ISE Alarm : Critical : Profiler SNMP Request Failure : Server
Ok, so this alarm is coming in repeatedly and is now on my projects list. I get email alerts from the server that list thr NAD IP as the endpoint device and the Endpoint IP address is correct. I've checked the settings and the endpoint is not listed as a NAD in ISE (ver 1.2).
Profiler SNMP Request Failure
Profiler SNMP Request Failure : Server=xxx-xxx-xxx; NAD Address=10.253.124.194; Endpoint IP Address=10.253.124.194
SNMP request times out, or SNMP community/user auth data is incorrect.
Suggested Actions :
Please ensure if SNMP is running on the NAD and verify that SNMP configuration on ISE matches on NAD
*** This message is generated by Cisco Identity Services Engine (ISE) ***
Has anyone seen this come in before?
PS - Why is the IOS for ISE so cut down? Looks like something you would get from an Apple product.
I am having the same issue as well, and there is definitely a duplicating of the NAD and / or Client IP into the respective fields.
In addition, I see Clients bring labeled with the SNMP trap under the "Endpoint" as the source, however when I click on the interface inside the Authentication Monitor it returns with a blank report that only says "SNMP information is not configured for this device in ISE." inside the status field.
I ended up opening a TAC case on this. Apparently there's some bug when both SNMP and NMAP profiling are turned on. The TAC engineer had me disable NMAP since we weren't really using it for profiling (as DHCP, RADIUS, SNMP, etc provide much more information and are a higher priority in ISE profiling). Disabling NMAP profiling worked, and the SNMP alerts stopped.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...