Solved: Re: SNMPv3 on ISE 3.2 patch-2 stopped working after every reboot - Page 2

adamscottmaster2013 · ‎06-11-2023

I have an ISE cluster 3.2 patch-2 with 4 nodes: Primary Admin/MNT, Secondary Admin/MNT, PSN, and PSN. I have this snmp configuration:

no snmp-server enable
snmp-server enable
snmp-server contact "test@test.com"
snmp-server location "TEST"
no snmp-server user test-v3 v3
snmp-server user test-v3 v3 sha1 plain XXXXXXXXXX YYYYYYYYYYY

Everything is working fine until I reboot the ISE and it stops working after that. From the CLI whenever I do a "show run | include snmp", I see this:

ISEAMP/admin#show running-config | include snmp
snmp-server enable
snmp-server contact test@test.com
snmp-server location TEST
snmp-server user test-v3 v3 sha1 hash ********** **********
ISEAMP/admin#

But it is not working. I had to perform the followings to get it working again:

no snmp-server enable
snmp-server enable
snmp-server contact "test@test.com"
snmp-server location "TEST"
no snmp-server user test-v3 v3
snmp-server user test-v3 v3 sha1 plain XXXXXXXXXX YYYYYYYYYYY

If I reboot the appliance again, it stops working. I can reproduce on multiple ISE 3.2 patch-2 appliances.

Is this another bug? Thoughts?

adamscottmaster2013 · ‎01-08-2024

@Minnesotakid: I had two ISE 3.2 patch-3 environment. One environment is SNS-3655 cluster and the other environment is on VMWare ESXi. Both had the same issue in patch-3. The issue is resolved after patching to patch-4.

You might want to open a TAC case with Cisco so that they can investigate.

Minnesotakid · ‎01-08-2024

@adamscottmaster2013 Yep - I did that already, appreciate the note. Was replying in here just in case anyone experienced the same issue as me.

Yordan1 · ‎03-05-2024

hi

i have the same issue with patch5... it is not resolved... we did all t-shoot steps which are in the bug CSCwe95624, same situation.

Any ideas? I don't want to open cases for things that should be solved.

Feds · ‎03-05-2024

Hi @Yordan1 ,
Just tested in lab with both v2c and v3, by installing patch 5 (from no patch): it looks like SNMP doesn't start after the first reload triggered by patching, but if you apply the workaround then at the next reload SNMP looks like being OK.
As I'm coincidentally standing up a new 3.2 node, I've also tested patch 4: 3.2 node with no patch, SNMP v2c and v3 configured, tested OK. Then installed patch 4 - SNMP didn't work after the post-patching reload. Port 161 not showing in "sh port | include 161".
I'm reloading the node again to confirm if it behaves the same as after installing patch 5. I'll confirm later on.

Cheers
Feds

Yordan1 · ‎03-06-2024

hi Feds,

Thanks for the explanation, yes, it works for me now!

regards

stayd · ‎06-03-2024

Hi Feds,

as you wrote "I'll confirm later on." So may we know what it was the result ?

Feds · ‎06-03-2024

Hi @stayd ,
Thanks for the reminder!!
I'll have to check again as I can't remember now..

Jose Anda · ‎09-24-2024

If I applied hotpatch 6, should this also contain the fix for the snmp ?