cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
227
Views
0
Helpful
2
Replies
Highlighted

File transfer using HTTPS and SCP failed

Hi all!

Trying to update switches OS from DNA UI and receiving this pre-check error:

File transfer using HTTPS and SCP failed
Expected : Device need to have https/scp reachability to Controller
Action : Verify HTTPS/SCP configurations, DNAC certificates on device and protocol reachability

 

This is switch config:

 

aaa new-model
aaa authentication login default local
aaa authorization exec default local

hostname DNA-SW-01

ip domain name test.ru

ip http secure-server

ip ssh version 2

ip scp server enable

interface Vlan1
ip address 172.23.84.114 255.255.255.0

 

DNA ip address is 172.23.84.110. There is no security devices between them. 

I can ping switch from DNA CLI, transfer files manually and ssh to switch from DNA.

 

$ ping 172.23.84.114
PING 172.23.84.114 (172.23.84.114) 56(84) bytes of data.
64 bytes from 172.23.84.114: icmp_seq=1 ttl=254 time=0.544 ms
64 bytes from 172.23.84.114: icmp_seq=2 ttl=254 time=0.437 ms
64 bytes from 172.23.84.114: icmp_seq=3 ttl=254 time=0.456 ms
64 bytes from 172.23.84.114: icmp_seq=4 ttl=254 time=0.475 ms
^C
--- 172.23.84.114 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3000ms
rtt min/avg/max/mdev = 0.437/0.478/0.544/0.040 ms

 

 

$ ssh admin@172.23.84.114
Password:

DNA-SW-01#quit
Connection to 172.23.84.114 closed by remote host

 

 

$ scp ld-linux-x86-64.so.2 admin@172.23.84.114:ld-linux-x86-64.so.2
The authenticity of host '172.23.84.114 (172.23.84.114)' can't be established.
RSA key fingerprint is SHA256:0Va4kQYFYOMmAYiNW89T9Z86llDvXGaLmS9FA8mo69g.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.23.84.114' (RSA) to the list of known hosts.
Password:
ld-linux-x86-64.so.2 100% 159KB 158.8KB/s 00:00
Connection to 172.23.84.114 closed by remote host.

 

How to fix update error in DNA UI?

2 REPLIES 2
Cisco Employee

Re: File transfer using HTTPS and SCP failed

what's the DNA center version , Also can you check if the DNA Center certificate is been installed on Network device on which you are trying installation "show running | sec crypto"

Re: File transfer using HTTPS and SCP failed

DNAC Version 1.2.8

 

Command output from switch below

 

crypto pki certificate chain DNAC-CA
certificate ca 00E99FCCE66D61F2AA
308202F7 308201DF A0030201 02020900 E99FCCE6 6D61F2AA 300D0609 2A864886 ....

 

It's quite strange but after two days it started to work. With no changes at all.

CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards