Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
7523
Views
15
Helpful
7
Replies

DNAC and 9800, No health score

ROBERT T
Level 4
Level 4

‎11-10-2021 11:39 AM

I have a brand new 9800 that has no health score. DNAC is not giving any client health information. When it was discovered, status, icmp, snmp,cli, netconf all had green checks.

Brand new Brownfield 9800L, Version 17.3.3 ESW10

DNAC, Version 2.2.2.5

 

I have tried to rediscover the controller. I have also tried to push telemetry to it from the inventory page. Neither of these helped.

 

I also have a 3504 that has been in the system for a long time that now does not have a health score and no client data.

 

What are some strategies to fix this?

Labels:
0 Helpful
7 Replies 7

willwetherman
Spotlight
Spotlight

‎11-10-2021 02:34 PM - edited ‎11-10-2021 02:36 PM

Hi @ROBERT T 

 

Can you run the following on the 9800 WLC to check the status of telemetry?

 

show telemetry internal connection

 

If its stuck in the 'connecting' state, and connectivity is ok between the WLC and DNAC, then its most likely a TLS validation issue. Firstly can you try and disable the revocation check under the DNAC-CA trustpoint and set the source interface to match the interface that is used for DNAC management. Example below. Once configured, wait 5-10 minutes and see if telemetry connection kicks in.

 

crypto pki trustpoint DNAC-CA
revocation-check none
source interface Vlan10

rasmus.elmholt
Level 7
Level 7

‎11-14-2021 04:55 PM

Take a look at this guide on how to troubleshoot Assurance Data between WLC and DNAC. Have used the guide a couple of times to narrow down the issue.

 

https://www.cisco.com/c/en/us/support/docs/cloud-systems-management/dna-traffic-telemetry-appliance/217044-troubleshoot-no-assurance-data-from-wlc.html

ROBERT T
Level 4
Level 4
In response to rasmus.elmholt

‎11-16-2021 01:41 PM

This document wasn't very helpful. It also outlines a lot of bugs.

show telemetry internal connection --> provides nothing in the output.

 

I tried the following with the correct VLAN Interface.

crypto pki trustpoint DNAC-CA
revocation-check none
source interface Vlan10

 

I had DNAC push out the Telemetry again using the force option.

0 Helpful

rasmus.elmholt
Level 7
Level 7
In response to ROBERT T

‎11-17-2021 03:16 AM

If there is nothing in the output then there is your problem.

It shoud look something like this:

wlc01-abh022#show telemetry internal connection 
Telemetry connections

Index Peer Address               Port  VRF Source Address             State
----- -------------------------- ----- --- -------------------------- ----------
   18 <DNAC IP>               25103   0 <WLC IP>                Active

What is the output of the following WLC commands:

Show platform software trace message mdt-pubd chassis active r0
Show platform software yang-management process

On the DNAC maybe these commands can give some info:

magctl service logs -r apic-em-pki | lql | grep failed
Magctl service logs -r wirelessco | grep <date>
Magctl service logs -r dna-wireless

 

 

0 Helpful

shubham-mittal
Level 1
Level 1
In response to rasmus.elmholt

‎09-06-2023 05:02 PM

I do have similar issue, DNAC is running with 2.2.3.6 and WLCs(9800) are in HA and running with 17.3.6.

I have discovered 2 different WLCs and facing same issue.

0 Helpful

usaf_27
Level 1
Level 1

‎11-18-2021 07:14 PM

Do you have “Device controllability” enabled?

ROBERT T
Level 4
Level 4

‎11-19-2021 09:51 AM

I upgraded DNA Center from 2.2.2.5 to 2.2.3.3 and now the problems are gone. 

It may have been a bug in DNA Center.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card