ERROR TrapService.TrapService - Bad trap packet received from Node with IP 192.168.1.1. Error description : Unknown user and engine. Packet discarded
Why receiving such Events when Node sending the Traps to Orion
SNMP V3 Trap packet will be verified against the SNMP Authentication for the Node in order to translate encrypted trap information
You can easily reproduce the issue by changing the SNMP information .
You will need to make sure the SNMP information sent by the Node within Trap is matching against the Node in Orion DB
Following needs to be verify . (Edit the Node in Orion ) (Note down the SNMPV3 Username)
Issue # 1
You can also verify the user name from the Nodes table in Orion DB as below.
You will need to Run the Wireshark on Orion server filter the traffic for Traps sent by the Node and verify the User name should be matching when received the Trap
In below packet capture example where Trap sent by the Node 192.168.1.1 user ABC which caused the above Event that should correct in the Node .
Following example included where the correct SNMP user is been sent by the node within Trap information
So in nut shell you will need to make sure the Node is sending Traps with the same SNMP user account what is been used in Orion when adding the Node . If it will not match you will have the above Error Event in Orion. Trap packet will be entertained only if sent with correct SNMP User .
Issue # 2.
You will noticed that the IP address in the error message was actually assigned to an interfaces on the routers and that the traps were being sent from this interfaces.
Since the SNMPv3 credentials are used by the router and not the interfaces you then needed to find a way to source all traps from the router's Loopback address themselves.
The easiest way to do this was to enter the following line within the SNMP portion of the router configuration.
"snmp-server trap-source Loopbackxxxx" Where xxxx is the loopback # that the router's IP address is assigned to.