09-27-2024 10:26 AM - edited 09-27-2024 10:30 AM
When executing a Jija based template from DNAC/Catalyst Center on an ISR 1100 from factory defaults the following snippet is executed and fails to configure the embedded WLC. *Note this is a start to the config as the whole config still doesn't apply due to the error early in the interactive chain.
#MODE_ENABLE
#INTERACTIVE
hw-module session 0/3 endpoint 0<IQ>Terminal ready<R>\n<IQ>Enter Administrative User Name<R>USERNAMEHERE<IQ>characters<R>SUP3Rc0mpl3xPw0rd<IQ>Password<R>SUP3Rc0mpl3xPw0rd<IQ>System Name<R>WLC-DeviceSN
#MODE_END_ENABLE
#ENDS_INTERACTIVE
This is the error that is received:
Message: Unable to push the invalid CLI to the device XXX.XXX.XXX.XXX using protocol ssh2. Invalid CLI - Current output :
Re-enter Administrative Password :
Current expects : SUP3Rc0mpl3xPw0rd (Device echo)
Can anybody tell me what I am missing? I have been googling and trying to figure this out for the past week and some change. Thanks in advance y'all.
09-30-2024 08:27 AM
The nested control constructs look a bit off. Try:
#MODE_ENABLE
#INTERACTIVE
hw-module session 0/3 endpoint 0<IQ>Terminal ready<R>\n<IQ>Enter Administrative User Name<R>USERNAMEHERE<IQ>characters<R>SUP3Rc0mpl3xPw0rd<IQ>Password<R>SUP3Rc0mpl3xPw0rd<IQ>System Name<R>WLC-DeviceSN
#ENDS_INTERACTIVE
#END_MODE_ENABLE
You should end interactive before ending enable mode. Also the proper syntax to end enable mode is #END_MODE_ENABLE not #MODE_END_ENABLE
10-30-2024 09:32 AM
I was hoping to follow up on this to see if you could provide any more insight.
It seems, as if, when Re-Entering the Admin Password, Jinja is reading the original password as all Asterisks (*********). Is there any way to make the previous password display in plain text, or have Jinja just input the password without it looking at the original password.
This seems like a bug within DNAC since we can enter all Answers to all Questions manually, without the device getting hung up.
09-30-2024 03:26 PM - edited 09-30-2024 03:27 PM
I have modified to match what @Dan Rowe placed above. I still receive the same error message of
Message: Unable to push the invalid CLI to the device XXX.XXX.XXX.XXX using protocol ssh2. Invalid CLI - Current output : **********************
Re-enter Administrative Password :
Current expects : SUP3Rc0mpl3xPw0rd
I do not know what is stopping it from proceeding. The only thing I can think of is the asterisks or the close parenthesis is messing with the regex match string I am providing. Has anyone else beaten this issue?
09-30-2024 05:01 PM
Can you post the output of a terminal session where you do this manually?
10-30-2024 09:37 AM
Just wanted to see if you were able to review the manual input that was provided. When entering everything manually, the device configures without any issue, but when utilizing Jinja and Interactive Mode to answer the questions, it reads the original Password as all Asterisks (***********) when it is trying to verify the password.
Do you know of any way to make Jinja not read the previous password as ********* and see it in plain text or have it ignore the previous password all together?
10-01-2024 08:17 AM
I can post the list of questions and answers that are a part of the initial boot up and configuration of the embedded WLC. Please see below.
Enter Administrative User Name (24 characters max): USERNAMEHERE
Enter Administrative Password (3 to 127 characters): SUP3Rc0mpl3xPw0rd
Re-enter Administrative Password: SUP3Rc0mpl3xPw0rd
System Name [Cisco-extra.text.here] (24 characters max): WLC-DeviceSN
Enter Country Code list (enter 'help' for a list of countries) [US]: US
Configure a NTP server now? [YES][no]: no
Use default NTP servers [YES][no]: no
Enter the NTP server's IP address: XXX.XXX.XXX.XXX
Enter timezone location index (enter 'help' for a list of timezones): 1
Management Interface IP Address: XXX.XXX.XXX.XXX
Management Interface Netmask: XXX.XXX.XXX.XXX
Management Interface Default Router: XXX.XXX.XXX.XXX
Create Management DHCP Scope? [yes][NO]: NO
Employee Network Name (SSID)?: ARealNetworkName
Employee Network Security? [PSK][enterprise]: enterprise
Enter the RADIUS Server's Address: XXX.XXX.XXX.XXX
Enter the RADIUS Server's Port [1812]: 1812
Enter the RADIUS Server's Secret: AnotherSecretPassword
Enable RF Parameter Optimization? [YES][no]: no
Embedded WLC reboots and starts normal operations.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide