Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
639
Views
0
Helpful
2
Replies

Access Point EAP-FAST PnP implementation

hugo.girard
Level 1
Level 1

‎03-24-2022 03:02 AM

Hello,

 

I would like to implement 802.1x on AP connected on Catalyst 9300.

The method used will be EAP-FAST.

I have directly configured the 802.1x credentials and the EAP-FAST on the Catalyst 9800 WLC and it works well.

 

With the new DNAC version, it is possible to configure this feature directly into DNAC (please see attached file AP_PnP_authentication.jpg) 

 

Unfortunately, I have the following error message during AP PnP process :

 

AP PNP Claim failed. ISE EAP Root CA certificate is not available. Please re-integrate ISE with DNAC

 

I have chosen the EAP-FAST method (credentials) in order not to have to manage certificates. I don't understand why DNAC want to implement an ISE certificate.

 

Regards,

Hugo

 

Labels:
Preview file
83 KB
0 Helpful
2 Replies 2

Mike.Cifelli
VIP Alumni
VIP Alumni

‎03-24-2022 04:55 AM 

AP PNP Claim failed. ISE EAP Root CA certificate is not available. Please re-integrate ISE with DNAC

-Out of curiosity if you navigate to system360 is the status with the connection to ISE via pxgrid up or down? Have you attempted to edit AAA server and essentially force re-sync of the integration to see if that helps? What version of dnac are you running? 

0 Helpful

hugo.girard
Level 1
Level 1
In response to Mike.Cifelli

‎03-24-2022 07:23 AM

Hi Mike,

 

Everything is ok on the system 360 :

 

ISE :

Secondary : available

Primary : available

Pxgrid-Acrive : available

Pxgrid-Standby : available

 

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card