Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
shlee
Staff
Staff

Created on ‎07-25-2012 06:48 PM

Article Id 195245

Technical Note : SNMP V3 trap configuration with FortiGate running HA

Description
When a FortiGate is running on HA, the SNMP trap sent by the slave unit will not be able to be recognized by Trap Viewer. This is because by default setting, the engine-id will use the serial number of the FortiGate.

As both of the HA  units are using the same IP address to send out the trap, only the trap sent by the master is able to be accepted and the trap sent by the slave with engine-id as different from the master will be dropped.

Scope

FortiGate in HA


Solution
This issue can be resolved by using the following command to make both engine-ids to be same for the master and the slave.
# config system snmp sysinfo
# set engine-id xxxx (xxxx can be any number or alphabet)
# end
This CLI command needs to be run on both the master and the slave.

Labels:
9523
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.