cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
9089
Views
1
Helpful
9
Replies

[ACI] Unable to login after initialization of APIC

chaejungho
Level 1
Level 1

With the Leaf/Spine switch not initialized, the APIC1-3 "eraseconfig setup" was performed.

 UI connection was attempted after the APIC-1 initial setup.

An error message appeared, such as a picture.

" REST Endpoint user authorization datastore is not initialized - Check Fabric Membership Status of this fabric node"

After the above error message, the Leaf/Spine switch" setup-clean-config.sh " was performed.

And then  APIC-1"eraseconfig setup" the first again.

However, there is still an error message.

I want to solve this problem.

If there is a way to solve this problem, please let me know in detail. (Step by Step)

1 Accepted Solution

Accepted Solutions

Tomas de Leon
Cisco Employee
Cisco Employee

Restoring ACI Fabric to Factory Defaults (the image is simply a preview of the attached PDF file.  All steps are in the PDF file.)

View solution in original post

9 Replies 9

Tomas de Leon
Cisco Employee
Cisco Employee

* Please login to APIC1, APIC2, and APIC3 via the console or CIMC

* erase the configuration of each APIC

* Power off APIC2 & APIC3

* Run setup script on APIC1 only

* Erase the switches and run thru discovery

* Once the entire fabric is learned, bring up APIC2 and run thru the setup script.  

* Wait to fully fit and then bring APIC3 and run thru the setup script

Currently, APIC1-3 and Leaf/Spine switches are erase reset state.
And the APIC-1/Leaf fabric cable is not connected.
APIC 2, 3 is powered on but the fabric/mgmt is not connected.
I do not understand what " Run setup script on APIC1 only" is saying above.
Do you mean the initial setting of the APIC-1 setting?
If the initial setting is correct, the content of the reply seems to have already been tried.
Are you able to follow the order of the above procedure and solve the problem?

Ok, 

What are you trying to do?

Your comment says "APIC-1/Leaf fabric cable is not connected"

The APIC(1) needs to be physically connected to a leaf.  And the Leaf needs to be physically connected to a spine.  Once this is in place, you can go thru fabric discovery and discover the fabric.

On the leaf directly connected to APIC1, run the following commands:

(none)# cat /mit/sys/summary
(none)# openssl asn1parse < /securedata/ssl/server.crt | grep PRINTABLESTRING
(none)# openssl asn1parse < /securedata/ssl/server.crt | grep UTF8STRING
(none)# show interface brief
(none)# show lldp neighbors

Thanks

T.

Hello, Tomas!

After successful reset, discovery and configuration import for APIC1, Leaves and Spines, when I try to "eraseconfig setup" on APIC2,3 I've got message "Error: Authentication cookie is not present. System is not ready please wait."

Have you any clue about a possible solution?

Thanks.

Apparently have been fixed with:

acidiag touch clear
acidiag touch reboot

Earlier was unable to fix using:

acidiag touch setup
reboot

Tomas de Leon
Cisco Employee
Cisco Employee

Restoring ACI Fabric to Factory Defaults (the image is simply a preview of the attached PDF file.  All steps are in the PDF file.)

That was ridiculous, it my PC Chrome problem.ㅡㅡ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

Thank you very much for helping me.

.

" ERR_SSL_VERSION_OR_CIPHER_MISMATCH " occurs on chromium, do you know how to fix it?

Last week, I used to use my PC well, but I do not know why I have an error....ㅠㅠ

Your can try:

1. Open Chrome

2. Go to "About" Chrome and verify that you are at the Latest Release. If not update to the latest release and Relaunch.

3. Go to "Chrome://flags"

2. Search for "Maximum TLS version enabled. Mac, Windows, Linux, Chrome OS, Android
Set maximum enabled TLS version. #ssl-version-maxMinimum SSL/TLS version supported."

3. The running configuration should be "Default". If so, select the Dropdown and Select "TLS 1.3" which is "SSLv3".

4. Click the "RELAUNCH NOW" button on the bottom of the page.

5. After browser reloads, Try accessing the problem site to see if the problem goes away.

I hope this helps!

T.

Check out some of these links:

  • https://groups.google.com/a/chromium.org/forum/#!msg/security-dev/Vnhy9aKM_l4/E0G5VPlb9B4J
  • https://www.openssl.org/~bodo/ssl-poodle.pdf
  • https://www.imperialviolet.org/2014/10/14/poodle.html
  • https://support.google.com/chrome/a/answer/6357171?hl=en
  • https://community.spiceworks.com/topic/762701-error-code-err_ssl_version_or_cipher_mismatch

Thank you very much.
Thanks to you, it helped me a lot.

Review Cisco Networking for a $25 gift card

Save 25% on Day-2 Operations Add-On License