cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
323
Views
2
Helpful
4
Replies

Assistance Needed for Cisco ISE 3.2 Lab Authentication with Stealthwat

Harris Pamal
Level 1
Level 1

Hello everyone,

I'm currently working on a lab with Cisco ISE version 3.2 to set up authentication for Stealthwatch version 7.1.2. However, I'm facing issues configuring the Cisco ISE CA for Stealthwatch, and I can't complete the authentication setup.

Here are the steps I've taken so far:

  1. Set up and configured the CA on Cisco ISE to issue certificates for Stealthwatch.
  2. Enabled the pxGrid protocol on ISE.
  3. Activated auto-approval for new accounts.

Despite these configurations, when I test the connection, Stealthwatch still cannot authenticate with ISE via the CA. I've double-checked both the pxGrid setup and the auto-approval settings, but I keep encountering authentication issues.

Has anyone faced a similar issue or has experience with this setup? I'd appreciate any guidance on troubleshooting steps or possible solutions.

Thank you very much for the community's support!

1 Accepted Solution

Accepted Solutions

marce1000
VIP
VIP

 

  -  You may find this document useful : https://www.cisco.com/c/dam/en/us/td/docs/security/stealthwatch/ISE/7_4_2_ISE_Configuration_Guide_DV_1_0.pdf

  M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

View solution in original post

4 Replies 4

marce1000
VIP
VIP

 

  -  You may find this document useful : https://www.cisco.com/c/dam/en/us/td/docs/security/stealthwatch/ISE/7_4_2_ISE_Configuration_Guide_DV_1_0.pdf

  M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

Did you generate StealthWatch identity cert on ISE and imported it into StealthWatch or how have you done that? From StealthWatch perspective it should have its certificate imported and also the issuer certificate imported as well. pxGrid comes into play afterwards as that is just the protocol to exchange contexts between ISE and StealthWatch but it's not an authentication protocol per se.

Hi Aref Alsouqi

 I did that, but when the connection says it's pxGrid Connection:
Connection failed: The node couldn't be reached. Connection timeout
Although 2 parties can ping each other

Hi Harris, do you have any firewall sitting between the nodes? the fact that both nodes can ping each other doesn't necessarily mean all traffic is allowed between them. pxGrid services use specific ports as per this guide:

Cisco Identity Services Engine Installation Guide, Release 3.0 - Cisco ISE Ports Reference [Cisco Identity Services Engine] - Cisco