Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2398
Views
0
Helpful
4
Replies

ISE - Unable to get SNMP information with the community

Go to solution
Giuliano Gerardi
Level 1
Level 1

‎12-04-2012 01:15 AM - edited ‎03-10-2019 07:51 PM

this is the output on the switch when clicking on a switch interface in authentications monitoring in ise

test2#sh snmp
Chassis: FOC1330W1K0
112 SNMP packets input
    0 Bad SNMP version errors
    4 Unknown community name
    0 Illegal operation for community name supplied
    0 Encoding errors
    44 Number of requested variables
    0 Number of altered variables
    44 Get-request PDUs
    0 Get-next PDUs
    0 Set-request PDUs
    0 Input queue packet drops (Maximum queue size 1000)
143 SNMP packets output
    0 Too big errors (Maximum packet size 1500)
    0 No such name errors
    0 Bad values errors
    0 General errors
    108 Response PDUs
    35 Trap PDUs
SNMP global trap: enabled
SNMP logging: enabled
    Logging to xxx.xxx.yyy.5.162, 0/10, 7 sent, 0 dropped.   (admin/monitoring)
SNMP agent enabled

config of snmp:

snmp-server community snmp-com.public RO 33
access-list 3 permit xxx.xxx.kk.0 0.0.0.255
access-list 3 permit xxx.xxx.zz.0 0.0.0.255
access-list 3 permit xxx.xxx.yyy.0 0.0.0.255 (admin/monitoring)

Unknown community name keeps rising when I click on the switch interface name in ise ... any suggestion ?

Snmp is configured for the switch added to ise with the right community name (v2c - snmp-com.public )

Ise ver 1.1.2.145

thank you for your help

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
jw.sl9
Level 1
Level 1
In response to Giuliano Gerardi

‎12-04-2012 10:18 AM

Currently, yes this is a limitation

"public"  solves it.  So my advice:  set "public" with an ACL limiting access from  the ISE Nodes only.

I hope you find this information useful, if it was satisfactory for you, please mark the question as Answered. Please rate post you consider useful. -James

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Giuliano Gerardi
Level 1
Level 1

‎12-04-2012 03:21 AM

strange enough (or madly) setting on the switch the community "public RO" solved the issue

So...  can't we use custom snmp communities ???

0 Helpful

Go to solution
jw.sl9
Level 1
Level 1
In response to Giuliano Gerardi

‎12-04-2012 10:18 AM

Currently, yes this is a limitation

"public"  solves it.  So my advice:  set "public" with an ACL limiting access from  the ISE Nodes only.

I hope you find this information useful, if it was satisfactory for you, please mark the question as Answered. Please rate post you consider useful. -James
0 Helpful

Go to solution
Giuliano Gerardi
Level 1
Level 1
In response to jw.sl9

‎12-05-2012 12:53 AM

thank you for your feedback and yes the acl in this situation is the only secure option

once again... it's a shame that a security appliance forces you to use unsecure passwords and protocols..

marking your answer as correct

hopefully this thread will help others

thank you again

0 Helpful

Go to solution
jan.nielsen
Level 7
Level 7
In response to Giuliano Gerardi

‎02-14-2013 02:16 AM

Does anyone know if this has been fixed with an ise patch yet ?

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents