Install TPM Module after RMA of SNS3700 Chassis

Available Languages

Download Options

  • PDF     (191.7 KB)
    View with Adobe Reader on a variety of devices
  • ePub     (254.5 KB)
    View in various apps on iPhone, iPad, Android, Sony Reader, or Windows Phone
  • Mobi (Kindle)     (245.9 KB)
    View on Kindle device or Kindle app on multiple devices
Updated:October 9, 2025
Document ID:225194

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

    Introduction

    This document describes the process to install the TPM module on SNS3700 servers that got a replacement of the chassis. 

    Considerations

    The Trusted Platform Module (TPM) is a hardware component that improves the security of the server by storing encryption keys. 

    Nevertheless, the server can run the Identity Services Engine (ISE) without its presence. 

    caution-icon

    Caution: If you have ISE application installed and running on a server without a TPM, you need to execute the process documented here to install the module and make it usable by the system.

    • This server supports TPMversion 2.0 (UCSX-TPM-002C) as defined by the Trusted Computing Group (TCG). TheTPMis also SPI-based.

    • Field replacement of aTPMis not supported; you can install aTPMafter-factory only if the server does not already have aTPMinstalled.

    • If a server with aTPMis returned, the replacement server must be ordered with a newTPM.

    • If TPM2.0 becomes unresponsive, reboot the server.

    Problem

    SNS 3700 series or higher, shipped from Cisco Manufacturing, have a TPM included. 

    However, SNS 3700 series chassis replacements, shipped from Cisco Service Depots, do not have such device included. 

    The next process must be executed to install the TPM and enable both hardware and software to leverage the benefits of the module. 

    Image 1. Location of the TPM Module in the SNS 3700 Series ApplianceImage 1. Location of the TPM Module in the SNS 3700 Series Appliance

    Solution

    Execute the next steps in the given order to install the module, initialize it, and leverage the security features provided by it. 

    1. Install theTPMHardware.

    2. Enable theTPMin the BIOS.

    3. Re-install ISE. 

    Use this article to complete Steps 1,2 and 3: Cisco UCS C220 M6 Server Installation and Service Guide - Maintaining the Server

    The process is finished after completing the steps in the Enabling the TPM in the BIOS chapter.

    To complete Step 4, navigate to the next link and access the installation guide for the ISE version you need to install on the server:

    Install and Upgrade Guides - Install Cisco ISE

    Once in the installation guide, navigate to the Install Cisco ISE section. 

    Verification

    After completing this step, you must have ISE installed and running. 

    Open the ISE command line and run the next command. If you get the output presented here then it means you have a properly installed TPM. 

    ISE/user#show tech-support | include TPM

    TPM: Module Present

    Revision History

    Revision Publish Date Comments
    1.0
    09-Oct-2025
    Initial Release
    TAC Authored

    Contributed by Cisco Engineers

    • Glen Juarez Olguin
      Customer Delivery Engineering Technical Leader

    Was this Document Helpful?

    FeedbackFeedback

    Contact Cisco

    This Document Applies to These Products