cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
890
Views
2
Helpful
5
Replies

ISE and Backbox repository Integration Issues

Naive
Level 1
Level 1

Hello Team,

We are trying to setup SFTP repository with backbox for ISE scheduled backups, Somehow ISE backup is getting stopped at 60%, while we trying to debug it through CLI by running show repository [name] on cli pan node it throws error sftp_handler.c[411] [system]: sftp_select Error: timeout!

We tried by pinging ISE pan to backbox repository, its pinging fine. 

Do we have documentation or recommended settings we have to do while using backbox for ISE backups. 

5 Replies 5

@Naive did you log in to the CLI of the ISE nodeS via SSH and use the command crypto host_key add host <ip address of the server> to add the host key of the SFTP server?

https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine-software/215348-how-to-configure-repository-on-identity.html

 

Hello Rob, Yes, we have already added crypto host-keys through CLI 

@Naive what version of ISE are you using? There is this bug - https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwd89657

 

@Rob Ingram I actually saw this document earlier, but our version of ISE is 3.2, and no patch. 

@Naive did you check the ISE 3.2 release notes, there are several issues with SFTP.

https://www.cisco.com/c/en/us/td/docs/security/ise/3-2/release_notes/b_ise_32_RN.html

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwd31524

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwh45472

Even if not related, I'd recommend installing the latest ISE 3.2 patch 7, there has been a lot bug fixes. Or upgrading to the recommended release, 3.3 patch 4.