cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1837
Views
3
Helpful
6
Replies

CSCvu03730-eWLC and Cisco DNAC with sdn-network-infra-iwan cert

abuzarghalib
Beginner
Beginner

Hello ,

Looks like I have the issue even through the DNA center version 2.3.3.5 and the WLC is 17.3.4c. If I need to add sdn-network-infra-iwan certificate manually, how can I get that certificate from the DNA center? 

Thanks in advance.

1 Accepted Solution

Accepted Solutions

abuzarghalib
Beginner
Beginner

I wasn't able to add the certificate manually, but my issue is resolved and DNAC was able to push it to WLC after updating the DNS entry for the DNAC. It was pointing to the enterprise IP and is updated to point to virtual IP instead then after than I push the telemetry back with force to WLC.  

View solution in original post

6 Replies 6

patoberli
VIP Alumni
VIP Alumni

I had a very similar issue just now, but with a C9300 switch. I could solve it by opening DNAC, Devices -> Inventory -> select the affected device -> Actions -> Telemetry -> Update Telemetry settings -> select the Force configuration update option -> Next a few times until it starts to push it. This will delete and re-create the sdn-network-infra-iwan certificate on the affected device. 

troelsl
Beginner
Beginner

The solution from patoberli, fixed the issue on my 9800 which deleted the sdn-network-infra-iwan certificate, updating the telemetry settings did not recreate the certificate without marking the checkmark Force configuration.

ereid99
Beginner
Beginner

I'm not getting any telemetry data from my WLC either.  On the WLC if I run show telemetry ietf subscription all, all subscriptions validate except for:

2118 Configured Invalid Invalid value '/services;serviceName=ewlc_oper/rrmMeasurement' for parameter 'filter

I updated the telemetry settings and used the force option like it was suggested, but it doesn't appear to have resolved my problem.

Output of:  show telemetry ietf subscription 2118 detail
Telemetry subscription detail:

Subscription ID: 2118
Type: Configured
State: Invalid
Stream: native
Filter:
Filter type: tdl-uri
TDL-URI: /services;serviceName=ewlc_oper/rrmMeasurement
Update policy:
Update Trigger: periodic
Period: 30000
Encoding: encode-tdl
Source VRF:
Source Address: 10.100.49.67
Notes: Invalid value '/services;serviceName=ewlc_oper/rrmMeasurement' for parameter 'filter'.

Named Receivers:
Name Last State Change State Explanation

-------------------------------------------------------------------------------------------------------------------------------------------------------
tls-native://sdn-network-infra-iwan@10.100.49.69 08/31/23 20:17:28 Disconnected Subscription invalid

Is it safe to try and remove that item?

Are you running an eWLC on an access point or a full WLC?

Based on the compatibility matrix, eWLC is not specifically listed, so I'm not entirely sure if it is supported at all.

In any case, try to send the Telimetry configuration again, with the Force option checked. That should completely clean the old configuration and send the new valid one.

ereid99
Beginner
Beginner

It's a full WLC (9800-40).  I tried the Telemetry config with the Force option a couple of times and it didn't resolve it.  I have a TAC case open, but haven't got on a call with them yet.  I'll post back what we end up doing.

abuzarghalib
Beginner
Beginner

I wasn't able to add the certificate manually, but my issue is resolved and DNAC was able to push it to WLC after updating the DNS entry for the DNAC. It was pointing to the enterprise IP and is updated to point to virtual IP instead then after than I push the telemetry back with force to WLC.  

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: