Error when sending getbulk request to snmp agent using v3 protocol

Hi,

I am trying to send a getbulk request to an agent with snmp v3 protocol. The agent is a legacy code which supports discovery mechanism. When I try to send the request to agent, it fails and I see below error messages in the logs:

INFO|org.snmp4j.MessageDispatcherImpl] Dispatching message canceled due to security issue: statusInfo=1.3.9.1.2.3.1.1.1.4.0 = 6, status=1410,tmStateReference=TransportStateReference[transport=org.snmp4j.transport.DefaultUdpTransportMapping@37225dd8, address=0.0.0.0/1161, securityName=null, requestedSecurityLevel=undefined, transportSecurityLevel=undefined, sameSecurity=false, sessionID=java.net.DatagramSocket@3b6a70d4, target=null

“error-code”:“E_FAILURE”,“interface”:“SNMP”,“operation”:"Constant Field Values (SNMP4J 3.7.7) Code: 1411** / ",

Below is the Code:

public static void main(String[] args) throws Exception {
		//SecurityProtocols.getInstance().addAuthenticationProtocol(new AuthSHA());
		SecurityProtocols.getInstance().addAuthenticationProtocol(new AuthMD5());
		SecurityProtocols.getInstance().addPrivacyProtocol(new PrivDES());
		TransportMapping<? extends Address> transport = new DefaultUdpTransportMapping();
		Snmp snmp = new Snmp(transport);

		OctetString localEngineId = new OctetString(MPv3.createLocalEngineID());
		USM usm = new USM(SecurityProtocols.getInstance(), localEngineId, 0);
		SecurityModels.getInstance().addSecurityModel(usm);

		OctetString securityName = new OctetString("test1");
		OID authProtocol = AuthMD5.ID;
		OID privProtocol = PrivDES.ID;
		OctetString authPassphrase = new OctetString("12345678");
		OctetString privPassphrase = new OctetString("12345678");

		snmp.getUSM().addUser(securityName,
				new UsmUser(securityName, authProtocol, authPassphrase, privProtocol, privPassphrase));
		SecurityModels.getInstance().addSecurityModel(new TSM(localEngineId, false));

		UserTarget<Address> target = new UserTarget<Address>();
		target.setSecurityLevel(SecurityLevel.AUTH_PRIV);
		target.setSecurityName(securityName);
	
		target.setAddress(GenericAddress.parse(String.format("udp:%s/%s", "<AGENT>", "<PORT>")));
		target.setVersion(SnmpConstants.version3);
		target.setRetries(1);
		target.setTimeout(60000);

		transport.listen();
		byte[] engId = snmp.discoverAuthoritativeEngineID(target.getAddress(), 8000);
		System.out.println(engId);
		target.setAuthoritativeEngineID(engId);
		ScopedPDU pdu = new ScopedPDU();
		pdu.add(new VariableBinding(new OID("<OID-IS-SUBSTITITED-HERE>")));
		pdu.setType(PDU.GETBULK);
		pdu.setContextEngineID(new OctetString(engId));
		pdu.setRequestID(new Integer32(1));
		System.out.println(((ScopedPDU)pdu).toString());
		ResponseEvent<Address> event = snmp.send(pdu, target);
		if (event != null) {
			System.out.println(event.getResponse());;
			pdu = (ScopedPDU) event.getResponse();
			if (pdu.getErrorStatus() == PDU.noError) {
				System.out.println("SNMPv3 GETBULK Successful!");
				System.out.println(pdu.getVariableBindings());
				for (VariableBinding vb : pdu.getVariableBindings()) {
					System.out.println(vb.toString());
				}
			} else {
				System.out.println("SNMPv3 GETBULK Unsuccessful.");
			}
		} else {
			System.out.println("SNMP GETBULK unsuccessful.");
		}
	}

You should check your setup regarding engine ID and target address. For me it seems to be suspicious to use 0.0.0.0 and MPv3.createLocalEngine() will not be able to create a unique ID if that method is called on the same server by sender and receiver.

Using a unique engine ID is absolut essential!