Smarts 10.1.X

SNMP V3 has added security features, one of which is the timestamps in SNMP packets to prevent replay attacks. When the SNMP trap receiver receives the first trap from sm_snmp, it creates an entry in its internal table representing its estimate of the time on the trap sender. The SNMP trap receiver will then compare its estimate with newly received traps (or other SNMP V3 responses) from that agent to verify that the packet is not being replayed.

Using sm_snmp to send the trap means that you execute sm_snmp each time. That means sm_snmp acts as if was just restarted and sets the engine boot time accordingly. To the trap receiver, this looks like an identical packet to the one already received. The trap receiver expects a packet with a timestamp that represents the remote agent having advanced by the time between the first and second traps. So the trap handler reports "Not In Time Window" if you wait longer than the time window (150 seconds) between sending the first and second traps.

If the Smarts Trap receiver log is also reporting *Error!* Mangled value. Then the issue is with the device snmpagent not sending out the proper engine-boot or engine-time values.

If the message in the log is limited to SNMP-D-EAGENTUSMWINDOW-Agent REPORT [USM]: Not In Time Window. The Smarts trap receiver is working as designed and will continue to process traps as required. 

In such cases, the issue is with the device snmpagent not sending out the proper engine-boot or engine-time values. The vendor needs to be consulted to resolve the issue with the snmp-agent.
It is recommended that the customer run a packet capture on the device for snmp v3 traffic to provide the vendor with the evidence so they can resolve the issue.

Workaround:

The workaround is to configure the device to send snmp v2 traps and the trap receiver to process the trap from the device as snmp v2.