Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
168
Views
1
Helpful
4
Replies

Ansible ISE collection for ISE version 3.4 supported?

Arne Bier
VIP
VIP

‎07-29-2025 10:54 PM

I am unable to make ansible work with ISE 3.4

I have 3.4p2 running in the lab, and ansible core 2.18.7 (from a clean  pipenv install ansible)

When I run a playbook, I get this error

An exception occurred during task execution. To see the full traceback, use -vvv. The error was: ciscoisesdk.exceptions.VersionError: Unknown API version, known versions are 3.1.0, 3.1.1, 3.1_Patch_1, 3.2_beta, 3.3_patch_1.
fatal: [rnolabise01]: FAILED! => 
  msg: 'Unexpected failure during module execution: Unknown API version, known versions are 3.1.0, 3.1.1, 3.1_Patch_1, 3.2_beta, 3.3_patch_1.'
  stdout: ''

I checked the Ansible Galaxy for the 'ISE' Collection and version 2.10 was updated 6 months ago.

And DevNet also seems to be behind the times (stuck on ISE 3.1)

But I am sure ISE 3.4 has been around longer than that. And why is Ansible to particular about exact versions? Is there an override option to allow it to be future-compatible?

I got even more concerned when I read this in the Ansible Release Notes:

ArneBier_0-1753854442167.png

 

Any idea @thomas what is going on here, since you have been championing Ansible in your Youtube and github repo?

 

4 Replies 4

pieterh
VIP
VIP

‎07-30-2025 11:05 AM

is ISE also a fresh installation?
if uprgaded from previous , then the API key may have changed ?

0 Helpful

Arne Bier
VIP
VIP
In response to pieterh

‎07-30-2025 02:29 PM

It's not the API key that's the issue - it's the "ise" ansible collection that performs version checks against the hosts that you want to run these functions against. It detects that my ISE is not supported.

My ISE was upgraded from 3.2, to 3.3 and then 3.4 if I recall. But it shouldn't matter. The REST APIs don't change that much between versions and the tools should at least let you try to perform the basics - some of these API calls have not changed since their inception. I will have a look on DevNet and see who the contributors are - perhaps they need help. I would hope that Cisco is one of the main contributors of this initiative.

0 Helpful

Jens Albrecht
Level 7
Level 7

‎07-31-2025 04:03 AM

Hello @Arne Bier,

I am not aware of any override option as the version check is hardcoded for each supported version.

The only workaround that I am aware of is to directly use Ansible’s uri module to call ISE’s REST APIs. This gives you full control (without version checking), but of course you lose the convenience and error handling of the Cisco ISE modules. This approach should work as long as the 3.4 API endpoints are compatible with previous versions.

A similar discussion with an example how to call the API directly can be found in this thread.

HTH!

0 Helpful

Arne Bier
VIP
VIP
In response to Jens Albrecht

‎07-31-2025 01:22 PM

thanks mate. But I am not keen to hack my way out of this. I want to use the latest collection as provided, on ISE 3.4 and if Cisco can't be bothered to maintain this stuff then I won't bother either.

The threads of Git and elsewhere are quite damning about this ise collection. And there doesn't seem to be a response from Cisco.

0 Helpful
Customers Also Viewed These Support Documents