Hello @Santiago Urzua how are you?

This is a classic SNMPv3 Discovery scenario where the issue can sit on either side, and without access to the Palo Alto config you’ll need to validate it indirectly.

Based on what you described, reachable but credential validation fails, the problem is very likely not network connectivity, but one of the following:

1) SNMPv3 parameter mismatch (most common root cause)

With SNMPv3, everything must match exactly between ServiceNow and the device:

Username
Security level (noAuthNoPriv / authNoPriv / authPriv)
Authentication protocol (MD5 / SHA / SHA-256 depending on support)
Authentication password
Privacy protocol (DES / AES / AES-256)
Privacy password
Context name (often overlooked — Palo Alto may require it)

Even a small mismatch (especially auth/priv protocol) will result in:

“No valid credentials found”

What to confirm with the network team

Ask them explicitly for:

SNMPv3 security level
Auth protocol (SHA vs SHA-256 — very common mismatch)
Privacy protocol (AES vs AES-256)
Whether a context name is configured

2) Palo Alto SNMPv3 specifics

Palo Alto firewalls can be a bit stricter than other vendors:

Some versions require AES-128 only (not AES-256)
Some configurations enforce specific engine ID behavior
SNMP views may restrict OIDs (can cause partial or failed validation)

Even if credentials are correct:

If the SNMP view does not allow required OIDs, Discovery can fail validation

3) ServiceNow credential configuration

Double-check in ServiceNow:

Credential type: SNMPv3
Correct port (161)
Timeout/retries not too low
MID Server properly assigned and Validated

Also validate using:

Discovery → Credentials → Test Credential
Or run a Quick Discovery against the IP

4) Key troubleshooting step (very important)

Since you don’t have device access, this is your best move:

Test SNMPv3 outside ServiceNow (from MID Server)

Run from the MID Server:

snmpwalk -v3 -l authPriv -u <user> -a <auth_protocol> -A <auth_pass> -x <priv_protocol> -X <priv_pass> <ip>

If this fails:
→ problem is NOT ServiceNow, it’s credential/config mismatch

If this works:
→ problem is inside ServiceNow configuration

5) MID Server logs (don’t skip this)

Check:

agent.log
discovery.log

You’ll often see more precise errors like:

unsupported security level
authentication failure
timeout vs auth failure (important distinction)

6) Quick diagnostic summary
Symptom Likely Cause
Reachable but “no valid credentials” SNMPv3 mismatch
Timeout Network / firewall / SNMP not enabled
Partial discovery SNMP view restriction
Works in snmpwalk but not in SN Credential config in SN

Given your constraint (no Palo Alto access), focus on:

Validating SNMPv3 via snmpwalk from MID Server
Confirming exact auth/priv protocol combination
Checking if a context name is required
Reviewing MID logs for deeper error detail

If this solution worked for you, please mark it as Accepted Solution, give it a like, and thank you for your time!
Dan.