FortiWAN Log Notification

Notification

Two methods are provided to send out the notifications for important system events: E-mail and SNMP trap.

Please configure the settings for the methods and select the event type to notify.

Notification

E-Mail Settings

The table below summarizes the event notification mail setup:

SMTP Server SMTP Server
SMTP Port Specify the port (465 by default) that the SSL encrypted SMTP is using if the SSL check box is checked. FortiWAN uses fixed port:25 for non-encrypted SMTP. This field becomes ineffective if the SSL is unchecked.
SSL Check to enable SMTP transfers over SSL.
Account Authenticated account for the mail server
Password Authenticated password for the mail server
Mail From Sender
Mail To Receiver(s). Separate receivers with “,” or “.”.
Send Test E-mail Now Click the button to run test for the email settings above.

Note: If the SMTP Server is applied with a FQDN, then the DNS Server must be set in the Web UI System > Network Settings > DNS Server (See “Set DNS server for FortiWAN”).

SNMP Trap Settings

Event notification can also be sent via SNMP traps. These can only be sent if there is an existing SNMP manager for receiving FortiWAN’s SNMP traps.

Destination IP The SNMP managing device IP
Community Name Community name

Notification

Types of Events to Notify

Event Types to Notify Check to select the events. Enter the threshold to number of connections, rate of connections and total WAN traffic to trigger the notification.
WAN link failure and recovery Send notification when a WAN link fails or recovers from failure. A integer used to indicate the failed or recovered WAN link.
Account change Send notification when an account is added, removed or password-changed.
HA slave failure and recovery Send notification when the slave unit in HA deployment fails or recovers from failure. Integer 1 indicates the slave unit recovered and integer 2 indicates it failed.
HA takeover Send notification when the local unit in HA deployment was took over by its slave unit. Integer 1 indicates the truth of HA takeover and integer 2 indicates the falseness of HA takeover.
VRRP takeover Send notification when the local unit in VRRP deployment was took over by its backup unit. Integer 1 indicates the truth of VRRP takeover and integer 2 indicates the falseness of VRRP takeover.
Number of connections reaches ___ Set the threshold and the number of connections being processed in system will be sent as an event notification when it exceeds the threshold.
Rate of connections reaches___ / sec Set the threshold and the number of connections established in system every second will be sent as an event notification when it exceeds the threshold.
Total WAN traffic reaches ___ Kbps Set the threshold and the number of current total WAN traffic (sum of inbound and outbound traffic of every WAN link) will be sent as an event notification when it exceeds the threshold.
                               Select All    Click to check all the event types
                                 Clear All     Click to uncheck all the event types

Enable Reports

This entry was posted in Administration Guides, FortiWAN on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.