SNMPv3 (Traps) + Palo Alto Firewall

SNMPv3 (Traps) + Palo Alto Firewall

Hello,

I'm trying so utilize OpManagers 'Forward Trap' function with SNMPv3.

Trap Forwading works fine when using SNMPv2, but when trying to achieve the same using SNMPv3 I run into problems:

PA-820 is set up accordingly and I can see incoming SNMP traps (in wireshark, see attachments) on the system running OpManager. However I can't see any incoming traps in trap monitor.

192.168.126.67   -> OpManager
192.168.126.200 -> PA-220

When testing SNMPv3 credentials for PA-820 it fails but I can see that the firewalls responds to the first two requests from OpManager. It doesn't respond to the third request though. The only difference I could identify is that in the third SNMP request OpManager does use the value of 'contextEngineID' also in the 'contextName' field. I'm not sure if that might be a problem and how the firewall handles this.

When I do a SNMP request for the same OID from a linux system it works.

SNMPv3 request from Pi

Any ideas whats the problem here?