It’s not on LibreNMS side then.
You can try the classic stuff to debug a service that cannot communicate.
Source and target Firewall / ACL, check with ss / netstat if the target get the port 161/udp in the listening state, can you ping, and so on
open port 161 on the firewall (attention to this) towards your network
On the LibreNMS host:
I would perform SNMP tests with the “snmpwalk” command before trying to add the device in LibreNMS again (it will return more information regarding the problem)
apart from this pfsense , are you able to add other devices ?
if its issue with only pfsense, check the settings mentioned by aleferrari.
in addition to it, also check the interface binding settings under pfsense SNMP settings
FortiGates need a few things in order to poll them.
Agent
Community (and source-ip should it be necessary, depending on setup)
Interface allowaccess
Firstly, enable the SNMP Agent, you can find this on the CLI with the following:
config system snmp sysinfo
show full
You need to set the status to enable if it’s not already.
On the UI you can navigate to System - SNMP and you’ll see it there too.
Then create a community or user (I will use v2c in this example, as well as disabling v1)
source-ip is important as the FortiGate will follow its route table to return packets, it may not be applicable in your use case as you said they were in the same segment/L2, but worth mentioning for future reference.
config system snmp community
edit 1
set name "v2example"
config hosts
edit 1
set source-ip <IP to use>
set ip <NMS IP>/32
next
end
set query-v1-status disable
set trap-v1-status disable
next
end
On the UI you can navigate to System - SNMP and you’ll see the same detail there. You cannot set source-ip from the UI though.
Set SNMP allowaccess on the interface you are trying to poll. I have appended it in this example. Using ‘set’ as you will likely see it on the CLI will replace the configuration, unless you specify everything in a single line of course, eg. set allowaccess ping snmp
config system interface
edit "example_interface"
append allowaccess snmp
next
end
On the UI you can find this under Network - Interfaces. Go into the interface and review Administrative Access, enable SNMP.