Technical Tip: How to configure custom value for the FortiWeb SNMPv3 Engine-ID

kmak · ‎03-16-2025

Description

This article describes how to configure custom values for the FortiWeb SNMPv3 Engine-ID.

Scope

FortiWeb.

Solution

Prerequisite:

FortiWeb SNMP Agent is enabled and SNMPv3 is used.
Able to use hexdump command to convert the Engine-ID string to Hex format.

Each message sent from the SNMP engine contains the snmpEngineID values. The snmpEngineID is used to uniquely identify the device's SNMP engine. FortiWeb SNMP agent has the option to configure the engine-id name. The engine-id is part of the snmpEngineID but does not include the Fortinet prefix 0x8000304404.

If no value is defined in the FortiWeb SNMP agent, FortiWeb will be using the Device Serial Number as the SNMPv3 Engine-ID value by default. To configure the SNMP Engine-ID, use the CLI config commands below:

FortiWeb # config system snmp sysinfo

FortiWeb (sysinfo) # set engine-id FortiWeb-Test

FortiWeb (sysinfo) # end

FortiWeb #

The snmpEngineID value is the combination of the Fortinet prefix value '0x8000304404' and the hexdump of the Engine-ID value of FortiWeb. Use the command in a Linux system to convert the hex value of 'FortiWeb-Test'. If no value is defined in the FortiWeb SNMP Engine-ID, run the hexdump converter value using the FortiWeb Serial Number.

# echo "FortiWeb-Test" | tr -d '\n' | xxd -ps -c 200

466f7274695765622d54657374

The snmpEngineID will be combined as below:

8000304404 (FortiNet prefix) & 466f7274695765622d54657374

= 8000304404466f7274695765622d54657374

Take a packet capture in FortiWeb to verify the SNMP packet (port 161).

Related document:

system snmp sysinfo

Technical Tip: How to configure custom value for the FortiWeb SNMPv3 Engine-ID

You are leaving our website