following weird scenario.
we found out that the built in service "snmp-trap_default_" did not enter VPN at all, it was always sent in clear text, it never got encrypted. There were no exclusions inside the VPN Community or any other exclusions.
in the screnshot you see two identical service definitiions snmp-trap_default_ and snmp-trap.
I bet the snmp-trap_default_ and all other service with a "_" were created after the R80.10 update ...
After hours of troubleshooting we came to the idea to uncheck the "match for any" for snmp-trap_default_ and set it on snmp-trap and replace the snmp-trap_default_ from with snmp-trap in all rules.
Then it worked ...
Has somebody an explanations for this?
Altough the issue is solved it would be great to unterstand what was wrong..