Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
325
Views
0
Helpful
2
Replies

Switch Fails to Initiate PnP HTTP Communication with dna center

Go to solution
charles-michalski
Level 1
Level 1

‎05-09-2025 04:14 AM - edited ‎05-09-2025 04:15 AM

Current Issue

We are trying to initiate a PnP provisioning to a cat 9300L and apply a base config to be able to initiate ansible automation.

The switch successfully obtains an IP address via DHCP, along with option 43 information (IP of the Catalyst Center, port, protocol). The trunk is active, VLAN 856 is correctly propagated, and it is possible to ping the switch's IP address from a PC on the same network.

==> Despite this, the switch fails to initiate the expected HTTP/HTTPS sequence with the Catalyst Center.

The process is currently blocked at the HTTP GET /pnp/HELLO step → no response from the Catalyst Center.

Tests Performed:

  • Address 10.xxx.xxx.xxx (Catalyst Center instance 1)

    • Not reachable via ping from the router

    • No response to PnP request from the switch

    • Responds correctly from a workstation browser in the PTG VLAN with HTTP 200 on /pnp/HELLO

  • Address 10.xxx.yyy.yyy (Catalyst Center instance 2)

    • Ping OK from the router

    • No HTTP response from a browser (no HTTP 200)

  • DHCP option 43 modified to use:

    • HTTPS (K5)

    • Port 443 (J443)

    • The switch did not even attempt to establish a connection to the PnP server

  • Checked logs on the Catalyst Center:

    • No logs were found

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Preston Chilcote
Cisco Employee
Cisco Employee

‎05-09-2025 08:00 AM

What does the "pnp profile" config look like after the device gets it's IP address (pnp agent will configure this as part of the pnp process)?  That is the ip or fqdn that the pnp agent will use to reach out to find Catalyst Center.  Try pinging that ip or dns name from the switch to see if this is a routing issue or perhaps a certificate issue (did you replace the self-signed cert on your CC appliance?

 

It might be fastest to open a TAC case for real time troubleshooting.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Preston Chilcote
Cisco Employee
Cisco Employee

‎05-09-2025 08:00 AM

What does the "pnp profile" config look like after the device gets it's IP address (pnp agent will configure this as part of the pnp process)?  That is the ip or fqdn that the pnp agent will use to reach out to find Catalyst Center.  Try pinging that ip or dns name from the switch to see if this is a routing issue or perhaps a certificate issue (did you replace the self-signed cert on your CC appliance?

 

It might be fastest to open a TAC case for real time troubleshooting.

0 Helpful

Go to solution
charles-michalski
Level 1
Level 1
In response to Preston Chilcote

‎05-13-2025 02:24 AM

Thanks for the help,
We figured out the issue was because of an error in catalyst center inner routing.

Have a nice day   !

0 Helpful
Customers Also Viewed These Support Documents