I'm getting stuck with the access points in my CBD setup, perhaps someone can point me in the right direction.
The access points remain offline in CBD, and although I have wireless networks configured I only see the CiscoBusiness-Setup SSID.
Both the 140AC and 240AC show the same behaviour.
In the supported device list for CBD both AP's support all options except the embedded probe.
When looking the Enabled Devices list in CBD under Network Plug and Play the device status remains pending. I think this is because there is no configuration template present for AP's.
So, anyone who can give me a nudge in the right direction?.
I'm running CBD version 2.2.2 and both AP's have firmware version 10.3.1.0 installed.
You have raised a couple of different issues here. For the CBW APs to become online in CBD, there will either need to be a probe installed on the network, or the CBW cluster will need to be explicitly configured to connect to the dashboard. If this has been done, then it becomes a troubleshooting problem, but let's confirm the setup first.
In the case of PnP, having the device in pending state means one of a couple of things: either the access points have not discovered the dashboard correctly (using DHCP, DNS, or PnP Connect), the dashboard has been discovered by when the access point tries to connect it fails because of either a reachability or certificate problem, or the access point is connecting but is not correctly matching on the device profile you created because of either an incorrect serial number or product ID. The last case is easily checked by looking at the unclaimed device list to see if the access point is showing up there. For the other two cases, we would need a bit more information about how the environment is set up.
Given there are a few uncertainties here, the best option would be to call the support team and log a case. Then an engineer can work with you live to get to the bottom of what is happening. The contact numbers for support can be found at https://cisco.com/go/sbsc.
It's been a while since I have been working with CBD.
To my best recollection I think this was resolved, the main issue was an error in the config template I used to provision the AP's. The last time I checked there wasn't any builtin template for the AP's but Cisco was working on it.
If there isn't a builtin config template you can create one yourself by configuring the AP manually and exporting the config. You can then use that exported config as a base for your template but it will take some trial and error in finding out which line you have to remove from the config.
I had a working config but unfortunately it got lost during an upgrade.
Thanks for the reply. Yea I tried their template, I even copied theirs and modified my own. Still a no go. Beyond frustrating. I've verified the self signed cert has the correct info, option 43 on DHCP, I see the device in inventory, I put in the information I want on the pop tab, it then moves to enabled devices and sits there with a pending status. I've used to local probe on CBD I've stood up a separate probe and tried using it. Nothing.
If the devices are sitting in a pending state, then it means that they have not successfully connected to CBD using PnP. The two main reasons why this can happen is either that server discovery is not set up properly, so the device does not know which server to connect to, or because the server certificate on CBD is not trusted by the device.
For server discovery, it would probably be a good idea to doublecheck the format of option 43. You can find details in https://www.cisco.com/c/en/us/td/docs/cloud-systems-management/network-automation-and-management/cisco-business-dashboard/technical-reference/PnP_Guide_2_2.html#_Toc45117293, or if you like, you can post the string with any sesitive info masked out and we can look at it for you.
Once you are sure that discovery is working ok, the next thing to look at is the certificate. Make sure that the server identify (hostname or IP address) is listed in the Server-Alt-Name field of the certificate. Check the System > Certificate page to see the cert in plain text. Assuming that is correct, then the most likely issue is because you mention that the cert is self-signed. Because of this, the device cannot automatically trust the cert, and you will either need to provide the cert to the device using the T parameter in option 43, or use http for the initial connection (the K parameter). Under the circumstances, setting the K parameter to K4 for HTTP is probably the easiest solution.