Solved: EngineID for FMC

tiangeng-li · ‎10-23-2024

Hi,

I am currently configuring SNMPv3 on FMC version 7.4.2.

Server Team asked me for the EngineID which need to be matched in the SNMP Server.

I did some search, there seems to be default EngineID generated when SNMP trap or SNMP server is configured in FMC.

I'd like to know how to show the EngineID via CLI or GUI.

Thank you.

Best Regards,

TG.

balaji.bandi · ‎10-23-2024

Loging to FMC using SSH

>expert

$sudo su (type password)

#find / -name snmpd.conf -print ( you see results of all snmpd.conf (ignore etc folder)

cat /Volume/7.2.5-208/lib/net-snmp/snmpd.conf ( you see more information)

https://www.cisco.com/c/en/us/td/docs/security/firepower/623/configuration/guide/fpmc-config-guide-v623/external_alerting_with_alert_responses.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

Chris S-C · ‎10-23-2024

I don't think you can find the engineID via the GUI.

On the CLI you should enter expert mode, elevate privs then navigate to /Volume/7.x.x-xxx/lib/net-snmp/ (where 7.x is the current software version you are running) and enter:

cat snmpd.conf | grep usmUser

The engine ID will be the first hex string (less the leading 0x).

I believe you can also create your own engineID but it needs to be a hex string and contain an even number of characters?

I currently have a TAC case open for SNMPv3 (I am running 7.4.1.1) as the FMC appears to be converting the EngineID to another hex string which isn't being recognised by our SNMP servers. (This only affects sending Traps, Polling is fine)

Hope this helps.

balaji.bandi · ‎10-23-2024