Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
841
Views
0
Helpful
6
Replies

DNAC Jinja Template failing on Embedded WLC programming

NeOps
Level 1
Level 1

‎09-27-2024 10:26 AM - edited ‎09-27-2024 10:30 AM

When executing a Jija based template from DNAC/Catalyst Center on an ISR 1100 from factory defaults the following snippet is executed and fails to configure the embedded WLC. *Note this is a start to the config as the whole config still doesn't apply due to the error early in the interactive chain.

 

#MODE_ENABLE
#INTERACTIVE
hw-module session 0/3 endpoint 0<IQ>Terminal ready<R>\n<IQ>Enter Administrative User Name<R>USERNAMEHERE<IQ>characters<R>SUP3Rc0mpl3xPw0rd<IQ>Password<R>SUP3Rc0mpl3xPw0rd<IQ>System Name<R>WLC-DeviceSN
#MODE_END_ENABLE
#ENDS_INTERACTIVE

 

 This is the error that is received:

 

 

Message: Unable to push the invalid CLI to the device XXX.XXX.XXX.XXX using protocol ssh2. Invalid CLI - Current output : ****************

Re-enter Administrative Password :
Current expects : SUP3Rc0mpl3xPw0rd (Device echo)

Can anybody tell me what I am missing? I have been googling and trying to figure this out for the past week and some change. Thanks in advance y'all.

0 Helpful
6 Replies 6

Dan Rowe
Cisco Employee
Cisco Employee

‎09-30-2024 08:27 AM

The nested control constructs look a bit off. Try:

#MODE_ENABLE
#INTERACTIVE
hw-module session 0/3 endpoint 0<IQ>Terminal ready<R>\n<IQ>Enter Administrative User Name<R>USERNAMEHERE<IQ>characters<R>SUP3Rc0mpl3xPw0rd<IQ>Password<R>SUP3Rc0mpl3xPw0rd<IQ>System Name<R>WLC-DeviceSN
#ENDS_INTERACTIVE
#END_MODE_ENABLE

 You should end interactive before ending enable mode. Also the proper syntax to end enable mode is #END_MODE_ENABLE not #MODE_END_ENABLE

0 Helpful

NeOps
Level 1
Level 1
In response to Dan Rowe

‎10-30-2024 09:32 AM

@Dan Rowe 

I was hoping to follow up on this to see if you could provide any more insight.

It seems, as if, when Re-Entering the Admin Password, Jinja is reading the original password as all Asterisks (*********). Is there any way to make the previous password display in plain text, or have Jinja just input the password without it looking at the original password.

This seems like a bug within DNAC since we can enter all Answers to all Questions manually, without the device getting hung up.

0 Helpful

NeOps
Level 1
Level 1

‎09-30-2024 03:26 PM - edited ‎09-30-2024 03:27 PM

I have modified to match what @Dan Rowe placed above. I still receive the same error message of 

 

Message: Unable to push the invalid CLI to the device XXX.XXX.XXX.XXX using protocol ssh2. Invalid CLI -  Current output :  **********************

Re-enter Administrative Password                 : 
Current expects : SUP3Rc0mpl3xPw0rd

 

I do not know what is stopping it from proceeding. The only thing I can think of is the asterisks or the close parenthesis is messing with the regex match string I am providing. Has anyone else beaten this issue?

0 Helpful

Torbjørn
VIP
VIP

‎09-30-2024 05:01 PM

Can you post the output of a terminal session where you do this manually? 

Happy to help! Please mark as helpful/solution if applicable.
Get in touch: https://torbjorn.dev
0 Helpful

NeOps
Level 1
Level 1
In response to Torbjørn

‎10-30-2024 09:37 AM

@Torbjørn 

Just wanted to see if you were able to review the manual input that was provided. When entering everything manually, the device configures without any issue, but when utilizing Jinja and Interactive Mode to answer the questions, it reads the original Password as all Asterisks (***********) when it is trying to verify the password.

Do you know of any way to make Jinja not read the previous password as ********* and see it in plain text or have it ignore the previous password all together?

0 Helpful

NeOps
Level 1
Level 1

‎10-01-2024 08:17 AM

I can post the list of questions and answers that are a part of the initial boot up and configuration of the embedded WLC. Please see below.

Enter Administrative User Name (24 characters max): USERNAMEHERE

Enter Administrative Password (3 to 127 characters): SUP3Rc0mpl3xPw0rd

Re-enter Administrative Password: SUP3Rc0mpl3xPw0rd

System Name [Cisco-extra.text.here] (24 characters max): WLC-DeviceSN

Enter Country Code list (enter 'help' for a list of countries) [US]: US

Configure a NTP server now? [YES][no]: no

Use default NTP servers [YES][no]: no

Enter the NTP server's IP address: XXX.XXX.XXX.XXX

Enter timezone location index (enter 'help' for a list of timezones): 1

Management Interface IP Address: XXX.XXX.XXX.XXX

Management Interface Netmask: XXX.XXX.XXX.XXX

Management Interface Default Router: XXX.XXX.XXX.XXX

Create Management DHCP Scope? [yes][NO]: NO

Employee Network Name (SSID)?:  ARealNetworkName

Employee Network Security? [PSK][enterprise]: enterprise

Enter the RADIUS Server's Address: XXX.XXX.XXX.XXX

Enter the RADIUS Server's Port [1812]: 1812

Enter the RADIUS Server's Secret: AnotherSecretPassword

Enable RF Parameter Optimization? [YES][no]: no

 

Embedded WLC reboots and starts normal operations.

0 Helpful
Customers Also Viewed These Support Documents