FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
shlee
Staff
Staff
Description
When a FortiGate is running on HA, the SNMP trap sent by the slave unit will not be able to be recognized by Trap Viewer. This is because by default setting, the engine-id will use the serial number of the FortiGate.

As both of the HA  units are using the same IP address to send out the trap, only the trap sent by the master is able to be accepted and the trap sent by the slave with engine-id as different from the master will be dropped.

Scope

FortiGate in HA


Solution
This issue can be resolved by using the following command to make both engine-ids to be same for the master and the slave.
# config system snmp sysinfo
# set engine-id xxxx (xxxx can be any number or alphabet)
# end
This CLI command needs to be run on both the master and the slave.

Contributors