FortiCache 4.0.1 Administration Guide

Manage SNMP v3 users

Selecting Create New on the SNMP v3 table opens the Create New SNMP V3 User page, which provides settings for configuring a new SNMP v3 user. Selecting a user name from the route list opens the Edit SNMP V3 User page.

Configure the following settings:

User Name Enter the name of the user.
Security Level Select the type of security level the user will have. The options include:

l No Authentication, No Private l Authentication, No Private l Authentication, Private

Auth Algorithm Select an authentication algorithm from the drop-down list; either MD5 or SHA1. Enter a password in the requisite Password field.

This option is not available if the security level is set to No Authentication, No Private.

Private Algorithm Select a private algorithm from the drop-down list; either AES or DES.

Enter a password in the requisite Password field.

This option is only available if the security level is set to Authentication, Private.

Notification Host Enter the IP address of the notification host. If you want to add more than one host, select the plus sign to add another host. Up to 16 hosts can be added.
Enable Query Select to enable or disable the query. By default, the query is enabled. Enter the port number in the Port field (161 by default).
Events Select the SNMP events that will be associated with the user.

Fortinet MIBs

The FortiCache SNMP agent supports Fortinet proprietary MIBs, as well as standard RFC 1213 and RFC 2665 MIBs. RFC support includes support for the parts of RFC 2665 (Ethernet-like MIB) and the parts of RFC 1213 (MIB II) that apply to FortiCache unit configuration.

There are two MIB files for FortiCache units; both files are required for proper SNMP data collection:

l The Fortinet MIB: contains traps, fields, and information that is common to all Fortinet products. l The FortiCache MIB: contains traps, fields, and information that is specific to FortiCache units.

The Fortinet and FortiCache MIB files are available for download on the Fortinet Customer Support site. Each Fortinet product has its own MIB – if you use other Fortinet products, you need to download their MIB files as well.

The Fortinet MIB and FortiCache MIB, along with the two RFC MIBs ,are listed in .

To download the MIB files, go to System > Config > SNMP and select a MIB link in the FortiCache SNMP MIB section. See .

Your SNMP manager may already include standard and private MIBs in a compiled database that is ready to use. You must add the Fortinet proprietary MIB to this database to have access to the Fortinet specific information.

MIB files are updated for each version of FortiCache. When upgrading the firmware ensure that you update the Fortinet FortiCache MIB file compiled in your SNMP manager as well.

MIB file name or RFC Description
FORTINET-CORE-MIB.mib The Fortinet MIB includes all system configuration information and trap information that is common to all Fortinet products. Your SNMP manager requires this information to monitor FortiCache unit configuration settings and receive traps from the FortiCache SNMP agent.
MIB file name or RFC Description
FORTINET-FORTICACHEMIB.mib The FortiCache MIB includes all system configuration information and trap information that is specific to FortiCache units. Your SNMP manager requires this information to monitor FortiCache configuration settings and receive traps from the FortiCache SNMP agent. FortiManager systems require this MIB to monitor FortiCache units.
RFC-1213 (MIB II) The FortiCache SNMP agent supports the majority of MIB II OIDs
RFC-2665 (Ethernet-like MIB) The FortiCache SNMP agent supports Ethernet-like MIB information. FortiCache SNMP does not support for the dot3Tests and dot3Errors groups.

SNMP get command syntax

Normally, to get configuration and status information for a FortiCache unit, an SNMP manager would use an

SNMP get command to get the information in a MIB field. The SNMP get command syntax would be similar to:

snmpget -v2c -c <community_name> <address_ipv4> {<OID> | <MIB_field>} where:

  • <community_name> refers to the SNMP community name added to the FortiCache configuration. You can add more than one community name to a FortiCache SNMP configuration. The most commonly used community name is public.
  • <address_ipv4> is the IP address of the FortiCache interface that the SNMP manager connects to l {<OID> | <MIB_field>} is the object identifier (OID) for the MIB field or the MIB field name itself.

For example, to query the firmware version running on the FortiCache unit, the following command could be issued

snmpget -v2c -c public 10.10.10.1 1.3.6.1.4.1.12356.109.4.1.1.0

In this example, the community name is public, the IP address of the interface configured for SNMP management access is 10.10.10.1. The firmware version is queried via the MIB field fchSysVersion, the OID for which is 1.3.6.1.4.1.12356.109.4.1.1.0.

The value returned is a string with a value of v2.0,build0225,130213.

Replacement messages

Replacement pages can be customized as required from System > Config > Replacement Messages.

The following settings are available:

Manage Images Select to view the available images and their respective tags.
Simple View / Extended View Select the view. Simple View displays a selection of Security and Authentication messages. Extended View displays all messages. See for a list of all the messages.
Name The message name.
Description The message description.
Modified A checkmark is shown is the message has been modified.
Save Save any customizations that you made to the message.
Restore Default Restore the message back to its default state.
Preview A preview of how the message looks.
Message HTML The HTML code for the message that you can edit.

The following table outlines all of the messages that can be customized, as shown in Extended View:

 

  Category            Messages Description
Administrator

Alert Email

Post-login Disclaimer

Message

Replacement message for post-login disclaimer.
Pre-login Disclaimer

Message

Replacement message for pre-login disclaimer.
Block Message Alert email text for block incidents.
Critical Event Message Alert email text for critical event notification.
Disk Full Message Alert email text for disk full events.
Intrusion Message Alert email text for IPS events.
Virus Message Alert email text for virus incidents.
  Authentication Success Page Replacement HTML for authentication success page.
Block Notification Page Replacement HTML for certificate password page.

 

 

 

  Category            Messages Description
Authentication Certificate Password Page Replacement HTML for certificate password page.
Declined Disclaimer Page Replacement HTML for user declined disclaimer page.
Disclaimer Page Replacement HTML for authentication disclaimer page.
Email Collection Replacement HTML for email collection page.
Email Collection Invalid Email Replacement HTML for email collection page after user enters invalid email.
Email Token Page Replacement HTML for email-token authentication page.
FortiToken Page Replacement HTML for FortiToken authentication page.
Guest User Email Template Replacement text for guest-user credentials email message.
Guest User Print Template Replacement HTML for guest-user credentials print out.
Keepalive Page Replacement HTML for authentication keep-alive page.
Login Challenge Page Replacement HTML for authentication login-challenge page.
Login Failed Page Replacement HTML for authentication failed page.
Login Page Replacement HTML for authentication login page.
Next FortiToken Page Replacement HTML for next FortiToken authentication page.
Password Expiration Page Replacement HTML for password expiration page.
Portal Page Replacement HTML for post-authentication portal page.
SMS Token Page Replacement HTML for SMS-token authentication page.
Success Message Replacement text for authentication success message.
Two-Factor Login Failed Replacement HTML for two-factor authentication failed page.
Two-Factor Login Page Replacement HTML for two-factor authentication login page

 

  Category            Messages Description
FortiGuard Web Filtering FortiGuard Block Page Replacement HTML for FortiGuard Webfilter block page.
FortiGuard HTTP Error Page Replacement HTML for FortiGuard Webfilter HTTP error page.
FortiGuard Override Page Replacement HTML for FortiGuard Webfilter override page.
FortiGuard Quota Page Replacement HTML for FortiGuard Webfilter quota exceeded block page.
FortiGuard Warning Page Replacement HTML for FortiGuard Webfilter warning page.

 

 

 

  Category            Messages Description
HTTP Archive Block Message Replacement HTML for HTTP archive block message.
Block Message Replacement HTML for HTTP file block message.
Content Block Message Replacement HTML for content-type block message.
Content Block Page Replacement HTML for HTTP file content block page.
Content Upload Block Page Replacement HTML for HTTP file upload content block page.
DLP Ban Message Replacement HTML for HTTP data-leak detected ban message.
Invalid Certificate Message Replacement HTML for invalid certificate message.
Oversized File Message Replacement HTML for HTTP oversized file block message.
Oversized Upload Message Replacement HTML for HTTP oversized file upload block message.
POST Block Message Replacement HTML for HTTP POST block message.
Previously Infected Block

Page

Replacement HTML for HTTP URL previously-infected block page.
Switching Protocols Blocked Replacement HTML for Switching Protocols Blocked page.
Upload Archive Block Message Replacement HTML for HTTP archive upload block message.
Upload Block Message Replacement HTML for HTTP file upload block message.
URL Block Page Replacement HTML for HTTP url blocked page.
URL Filter Error Message Replacement HTML for webfilter service error message.
Category             Messages Description
Network

Quarantine

Network Quarantine

Administrative Block Page

Replacement HTML for network quarantine administrative block page.
Network Quarantine AV Block Page Replacement HTML for network quarantine antivirus block page.
Network Quarantine DLP Block Page Replacement HTML for network quarantine DLP block page.
Network Quarantine DOS Block Page Replacement HTML for network quarantine DOS block page.
Network Quarantine IPS Block Page Replacement HTML for network quarantine IPS block page.
Security Application Control Block

Page

Replacement HTML for application control block page.
DLP Block Message Replacement text for DLP block message.
DLP Block Page Replacement HTML for DLP block page.
Virus Block Message Replacement text for antivirus block message.
Virus Block Page Replacement HTML for antivirus block page.
Web-proxy Web-proxy Authentication Failed Page Replacement HTML for web-proxy authentication failed page.
Web-proxy Authorization Failed Page Replacement HTML for web-proxy authorization failed page.
Web-proxy Block Page Replacement HTML for web-proxy block page.
Web-proxy Challenge Page Replacement HTML for web-proxy authentication required block page.
Web-proxy HTTP Error Page Replacement HTML for web-proxy HTTP error page.
Web-proxy IP Blackout Page Replacement HTML for web-proxy IP Blackout page.
Web-proxy User Limit Page Replacement HTML for web-proxy user limit block page.

Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.