Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
CyberFortiConquer
New Contributor III

SNMPv3 auth and encyrption settings for Fortinet

Hi,

I was configuring SNMPv3 across Fortigate, FortiManager and FortiAnalyzer.

On FMG and FAZ, auth and encryption just mention SHA and AES respectively.

Similarly for Fortigate, encryption gives options for AES.

What versions would these be: SHA1, SHA256, AES256?

5 REPLIES 5
AEK
SuperUser
SuperUser

Hi

Which versions of FOS, FMG & FAZ?

AEK
AEK
CyberFortiConquer

Thanks, all are on 7.2.x

ozkanaltas
Valued Contributor III

Hello @CyberFortiConquer ,

 

When I reviewed the document of version 7.4, FortiAnalyzer and Fortimanager still use the same encryption setting. Frankly, I don't know why they do not use a strong algorithm. Because of that, you need to use snmp with the encryption algorithm. 

 

https://docs.fortinet.com/document/fortianalyzer/7.4.2/cli-reference/260178/snmp#snmp_user

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW
If you have found a solution, please like and accept it to make it easily accessible to others.NSE 4-5-6-7 OT Sec - ENT FW
AEK
SuperUser
SuperUser

Here it is:

FG 7.2:

  • auth: HMAC-SHA-96, HMAC-SHA224, HMAC-SHA256, HMAC-SHA384, HMAC-SHA512
  • enc: CFB128-AES-128, CFB128-AES-256, CFB128-AES-256

FAZ/FMG 7.2:

  • auth: HMAC-SHA-96
  • enc: CFB128-AES-128
AEK
AEK
CyberFortiConquer
New Contributor III

Many thanks

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors