Solved: Need to configure SNMP v3 in ISE 3.0

rakesh nair · ‎07-12-2023

Hi,

I would like to monitor Cisco ISE via solarwinds and need to enable SNMP v3 on ISE.

Can anyone help with the commands for 3.0 .

I tried with below commands, but it as king remote engine ID. What it will be?

ise-mgt01/admin(config)# snmp-server host x.x.x.x version 3 Gtaaops-ro ?
<WORD> Remote EngineID (Max Size - 40)

Also ay other suggestions on how to configure SNMPv3

Damien Miller · ‎07-12-2023

There is a guide you can follow here. You enable snmp, set up a user, then configure the host.
https://networkwizkid.com/configuring-cisco-ise-for-snmpv3/

View solution in original post

rakesh nair · ‎07-18-2023

Hi Miller,

I have configured the snmp in this way. Solarwinds engine ID is 2, so hexadecimal of 2 is 32. Can you check if this config is correct

!
snmp-server enable
snmp-server host 192.168.3.70 version 3 Gtaaops-ro 0x32 hash ********** **********
snmp-server host 192.168.3.63 version 3 Gtaaops-ro 0x32 hash ********** **********
snmp-server host 192.168.3.64 version 3 Gtaaops-ro 0x32 hash ********** **********
snmp-server engineID LGIEG6DJJEF
snmp-server user Gtaaops-ro v3 hash ********** **********
!

View solution in original post

Damien Miller · ‎07-12-2023

There is a guide you can follow here. You enable snmp, set up a user, then configure the host.
https://networkwizkid.com/configuring-cisco-ise-for-snmpv3/

adamscottmaster2013 · ‎07-13-2023

snmp-server enable
snmp-server contact "cciesec@cisco.com"
snmp-server location "fixed you"
snmp-server user cciesec v3 plain your_auth_password_here your_privilege_password_here

From a Linux machine:

~ $snmpwalk -v3 -O n -l authPriv -u cciesec -a SHA -A "your_auth_password_here" -x AES -X "your_privilege_password_here" CiscoISE Sysname
1.3.6.1.2.1.1.5.0 = STRING: CiscoISE

rakesh nair · ‎07-13-2023

Thanks Miller, I am trying to get the Remote EngineID which is of Solarwinds . Once i get the ID. i can make it hexadecimal and try try configuring.

rakesh nair · ‎07-18-2023

Hi Miller,

I have configured the snmp in this way. Solarwinds engine ID is 2, so hexadecimal of 2 is 32. Can you check if this config is correct

!
snmp-server enable
snmp-server host 192.168.3.70 version 3 Gtaaops-ro 0x32 hash ********** **********
snmp-server host 192.168.3.63 version 3 Gtaaops-ro 0x32 hash ********** **********
snmp-server host 192.168.3.64 version 3 Gtaaops-ro 0x32 hash ********** **********
snmp-server engineID LGIEG6DJJEF
snmp-server user Gtaaops-ro v3 hash ********** **********
!

adamscottmaster2013 · ‎07-18-2023

@rakesh nair : Looks good to me. Does it work for you?

rakesh nair · ‎07-18-2023

Yes Adams, Its working for me

rakesh nair · ‎07-20-2023

Can anyone help , which resources we want to monitor for ISE devices accordingly we can enable those in Solarwind. PFB….snapshots for your reference

jitendrac · ‎05-24-2024

Can anyone suggest if ISE can be monitored using the SNMP polling method instead of sending SNMP Trap to SNMP Host? If possible, any configuration guide for ISE 3.3 ?