Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
736
Views
0
Helpful
1
Replies

ISE and Nexpose integration TC-NAC

Go to solution
ksastoqu
Cisco Employee
Cisco Employee

‎08-28-2019 12:29 AM

Hello Team,

 

I have a customer that is trying to integrate ISE 2.6 to a Nexpose server. He completed all steps on this link https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine-22/200974-Configure-ISE-2-2-Threat-Centric-NAC-TC.html#anc4 but when adding the nexpose server, he gets the error "Error connecting to the Nexpose server, Error parsing response of Login request".

 

From the logs from TC-NAC and ANC, the only error they're showing is the same above. These are some of the logs:

 

2019-08-20 11:21:47,818 DEBUG  [SimpleAsyncTaskExecutor-1][] ise.va.adapter.amqp.RabbitMqUtil -:::::- Sending message {"schema":{"title":"Enter Nexpose Security Console credentials","type":"object","properties":{"restApiHost":{"title":"Nexpose Host","description":"The hostname of the Nexpose Security Console Host.","type":"string","minLength":"4"},"restApiPort":{"title":"Nexpose port","description":"The port of the Nexpose Security Console host.","type":"integer","default":"3780","minimum":"1","maximum":"65536"},"description":"Username to access Nexpose Security Console.","type":"string","minLength":"4"},"description":"Password of the user.","type":"string","format":"minLength":"4"},"proxyHost":{"title":"Http proxy Host","description":"Optional http proxy host. Requires proxy port also to be set.","type":"string"},"proxyPort":{"title":"Http proxy port","description":"Optional http proxy port. Requires proxy host also to be set.","type":"integer"},"_internal_":{"type":"object","properties":{"uid":{"type":"string"},"pageNumber":{"type":"number"},"requiresFormSubmit":{"type":"boolean","default":"true"}},"options":{"hidden":"true"}}}},"data":{"restApiHost":"nc-nccdc-r7.netcloud.local","restApiPort":"3780","proxyHost":"","proxyPort":"0","_internal_":{"requiresFormSubmit":true,"pageNumber":"1","uid":"RESTCONFIG"}},"meta":{"status":"In progress","hasAdvancedSettings":false},"error":{"messages":["Error connecting to Nexpose server, Error parsing response of Login request"]}} using queue:exchange:routingkey = irf.queue.core-engine:null:irf.queue.core-engine
2019-08-20 11:21:49,930 DEBUG  [main][] cisco.ise.va.adapter.Adapter -:::::- Waiting for Adapter to get configured  before considering adapter as Active

The TCP dump between ISE and Nexpose server is ok, no errors or issues are shown there.

 

Please see the screen shot for the error he gets on ISE GUI. 

Is there anything else I should be checking? Is there maybe a defect reported for this?

 

Thanks in advance

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee

‎09-03-2019 12:26 PM

Please work through the Cisco TAC for troubleshooting
I do see some guides out there as well https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine-22/200974-Configure-ISE-2-2-Threat-Centric-NAC-TC.html

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee

‎09-03-2019 12:26 PM

Please work through the Cisco TAC for troubleshooting
I do see some guides out there as well https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine-22/200974-Configure-ISE-2-2-Threat-Centric-NAC-TC.html
0 Helpful
Customers Also Viewed These Support Documents