Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
shlee
Staff
Staff

Created on ‎07-25-2012 06:48 PM Edited on ‎02-23-2025 10:57 PM By Community Manager

Article Id 195245

Technical Tip: SNMP V3 trap configuration with FortiGate running HA

Description

 

This article describes that when a FortiGate is running on HA, the SNMP trap sent by the Secondary unit will not be able to be recognized by Trap Viewer. This is because, by default setting, the engine-id will use the serial number of the FortiGate.

As both of the HA units are using the same IP address to send out the trap, only the trap sent by the Primary can be accepted and the trap sent by the Secondary with engine-id as different from the Primary will be dropped.


Scope

 

FortiGate in HA.


Solution

 

This issue can be resolved by using the following command to make both engine-ids to be same for the Primary and the Secondary.
This CLI command needs to be run only in the Primary unit.
 
config system snmp sysinfo
    set engine-id xxxx <----- xxxx can be any number or alphabet.
end
Labels:
10338
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.