Solved: Need to configure SNMP v3 in ISE 3.0

rakesh nair · ‎07-12-2023

Hi,

I would like to monitor Cisco ISE via solarwinds and need to enable SNMP v3 on ISE.

Can anyone help with the commands for 3.0 .

I tried with below commands, but it as king remote engine ID. What it will be?

ise-mgt01/admin(config)# snmp-server host x.x.x.x version 3 Gtaaops-ro ?
<WORD> Remote EngineID (Max Size - 40)

Also ay other suggestions on how to configure SNMPv3

Damien Miller · ‎07-12-2023

There is a guide you can follow here. You enable snmp, set up a user, then configure the host.
https://networkwizkid.com/configuring-cisco-ise-for-snmpv3/

View solution in original post

rakesh nair · ‎07-18-2023

Hi Miller,

I have configured the snmp in this way. Solarwinds engine ID is 2, so hexadecimal of 2 is 32. Can you check if this config is correct

!
snmp-server enable
snmp-server host 192.168.3.70 version 3 Gtaaops-ro 0x32 hash ********** **********
snmp-server host 192.168.3.63 version 3 Gtaaops-ro 0x32 hash ********** **********
snmp-server host 192.168.3.64 version 3 Gtaaops-ro 0x32 hash ********** **********
snmp-server engineID LGIEG6DJJEF
snmp-server user Gtaaops-ro v3 hash ********** **********
!

View solution in original post

Damien Miller · ‎07-12-2023

There is a guide you can follow here. You enable snmp, set up a user, then configure the host.
https://networkwizkid.com/configuring-cisco-ise-for-snmpv3/

adamscottmaster2013 · ‎07-13-2023

snmp-server enable
snmp-server contact "cciesec@cisco.com"
snmp-server location "fixed you"
snmp-server user cciesec v3 plain your_auth_password_here your_privilege_password_here

From a Linux machine:

~ $snmpwalk -v3 -O n -l authPriv -u cciesec -a SHA -A "your_auth_password_here" -x AES -X "your_privilege_password_here" CiscoISE Sysname
1.3.6.1.2.1.1.5.0 = STRING: CiscoISE

rakesh nair · ‎07-13-2023

Thanks Miller, I am trying to get the Remote EngineID which is of Solarwinds . Once i get the ID. i can make it hexadecimal and try try configuring.

rakesh nair · ‎07-18-2023

Hi Miller,

I have configured the snmp in this way. Solarwinds engine ID is 2, so hexadecimal of 2 is 32. Can you check if this config is correct

!
snmp-server enable
snmp-server host 192.168.3.70 version 3 Gtaaops-ro 0x32 hash ********** **********
snmp-server host 192.168.3.63 version 3 Gtaaops-ro 0x32 hash ********** **********
snmp-server host 192.168.3.64 version 3 Gtaaops-ro 0x32 hash ********** **********
snmp-server engineID LGIEG6DJJEF
snmp-server user Gtaaops-ro v3 hash ********** **********
!

adamscottmaster2013 · ‎07-18-2023

@rakesh nair : Looks good to me. Does it work for you?

rakesh nair · ‎07-18-2023

Yes Adams, Its working for me

Chi Vu · ‎12-30-2024

In my case, I only need this command:
iselab/admin(config)# snmp-server user SNMPv3USER v3 sha1 plain authpassword privpassword
This command is probably for SNMP traps that i don't use in my case:
iselab/admin(config)# snmp-server host 192.168.50.5 version 3 SNMPv3USER 0x446172742E506F776572534E4D50 authpassword privpassword
Note: I used SHA1 because SHA256 seems not working with me (ISE 3.3)

rakesh nair · ‎07-20-2023

Can anyone help , which resources we want to monitor for ISE devices accordingly we can enable those in Solarwind. PFB….snapshots for your reference

jitendrac · ‎05-24-2024

Can anyone suggest if ISE can be monitored using the SNMP polling method instead of sending SNMP Trap to SNMP Host? If possible, any configuration guide for ISE 3.3 ?

new-shiny · ‎04-22-2025

Thanks. Had success on PAN. Anyone know if this would need to be done on each node or should the credentials work across all nodes? Having issue where credentials created on PAN are not working across the other nodes.