cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2559
Views
0
Helpful
4
Replies

ISE - Unable to get SNMP information with the community

this is the output on the switch when clicking on a switch interface in authentications monitoring in ise

test2#sh snmp

Chassis: FOC1330W1K0

112 SNMP packets input

    0 Bad SNMP version errors

    4 Unknown community name

    0 Illegal operation for community name supplied

    0 Encoding errors

    44 Number of requested variables

    0 Number of altered variables

    44 Get-request PDUs

    0 Get-next PDUs

    0 Set-request PDUs

    0 Input queue packet drops (Maximum queue size 1000)

143 SNMP packets output

    0 Too big errors (Maximum packet size 1500)

    0 No such name errors

    0 Bad values errors

    0 General errors

    108 Response PDUs

    35 Trap PDUs

SNMP global trap: enabled

SNMP logging: enabled

    Logging to xxx.xxx.yyy.5.162, 0/10, 7 sent, 0 dropped.   (admin/monitoring)

SNMP agent enabled

config of snmp:

snmp-server community snmp-com.public RO 33

access-list 3 permit xxx.xxx.kk.0 0.0.0.255

access-list 3 permit xxx.xxx.zz.0 0.0.0.255

access-list 3 permit xxx.xxx.yyy.0 0.0.0.255 (admin/monitoring)

Unknown community name keeps rising when I click on the switch interface name in ise ... any suggestion ?

Snmp is configured for the switch added to ise with the right community name (v2c - snmp-com.public )

Ise ver 1.1.2.145

thank you for your help

1 Accepted Solution

Accepted Solutions

Currently, yes this is a limitation

"public"  solves it.  So my advice:  set "public" with an ACL limiting access from  the ISE Nodes only.


I hope you find this information useful, if it was satisfactory for you, please mark the question as Answered. Please rate post you consider useful. -James

View solution in original post

4 Replies 4

strange enough (or madly) setting on the switch the community "public RO" solved the issue

So...  can't we use custom snmp communities ???

Currently, yes this is a limitation

"public"  solves it.  So my advice:  set "public" with an ACL limiting access from  the ISE Nodes only.


I hope you find this information useful, if it was satisfactory for you, please mark the question as Answered. Please rate post you consider useful. -James

thank you for your feedback and yes the acl in this situation is the only secure option

once again... it's a shame that a security appliance forces you to use unsecure passwords and protocols..

marking your answer as correct

hopefully this thread will help others

thank you again

Does anyone know if this has been fixed with an ise patch yet ?