Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
374
Views
2
Helpful
4
Replies

Assistance Needed for Cisco ISE 3.2 Lab Authentication with Stealthwat

Go to solution
Harris Pamal
Level 1
Level 1

‎11-07-2024 12:36 AM

Hello everyone,

I'm currently working on a lab with Cisco ISE version 3.2 to set up authentication for Stealthwatch version 7.1.2. However, I'm facing issues configuring the Cisco ISE CA for Stealthwatch, and I can't complete the authentication setup.

Here are the steps I've taken so far:

  1. Set up and configured the CA on Cisco ISE to issue certificates for Stealthwatch.
  2. Enabled the pxGrid protocol on ISE.
  3. Activated auto-approval for new accounts.

Despite these configurations, when I test the connection, Stealthwatch still cannot authenticate with ISE via the CA. I've double-checked both the pxGrid setup and the auto-approval settings, but I keep encountering authentication issues.

Has anyone faced a similar issue or has experience with this setup? I'd appreciate any guidance on troubleshooting steps or possible solutions.

Thank you very much for the community's support!

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
marce1000
VIP
VIP

‎11-07-2024 11:54 PM

 

  -  You may find this document useful : https://www.cisco.com/c/dam/en/us/td/docs/security/stealthwatch/ISE/7_4_2_ISE_Configuration_Guide_DV_1_0.pdf

  M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

View solution in original post

4 Replies 4

Go to solution
marce1000
VIP
VIP

‎11-07-2024 11:54 PM

 

  -  You may find this document useful : https://www.cisco.com/c/dam/en/us/td/docs/security/stealthwatch/ISE/7_4_2_ISE_Configuration_Guide_DV_1_0.pdf

  M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

Go to solution
Aref Alsouqi
VIP
VIP

‎11-08-2024 02:20 AM - edited ‎11-08-2024 02:21 AM

Did you generate StealthWatch identity cert on ISE and imported it into StealthWatch or how have you done that? From StealthWatch perspective it should have its certificate imported and also the issuer certificate imported as well. pxGrid comes into play afterwards as that is just the protocol to exchange contexts between ISE and StealthWatch but it's not an authentication protocol per se.

Go to solution
Harris Pamal
Level 1
Level 1
In response to Aref Alsouqi

‎11-08-2024 04:43 PM

Hi Aref Alsouqi

 I did that, but when the connection says it's pxGrid Connection:
Connection failed: The node couldn't be reached. Connection timeout
Although 2 parties can ping each other

0 Helpful

Go to solution
Aref Alsouqi
VIP
VIP
In response to Harris Pamal

‎11-11-2024 01:31 AM

Hi Harris, do you have any firewall sitting between the nodes? the fact that both nodes can ping each other doesn't necessarily mean all traffic is allowed between them. pxGrid services use specific ports as per this guide:

Cisco Identity Services Engine Installation Guide, Release 3.0 - Cisco ISE Ports Reference [Cisco Identity Services Engine] - Cisco

0 Helpful
Customers Also Viewed These Support Documents