Enable SNMP Management Stations and Traps

An SNMP trap is an event notification your Firebox or XTM device sends to an SNMP management station. The trap identifies when a specific condition occurs, such as a value that is more than its predefined threshold. Your device can send a trap for any policy.

An SNMP inform request is similar to a trap, but the receiver sends a response. If your device does not get a response, it sends the inform request again until the SNMP manager sends a response. A trap is sent only once, and the receiver does not send any acknowledgment when it gets the trap.

An inform request is more reliable than a trap because your Firebox or XTM device knows whether the inform request was received. However, inform requests consume more resources. They are held in memory until the sender gets a response. If an inform request must be sent more than once, the retries increase traffic. Because each sent receipt increases the amount of memory in use on the router and the amount of network traffic, we recommend that you consider whether it is necessary to send a receipt for every SNMP notification.

To enable SNMP inform requests, you must use SNMPv2 or SNMPv3. SNMPv1 supports only traps, not inform requests.

Configure SNMP Management Stations

  1. Select System > SNMP.
    The SNMP page appears.

Screen shot of the SNMP Settings page

  1. From the SNMP Traps drop-down list, select a trap or inform.
    SNMPv1 supports only traps, not inform requests.
  2. In the SNMP Management Stations text box, type the IP address of your SNMP server. Click Add.
    The IP address appears in the SNMP Management Stations list.
  3. To remove a server from the list, select the entry and click Remove.
  4. Click Save.

Add an SNMP Policy

To enable your Firebox or XTM device to receive SNMP polls, you must also add an SNMP policy. 

  1. Select Firewall > Firewall Policies.
  2. Click Add Policy.
  3. From the Packet Filters drop-down list, select SNMP. Click Add Policy.
    The Policy Configuration page appears.
  4. In the Name text box, type a name for the policy.
  5. Select the Enable check box.
  6. In the From section, click Add.
    The Add Member dialog box appears.
  7. From the Member type drop-down list, select Host IP.
  8. In the text box, type the IP address of your SNMP server. Click OK.
  9. From the From list, select Any-Trusted. Click Remove.
  10. In the To section, click Add.
    The Add Member dialog box appears.
  11. From the drop-down list, select Firebox. Click OK.
  12. From the To list, select Any-External. Click Remove.
  13. Click Save.

Send an SNMP Trap for a Policy

Your Firebox or XTM device can send an SNMP trap when traffic is filtered by a policy. You must have at least one SNMP management station configured to enable SNMP traps.

  1. Select Firewall > Firewall Policies.
  2. Click a policy.
    Or, select a policy check box and from the Action drop-down list, select Edit Policy.
    The Policy Configuration page appears.
  3. Select the Settings tab.
  4. In the Logging section, select the Send SNMP Trap check box.
  5. Click Save.

See Also

About SNMP

About Management Information Bases (MIBs)

About SNMP Traps for Alarms

Enable SNMP Polling

Give Us Feedback  •   Get Support  •   All Product Documentation  •   Knowledge Base