Fortinet Document Library

Version:


Table of Contents

Technical Tip: How to fix SNMPv3 AES256 encryption which is not working with SolarWinds

6.2.1
Copy Link
Technical Tip: How to fix SNMPv3 AES256 encryption which is not working with SolarWinds
 
Description:
 
Polling FortiGate from SolarWinds via SNMPv3 with AES256 encryption fails despite all configuration parameters being correct.
This sometimes can be caused by difference in the method used by each appliance to manipulate encryption key sizes.

This article describes How to fix SNMPv3 AES256 encryption not working with SolarWinds.
 
Solution:
 
An Additional Encryption algorithm has been added (AES256Cisco) which is compatible with SolarWinds and Cisco.
It can be used instead of the standard AES256 algorithm when SolarWinds is the SNMP server.


Here is how the configuration looks from FortiGate GUI (FortiOS 6.2.3).
 

 

 The same configuration from the CLI is as follow:

# config system snmp user
    edit "SolarWinds-FGT"
        set notify-hosts 10.20.3.12
        set security-level auth-priv
        set auth-pwd ENC NUhjnzBY/abeBYqer/4y+las8O1EliYitxWyCR/+CecGJ7HmC6XF5sbF4YIHNKjWi0
        set priv-proto aes256cisco
        set priv-pwd ENC NUhjnzBY/abeBYqer/4y+las8O1EliYitxWyCR/+CecGJ7HmC6XF5sbF4YIHNKjWi0
    next
end

Technical Tip: How to fix SNMPv3 AES256 encryption which is not working with SolarWinds
 
Description:
 
Polling FortiGate from SolarWinds via SNMPv3 with AES256 encryption fails despite all configuration parameters being correct.
This sometimes can be caused by difference in the method used by each appliance to manipulate encryption key sizes.

This article describes How to fix SNMPv3 AES256 encryption not working with SolarWinds.
 
Solution:
 
An Additional Encryption algorithm has been added (AES256Cisco) which is compatible with SolarWinds and Cisco.
It can be used instead of the standard AES256 algorithm when SolarWinds is the SNMP server.


Here is how the configuration looks from FortiGate GUI (FortiOS 6.2.3).
 

 

 The same configuration from the CLI is as follow:

# config system snmp user
    edit "SolarWinds-FGT"
        set notify-hosts 10.20.3.12
        set security-level auth-priv
        set auth-pwd ENC NUhjnzBY/abeBYqer/4y+las8O1EliYitxWyCR/+CecGJ7HmC6XF5sbF4YIHNKjWi0
        set priv-proto aes256cisco
        set priv-pwd ENC NUhjnzBY/abeBYqer/4y+las8O1EliYitxWyCR/+CecGJ7HmC6XF5sbF4YIHNKjWi0
    next
end