Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2266
Views
5
Helpful
4
Replies

SNMP V3 Configuration for ISE 2.2

Go to solution
alinbaby
Level 1
Level 1

‎09-02-2020 03:05 AM

Hi All,

I am using ISE version 2.2. Currently snmp v2 is configured and am planning to upgrade it to v3. I would like to know whether i can configure v3 alongside v2, so that i can test whether v3 is working fine and then remove v2 configs. Also i need to know the best practices in removing the existing snmp configs.

Thanks,

Alin

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Arne Bier
VIP
VIP
In response to alinbaby

‎09-02-2020 04:21 AM

Yes you can have them co-exist - I just tried it on my ISE 2.6 - the MIB data that you can access is still the same.

 

ISE will warn you about security when adding an SNMPv3 user while you have SNMPv1 or v2 community configured - it even advises you to remove the community string configurations

 

Warning! SNMPv1/v2c is currently enabled and has known Security vulnerabilities. To disable SNMPv1/v2c, please execute "no snmp-server  community <community string> ro".

 

View solution in original post

4 Replies 4

Go to solution
marce1000
VIP
VIP

‎09-02-2020 03:43 AM

 

 - Check if this thread contains useful topics related to your subject ::

         https://community.cisco.com/t5/network-access-control/does-ise-supports-snmpv3-polling/td-p/3561690

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

Go to solution
alinbaby
Level 1
Level 1
In response to marce1000

‎09-02-2020 04:07 AM

Thanks for the link. 

It is mentioning about how to configure v3 in ISE. But my question is whether we can configure v3 alongside v2 and also how can i remove v2 configurations afterwards.

-Alin

0 Helpful

Go to solution
Arne Bier
VIP
VIP
In response to alinbaby

‎09-02-2020 04:21 AM

Yes you can have them co-exist - I just tried it on my ISE 2.6 - the MIB data that you can access is still the same.

 

ISE will warn you about security when adding an SNMPv3 user while you have SNMPv1 or v2 community configured - it even advises you to remove the community string configurations

 

Warning! SNMPv1/v2c is currently enabled and has known Security vulnerabilities. To disable SNMPv1/v2c, please execute "no snmp-server  community <community string> ro".

 

Go to solution
alinbaby
Level 1
Level 1
In response to Arne Bier

‎09-02-2020 11:42 AM

thanks !

0 Helpful
Customers Also Viewed These Support Documents