Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
984
Views
2
Helpful
3
Replies

DNA/Catalyst Center Lost WLC 9800 Assurance After Upgrade to 2.3.7.6

ntwkrgr
Level 1
Level 1

‎11-20-2024 08:46 AM

Versions

  • WLC 9800-80: 17.12.4
  • DNA/Catalyst Center: 2.3.7.6

Symptoms

  • No assurance data is being sent/received from our WLC 9800 immediately following DNA Upgrade to 2.3.7.6.
  • show telemetry connection all on the WLC shows:
    • Index Peer Address Port VRF Source Address State State Description
      ----- -------------------------- ----- --- -------------------------- ---------- --------------------
      46711 X.X.X.X 25103 0 X.X.X.X Connecting Connection request made to transport handler
  • WLC Alert: Certificate renewal failed for trustpoint sdn-network-infra-iwan Reason : Failed to get ID certificate from CA server

Things I've Tried

  • Removing the DNAC-CA from the WLC & Re-adding it
  • Forcing a Telemetry Configuration push from DNA
  • Deleting, re-discovering, & re-provisioning the WLC9800
  • Confirmed the source interface is correct on the WLC's DNAC-CA trustpoint config
  • Manually re-added the sdn-network-infra-iwan cert to the WLC
  • Disabled revocation checks for the trustpoint

I'm stumped. I'm convinced it's some kind of certificate issue, but I'm not super experienced with certs so I'm starting to get in over my head. I've seen a few bug reports somewhat related to this issue, but no workarounds have been found. Before submitting a TAC case, I thought I'd check here to see if the community has experience fixing this. 

Thanks!

2 people had this problem
Labels:
0 Helpful
3 Replies 3

ntwkrgr
Level 1
Level 1

‎11-20-2024 08:48 AM

Adding additional info:

I've run through this page, though admittedly, a lot of what's in here is new to me: https://www.cisco.com/c/en/us/support/docs/cloud-systems-management/dna-traffic-telemetry-appliance/217044-troubleshoot-no-assurance-data-from-wlc.html

Also, this is one of the similar bug reports I found (Though our WLC is not an eWLC): https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvr98535 

0 Helpful

maflesch
Cisco Employee
Cisco Employee

‎11-20-2024 11:02 AM

At this point I would open a TAC case. This could be more of an issue with the ios-xe collector establishing the connection than it is a cert issue on the WLC.

jdeibel
Level 1
Level 1

‎04-11-2025 12:51 PM

Hello, I am experiencing a similar issue with a pair of 9800s and tried many of the same things.

I'll be opening a TAC case regardless, but do you recall what the resolution was for your issue? Thanks.

Customers Also Viewed These Support Documents