cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
11908
Views
10
Helpful
4
Replies

Cisco DNA-Center update not working

Hi Friends,

 

we have problem with Cisco DNA-Center
we get an error message when we try to update:
"connectivity check failed. Connot locate new updates. Retry

if your network is protected by firewall or proxy, make sure *.ciscoconnectdna.com:443 is permitted to access the web"


we recently changed the RAID-Controller and installed Version 1.3.1 .

while installing DNA-Center we got issues while updating

we checked:
Proxy and Cisco login data are OK ;

  *http://ciscoconnectdna.com:443 is OK at the firewall

 

check BUG CSCvi73428 - no go

 

do you have any ideas ?

 

thanks !

1 Accepted Solution

Accepted Solutions

here how we resolved the isse:

 

DNA Center > Settings > Proxy config > Change https://a.a.a.a to http://a.a.a.a .

Click Apply

Wait ten minutes, you will receive the orange banner on top of DNAC as the containers update to use the new proxy

 

This should resolve the issue.

 

we also found out that the DNA-Center came with the wrong password.

The pre-configured passphrase in the proxy config settings was wrong.

 

So now it works with http: and not with https:

 

As the previous error message indicated, DNAC does not support HTTPS for connection to the proxy, only HTTP.

Note that the connections it makes through the proxy will still be encrypted end to end.

 

CSCvs25664 - Configuration wizard should not allow HTTPS url in proxy config

View solution in original post

4 Replies 4

Mike.Cifelli
VIP Alumni
VIP Alumni
See section 'Required URLs and FQDN Access': https://www.cisco.com/c/en/us/td/docs/cloud-systems-management/network-automation-and-management/dna-center/hardening_guide/b_dnac_security_best_practices_guide.html#d54e1500a1635

The allowed url for update packages needs to be: https://*.ciscoconnectdna.com/*

HTH!

Parthiv Shah
Cisco Employee
Cisco Employee

CSCvi73428 is very old bug.  Are you still observing problem?

 

it would be good to provide system360 and software update page screenshot.

PedroReforco
Level 1
Level 1
I had this issue since my appliance is going to internet via internal proxy, I saw the traffic going from the server without being marked with proxy so started to looking up how to configure the ubuntu and came to here.

Just needed to do this and it started working

login to the DNAC console via SSH on port 2222
Issue the following command
magctl service setenv catalogserver MAGLEV_HTTPS_PROXY http://:
I’ve heard different responses on whether to reboot or not after this change, but better be safe than sorry and issue a reboot command
sudo reboot



source:
https://www.nefkens.net/updating-dna-center-experiences/?unapproved=222&moderation-hash=0fbf268a4680eab7a87faa725642929a#comment-222

here how we resolved the isse:

 

DNA Center > Settings > Proxy config > Change https://a.a.a.a to http://a.a.a.a .

Click Apply

Wait ten minutes, you will receive the orange banner on top of DNAC as the containers update to use the new proxy

 

This should resolve the issue.

 

we also found out that the DNA-Center came with the wrong password.

The pre-configured passphrase in the proxy config settings was wrong.

 

So now it works with http: and not with https:

 

As the previous error message indicated, DNAC does not support HTTPS for connection to the proxy, only HTTP.

Note that the connections it makes through the proxy will still be encrypted end to end.

 

CSCvs25664 - Configuration wizard should not allow HTTPS url in proxy config

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco