Trying to update switches OS from DNA UI and receiving this pre-check error:
File transfer using HTTPS and SCP failed
Expected : Device need to have https/scp reachability to Controller
Action : Verify HTTPS/SCP configurations, DNAC certificates on device and protocol reachability
This is switch config:
aaa authentication login default local
aaa authorization exec default local
ip domain name test.ru
ip http secure-server
ip ssh version 2
ip scp server enable
ip address 172.23.84.114 255.255.255.0
DNA ip address is 172.23.84.110. There is no security devices between them.
I can ping switch from DNA CLI, transfer files manually and ssh to switch from DNA.
$ ping 172.23.84.114
PING 172.23.84.114 (172.23.84.114) 56(84) bytes of data.
64 bytes from 172.23.84.114: icmp_seq=1 ttl=254 time=0.544 ms
64 bytes from 172.23.84.114: icmp_seq=2 ttl=254 time=0.437 ms
64 bytes from 172.23.84.114: icmp_seq=3 ttl=254 time=0.456 ms
64 bytes from 172.23.84.114: icmp_seq=4 ttl=254 time=0.475 ms
--- 172.23.84.114 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3000ms
rtt min/avg/max/mdev = 0.437/0.478/0.544/0.040 ms
$ ssh email@example.com
Connection to 172.23.84.114 closed by remote host
$ scp ld-linux-x86-64.so.2 firstname.lastname@example.org:ld-linux-x86-64.so.2
The authenticity of host '172.23.84.114 (172.23.84.114)' can't be established.
RSA key fingerprint is SHA256:0Va4kQYFYOMmAYiNW89T9Z86llDvXGaLmS9FA8mo69g.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.23.84.114' (RSA) to the list of known hosts.
ld-linux-x86-64.so.2 100% 159KB 158.8KB/s 00:00
Connection to 172.23.84.114 closed by remote host.
How to fix update error in DNA UI?
what's the DNA center version , Also can you check if the DNA Center certificate is been installed on Network device on which you are trying installation "show running | sec crypto"
DNAC Version 1.2.8
Command output from switch below
crypto pki certificate chain DNAC-CA
certificate ca 00E99FCCE66D61F2AA
308202F7 308201DF A0030201 02020900 E99FCCE6 6D61F2AA 300D0609 2A864886 ....
It's quite strange but after two days it started to work. With no changes at all.