01. 12. 2025 Franco Federico Unified Monitoring

Monitoring Access Points behind a Fortinet Firewall

A customer recently asked me to monitor their access points. Currently, they had no monitoring system for their 100+ access points other than a firewall view showing the status of individual access points. The firewall in question was a Fortigate 660e.

I checked, and we already have an NEP that performs monitoring for Fortinet, which is the following: nep-network-fortinet-firewall — nep — Bitbucket

This NEP allows you to install plugins for Centreon, who are our partners. Here’s the documentation for the Centreon plugin used with this NEP: Fortinet Fortigate SNMP | Centreon Documentation

The feature we’ll focus on here is Ap-Usage. To use this metric, it must be configured on the firewall. Once that’s done, we can use this KPI and query the firewall with the following command:

/usr/lib/centreon/plugins/centreon_fortinet_fortigate.pl
   --mode ap-usage --hostname <ip_host>
   --snmp-community <community>
   --snmp-version <community_versione>
   --snmp-timemammout '15'
   --snmp-retries 2

This checks all access points present and monitored by Fortinet. In some cases, if there are many devices, it will overflow, so it’s recommended to also have a specific check and monitor them individually using this command:

/usr/lib/centreon/plugins/centreon_fortinet_fortigate.pl
    --mode ap-usage --hostname <ip_host>
    --snmp-community <community>
    --snmp-version <community_versione>
    --snmp-timemammout '15'
    --snmp-retries 2
    --filter-name=<ap_name>

Once this is done, we can verify whether the access point with the name <ap_name> is OK or not.

Here’s an example of the output:

OK: Access point 'XXXX' status: onLine [admin: enable], traffic in: 107.04 Kb/s, traffic out: 404.44 Kb/s, current client connections: 1, cpu usage: 8.00 %, memory usage: 57.00 % | 'traffic_in'=107042.92b/s;;;0; 'traffic_out'=404439.38b/s;;;0; 'clients'=1;;;0; 'cpu'=8.00%;;;0;100 'memory'=57.00%;;;0;100

And so with these metrics, you can automatically build graphs that are then reported by NetEye. For the firewall device, we already have the following monitoring tools ready for use with NEP:

With the related metrics in Influx. Here, for example, is CPU load:

Here’s a graph of connected VPN Users:

And here’s Hardware Health:

Access point monitoring will soon be added, as I mentioned above. It will also be possible to have a list of access point hosts to which you can add the new service based on a new template that will query the firewall for the various access points.

If you need to implement this urgently, you can clone the current command nx-c-centreon-fortinet-fortigate-cpu and the associated service template nx-st-agentless-snmp-centreon-fortinet-fortigate-cpu, or another one in that category.

Once you’ve applied this service to the new access point hosts, you’re done, and voilà! You’ve monitored your access points.

Otherwise if you prefer, you can wait for Santa Claus to arrive, who might bring this NEP. Santa Claus is coming, Ho Ho Ho!

These Solutions are Engineered by Humans

Did you find this article interesting? Does it match your skill set? Our customers often present us with problems that need customized solutions. In fact, we’re currently hiring for roles just like this and others here at Würth IT Italy.

Franco Federico

Franco Federico

Hi, I’m Franco and I was born in Monza. For 20 years I worked for IBM in various roles. I started as a customer service representative (help desk operator), then I was promoted to Windows expert. In 2004 I changed again and was promoted to consultant, business analyst, then Java developer, and finally technical support and system integrator for Enterprise Content Management (FileNet). Several years ago I became fascinated by the Open Source world, the GNU\Linux operating system, and security in general. So for 4 years during my free time I studied security systems and computer networks in order to extend my knowledge. I came across several open source technologies including the Elastic stack (formerly ELK), and started to explore them and other similar ones like Grafana, Greylog, Snort, Grok, etc. I like to script in Python, too. Then I started to work in Würth Phoenix like consultant. Two years ago I moved with my family in Berlin to work for a startup in fintech(Nuri), but the startup went bankrupt due to insolvency. No problem, Berlin offered many other opportunities and I started working for Helios IT Service as an infrastructure monitoring expert with Icinga and Elastic, but after another year I preferred to return to Italy for various reasons that we can go into in person 🙂 In my free time I continue to dedicate myself to my family(especially my daughter) and I like walking, reading, dancing and making pizza for friends and relatives.

Author

Franco Federico

Hi, I’m Franco and I was born in Monza. For 20 years I worked for IBM in various roles. I started as a customer service representative (help desk operator), then I was promoted to Windows expert. In 2004 I changed again and was promoted to consultant, business analyst, then Java developer, and finally technical support and system integrator for Enterprise Content Management (FileNet). Several years ago I became fascinated by the Open Source world, the GNU\Linux operating system, and security in general. So for 4 years during my free time I studied security systems and computer networks in order to extend my knowledge. I came across several open source technologies including the Elastic stack (formerly ELK), and started to explore them and other similar ones like Grafana, Greylog, Snort, Grok, etc. I like to script in Python, too. Then I started to work in Würth Phoenix like consultant. Two years ago I moved with my family in Berlin to work for a startup in fintech(Nuri), but the startup went bankrupt due to insolvency. No problem, Berlin offered many other opportunities and I started working for Helios IT Service as an infrastructure monitoring expert with Icinga and Elastic, but after another year I preferred to return to Italy for various reasons that we can go into in person :) In my free time I continue to dedicate myself to my family(especially my daughter) and I like walking, reading, dancing and making pizza for friends and relatives.

Latest posts by Franco Federico

09. 09. 2025 NetEye
Backing up a MariaDB Galera Cluster
12. 06. 2025 NetEye, Unified Monitoring
From Monitoring to SOC
17. 02. 2025 Unified Monitoring
Monitoring Printer Logs
10. 12. 2024 Log-SIEM
Let’s Discover ES|QL
19. 11. 2024 NetEye
Now It’s Really Easy to Activate OTP for Your Personal NetEye Account
See All

Related Content

Tags: ,

09. 02. 2024 SOCnews

SOC News | Feb 07 – FortiOS Critical Vulnerabilities

On February 8, 2024, Fortinet disclosed 2 critical vulnerabilities which could allow remote code or command execution. The vulnerabilities are as follows: FortiOS - Format String Bug in fgfmd, with CVSS severity 9.8 The versions prone to this vulnerability are: Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

Search by technology

Contact

Contact us
Serviceportal

Archive