FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
When a FortiGate is running on HA, the SNMP trap sent by the slave unit will not be able to be recognized by Trap Viewer. This is because by default setting, the engine-id will use the serial number of the FortiGate.
As both of the HA units are using the same IP address to send out the trap, only the trap sent by the master is able to be accepted and the trap sent by the slave with engine-id as different from the master will be dropped.
FortiGate in HA
This issue can be resolved by using the following command to make both engine-ids to be same for the master and the slave.
# config system snmp sysinfo # set engine-id xxxx (xxxx can be any number or alphabet) # end
This CLI command needs to be run on both the master and the slave.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.