CA ADA is sending V3 traps to snmptd probe server. Able to see the traps on wireshark. But the snmptd log shows user is verified and engine id has no match. Captured the engine id from wireshark and defined in snmptd. Still it does not work.

snmptd log snippet

Oct 12 22:40:59:225 [20080] snmptd: usm: getting user <username> 
Oct 12 22:40:59:225 [20080] snmptd: usm: match on user <username>  
Oct 12 22:40:59:225 [20080] snmptd: usm: no match on engineID ( 
Oct 12 22:40:59:225 [20080] snmptd: 80 00 1F 88 80 82 44 00 00 54 86 C0 5B 00 00 00 
Oct 12 22:40:59:225 [20080] snmptd: usm: USM processing completed. 
Oct 12 22:41:06:087 [20080] snmptd: usm: USM processing begun... 
Oct 12 22:41:06:087 [20080] snmptd: usm: match on user <username>  
Oct 12 22:41:06:087 [20080] snmptd: usm: Verification failed. 
Oct 12 22:41:06:087 [20080] snmptd: Authentication failed for <username>  
Oct 12 22:41:06:087 [20080] snmptd: USM processing has begun (offset 53) 
Oct 12 22:41:06:087 [20080] snmptd: getting user <username>  
Oct 12 22:41:06:087 [20080] snmptd: match on user <username>  
Oct 12 22:41:06:087 [20080] snmptd: no match on engineID (80 00 1F 88 80 82 44 00 00 54 86 C0 5B 00 00 00 
Oct 12 22:41:06:087 [20080] snmptd: ) 
Oct 12 22:41:07:118 [20080] snmptd: USM processing completed. 
Oct 12 22:41:07:119 [20080] snmptd: USM processing begun... 
 

snmptd 3.30

Based on wireshark analysis suggested to use MD5 and DES instead of SHA and AES as later are the appropriate configuration for traps i.e. in the captured packets the authentication type was MD5 but in the probe the configuration was SHA. Similarly the Priv protocol in the trap was DES and configuration was AES in the probe.

After the snmp profile authentication/ encryption configuration was changed i.e Security Settings-> SNMPv3 User to match setings seen in wireshark trace the traps were successfully processed by snmptd probe