Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5633
Views
4
Helpful
21
Replies

SNMPv3 on ISE 3.2 patch-2 stopped working after every reboot

Go to solution
adamscottmaster2013
Level 3
Level 3

‎06-11-2023 04:24 AM

I have an ISE cluster 3.2 patch-2 with 4 nodes:  Primary Admin/MNT, Secondary Admin/MNT, PSN, and PSN.  I have this snmp configuration:

no snmp-server enable
snmp-server enable
snmp-server contact "test@test.com"
snmp-server location "TEST"
no snmp-server user test-v3 v3
snmp-server user test-v3 v3 sha1 plain XXXXXXXXXX YYYYYYYYYYY

Everything is working fine until I reboot the ISE and it stops working after that.  From the CLI whenever I do a "show run | include snmp", I see this:

ISEAMP/admin#show running-config | include snmp
snmp-server enable
snmp-server contact test@test.com
snmp-server location TEST
snmp-server user test-v3 v3 sha1 hash ********** **********
ISEAMP/admin#

But it is not working.  I had to perform the followings to get it working again:

no snmp-server enable
snmp-server enable
snmp-server contact "test@test.com"
snmp-server location "TEST"
no snmp-server user test-v3 v3
snmp-server user test-v3 v3 sha1 plain XXXXXXXXXX YYYYYYYYYYY

If I reboot the appliance again, it stops working.  I can reproduce on multiple ISE 3.2 patch-2 appliances.

Is this another bug? Thoughts?

1 person had this problem
21 Replies 21

Go to solution
adamscottmaster2013
Level 3
Level 3
In response to Minnesotakid

‎01-08-2024 12:02 PM

@Minnesotakid:  I had two ISE 3.2 patch-3 environment.  One environment is SNS-3655 cluster and the other environment is on VMWare ESXi.  Both had the same issue in patch-3.  The issue is resolved after patching to patch-4. 

You might want to open a TAC case with Cisco so that they can investigate.  

0 Helpful

Go to solution
Minnesotakid
Level 1
Level 1
In response to adamscottmaster2013

‎01-08-2024 01:36 PM

@adamscottmaster2013 Yep - I did that already, appreciate the note. Was replying in here just in case anyone experienced the same issue as me. 

Go to solution
Yordan Yordanov
Level 1
Level 1
In response to adamscottmaster2013

‎03-05-2024 03:46 AM

hi

i have the same issue with patch5... it is not resolved... we did all t-shoot steps which are in the bug CSCwe95624, same situation.

Any ideas? I don't want to open cases for things that should be solved.

 

0 Helpful

Go to solution
Feds
Level 1
Level 1
In response to Yordan Yordanov

‎03-05-2024 06:51 PM - edited ‎03-05-2024 06:52 PM

Hi @Yordan Yordanov ,
Just tested in lab with both v2c and v3, by installing patch 5 (from no patch): it looks like SNMP doesn't start after the first reload triggered by patching, but if you apply the workaround then at the next reload SNMP looks like being OK.
As I'm coincidentally standing up a new 3.2 node, I've also tested patch 4: 3.2 node with no patch, SNMP v2c and v3 configured, tested OK. Then installed patch 4 - SNMP didn't work after the post-patching reload. Port 161 not showing in "sh port | include 161".
I'm reloading the node again to confirm if it behaves the same as after installing patch 5. I'll confirm later on. 

Cheers
Feds

0 Helpful

Go to solution
Yordan Yordanov
Level 1
Level 1
In response to Feds

‎03-06-2024 02:20 AM

hi Feds,

Thanks for the explanation, yes, it works for me now! 

regards

0 Helpful

Go to solution
stayd
Level 1
Level 1
In response to Feds

‎06-03-2024 04:59 AM

Hi Feds,

as you wrote "I'll confirm later on." So may we know what it was the result ?

0 Helpful

Go to solution
Feds
Level 1
Level 1
In response to stayd

‎06-03-2024 05:33 AM - edited ‎06-03-2024 05:38 AM

Hi @stayd ,
Thanks for the reminder!!
I'll have to check again as I can't remember now..

0 Helpful
Customers Also Viewed These Support Documents