                          set snmp-index 17

                          next

                          edit "port10"

                          set vdom "root"

                          set type physical

                          set snmp-index 18

                          next

                          edit "port9"

                          set vdom "root"

                          set type physical

                          set snmp-index 19

                          next

                          edit "port8"

                          set vdom "root"

                          set type physical

                          set snmp-index 20

                          next

                          edit "port7"

                          set vdom "root"

                          set type physical

                          set snmp-index 21

                          next

                          edit "port6"

                          set vdom "root"

                          set type physical

                          set snmp-index 22

                          next

                          edit "port5"

                          set vdom "root"

                          set type physical

                          set snmp-index 23

                          next

                          edit "port4"

                          set vdom "root"

                          set type physical

                          set snmp-index 24

                          next

                          edit "port3"

                          set vdom "root"

                          set type physical

                          set snmp-index 25

                          next

                          edit "port2"

                          set vdom "root"

                          set type physical

                          set snmp-index 26

                          next

                          edit "port1"

                          set vdom "root"

                          set type physical

                          set snmp-index 27

                          next

                          end