cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1761
Views
6
Helpful
2
Replies

Startup-config is ignored. So, HTTP Secure server configuration not done

John Palmason
Level 4
Level 4

Hello I have been testing/deploying and redeploying my PNP setup and I am slowly correcting issues as I go along.   I am at a point now where I am getting a repeatable issue with either my configuration file or my design.  I delete the following:

  1. the project hosts in APIC-EM
  2. the project in APIC-EM
  3. the configuration files
  4. and re-add with the bulk importer tool (great time saver) and upload all the manual configurations files again.

On each device i do the following (thanks Adam R):

# remove the certificates on active and standby

delete /force nvram:*.cer

delete /force stby-nvram:*.cer

# remove vlan data based from active and standby

Stack

delete /force flash-1:vlan.dat

delete /force flash-2:vlan.dat

Non-Stack

delete /force flash:vlan.dat

#  remove certificates from memory.  NOTE: you will not be able to SSH after this

conf t

crypto key zeroize

yes

end

# erase the config

write erase

reload

Now I am seeing a unexpected result, my hardware is getting fully provisioned in APIC-EM and giving the green light as for as no errors.  But logging into the console I am seeing the following error:

     --- System Configuration Dialog ---

Enable secret warning

----------------------------------

In order to access the device manager, an enable secret is required

If you enter the initial configuration dialog, you will be prompted for the enable secret

If you choose not to enter the intial configuration dialog, or if you exit setup without setting the enable secret,

please set an enable secret using the following CLI in configuration mode-

enable secret 0 <cleartext password>

----------------------------------

Would you like to enter the initial configuration dialog? [yes/no]:

%Error opening tftp://172.16.33.139/network-confg (Timed out)

%Error opening tftp://172.16.33.139/cisconet.cfg (Timed out)

%Error opening tftp://172.16.33.139/bcfs34330-confg (Timed out)

% Please answer 'yes' or 'no'.

Would you like to enter the initial configuration dialog? [yes/no]: no

Startup-config is ignored. So, HTTP Secure server configuration not done

I am missing a simple cleanup step?  My switches appear to be fully configured and functional but I am just wondering about this error message.

2 Replies 2

John Palmason
Level 4
Level 4

Here is the show pnp trace, the switch is getting provisioned but not with the static address I have assigned in the configuration. It seems like most of the configuration is getting applied but no the static vlan assignment.

#sho pnp trace

[11/11/16 08:26:26.410 PST 1 460] Info: Startup config does not exists

[11/11/16 08:26:26.410 PST 2 460] start_pnpa_discovery: PnP Discovery trial number[1]

[11/11/16 08:26:26.410 PST 3 460] start_pnpa_discovery: Initiating PnP discovery manager

[11/11/16 08:26:26.410 PST 4 460] pnpa_discovery_autoinstall_pid_create: waiting for autoinstall

[11/11/16 08:27:10.636 PST 5 460] pnpa_discovery_autoinstall_pid_create:Received autoinstall complete status

[11/11/16 08:27:15.631 PST 6 460] pnpa_autonomic_discovery: Starting autonomic discovery

[11/11/16 08:27:15.631 PST 7 460] pnpa_autonomic_discovery: Starting autonomic discovery

[11/11/16 08:27:20.629 PST 8 460] pnpa_disc_dhcp_option_43: op43 strict protocol: Yes, must secure: No

[11/11/16 08:27:20.629 PST 9 460] pnpa_disc_dhcp_option_43: op43 profile pnp-zero-touch

[11/11/16 08:27:20.630 PST A 460] pnpa_disc_dhcp_option_43: op43 ipaddr 172.16.210.10

[11/11/16 08:27:20.630 PST B 460] pnpa_disc_dhcp_option_43: op43 transport 1

[11/11/16 08:27:20.630 PST C 460] pnpa_disc_dhcp_option_43: transport http

[11/11/16 08:27:20.630 PST D 460] pnpa_validate_port_type: Port is 80

[11/11/16 08:27:20.630 PST E 460] pnpa_disc_dhcp_option_43: op43 port 80

[11/11/16 08:27:20.630 PST F 460] pnpa_validate_ip_type: op43 iptype ipv4

[11/11/16 08:27:20.630 PST 10 460] pnp_httpc_register: PnP httpc registered

[11/11/16 08:27:20.631 PST 11 460] get_pnp_work_req_url: Port is 80

[11/11/16 08:27:20.631 PST 12 460] pnp_httpc_send_get: url http://172.16.210.10:80/pnp/HELLO

[11/11/16 08:27:20.631 PST 13 460] pnp_httpc_send_get: HTTP SEND SUCCESS

[11/11/16 08:27:20.647 PST 14 350] pnp_http_resp_data_alloc: PnP response data alloc 4096 bytes

[11/11/16 08:27:20.648 PST 15 350] pnp_resp_data: request status Response data recieved, successfully

[11/11/16 08:27:20.648 PST 16 350] pnp_resp_data: DATA STARTS HERE

[11/11/16 08:27:20.648 PST 17 350] pnp_resp_data: DATA ENDS HERE

[11/11/16 08:27:20.648 PST 18 350] pnp_resp_data: Status of this transaction is 200

[11/11/16 08:27:20.648 PST 19 350] pnp_resp_data: Length of data handed over 21

[11/11/16 08:27:20.648 PST 1A 350] pnp_resp_data: session id       : 3

[11/11/16 08:27:20.648 PST 1B 350] pnp_resp_data: transaction id   : 1

[11/11/16 08:27:20.649 PST 1C 350] pnp_resp_data: status_code      : 200

[11/11/16 08:27:20.649 PST 1D 350] pnp_resp_data: status_string    : OK

[11/11/16 08:27:20.649 PST 1E 350] pnp_resp_data: content_type     : application/json;charset=UTF-8

[11/11/16 08:27:20.649 PST 1F 350] pnp_resp_data: content_encoding :

[11/11/16 08:27:20.649 PST 20 350] pnp_resp_data: content_length   : 21

[11/11/16 08:27:20.649 PST 21 350] pnp_resp_data: Location         :

[11/11/16 08:27:20.649 PST 22 350] pnp_resp_data: Server           : Jetty(9.0.z-SNAPSHOT)

[11/11/16 08:27:20.650 PST 23 350] pnp_resp_data: Data has not been cached

[11/11/16 08:27:20.650 PST 24 350] pnp_http_resp_data_free: pnp response data freed

[11/11/16 08:27:20.650 PST 25 460] pnp_httpc_send_get: HTTP send success()

[11/11/16 08:27:20.650 PST 26 460] send_work_req: HTTP SEND GET REQUEST SUCCESS

[11/11/16 08:27:20.650 PST 27 460] HA registry indicates presence of standby

[11/11/16 08:27:20.651 PST 28 460] HA, config safe check [NOT OK], for configuring[try:0]

[11/11/16 08:27:20.651 PST 29 460] HA, config safe check [NOT OK], for configuring[try:1]

[11/11/16 08:27:20.651 PST 2A 460] pnpa_dhcp_discovery:PnP profile config unsuccessful

[11/11/16 08:27:20.657 PST 2B 460] pnpa_disc_dhcp_option_43: op43 strict protocol: Yes, must secure: No

[11/11/16 08:27:20.657 PST 2C 460] pnpa_disc_dhcp_option_43: op43 profile pnp-zero-touch

[11/11/16 08:27:20.657 PST 2D 460] pnpa_disc_dhcp_option_43: op43 ipaddr 172.16.210.10

[11/11/16 08:27:20.657 PST 2E 460] pnpa_disc_dhcp_option_43: op43 transport 1

[11/11/16 08:27:20.657 PST 2F 460] pnpa_disc_dhcp_option_43: transport http

[11/11/16 08:27:20.657 PST 30 460] pnpa_validate_port_type: Port is 80

[11/11/16 08:27:20.657 PST 31 460] pnpa_disc_dhcp_option_43: op43 port 80

[11/11/16 08:27:20.657 PST 32 460] pnpa_validate_ip_type: op43 iptype ipv4

[11/11/16 08:27:20.658 PST 33 460] pnp_httpc_register: PnP Already registered with httpc

[11/11/16 08:27:20.658 PST 34 460] get_pnp_work_req_url: Port is 80

[11/11/16 08:27:20.658 PST 35 460] pnp_httpc_send_get: url http://172.16.210.10:80/pnp/HELLO

[11/11/16 08:27:20.658 PST 36 460] pnp_httpc_send_get: HTTP SEND SUCCESS

[11/11/16 08:27:20.664 PST 37 350] pnp_http_resp_data_alloc: PnP response data alloc 4096 bytes

[11/11/16 08:27:20.664 PST 38 350] pnp_resp_data: request status Response data recieved, successfully

[11/11/16 08:27:20.664 PST 39 350] pnp_resp_data: DATA STARTS HERE

[11/11/16 08:27:20.664 PST 3A 350] pnp_resp_data: DATA ENDS HERE

[11/11/16 08:27:20.664 PST 3B 350] pnp_resp_data: Status of this transaction is 200

[11/11/16 08:27:20.664 PST 3C 350] pnp_resp_data: Length of data handed over 21

[11/11/16 08:27:20.664 PST 3D 350] pnp_resp_data: session id       : 3

[11/11/16 08:27:20.664 PST 3E 350] pnp_resp_data: transaction id   : 2

[11/11/16 08:27:20.664 PST 3F 350] pnp_resp_data: status_code      : 200

[11/11/16 08:27:20.664 PST 40 350] pnp_resp_data: status_string    : OK

[11/11/16 08:27:20.664 PST 41 350] pnp_resp_data: content_type     : application/json;charset=UTF-8

[11/11/16 08:27:20.664 PST 42 350] pnp_resp_data: content_encoding :

[11/11/16 08:27:20.664 PST 43 350] pnp_resp_data: content_length   : 21

[11/11/16 08:27:20.664 PST 44 350] pnp_resp_data: Location         :

[11/11/16 08:27:20.664 PST 45 350] pnp_resp_data: Server           : Jetty(9.0.z-SNAPSHOT)

[11/11/16 08:27:20.664 PST 46 350] pnp_resp_data: Data has not been cached

[11/11/16 08:27:20.664 PST 47 350] pnp_http_resp_data_free: pnp response data freed

[11/11/16 08:27:20.664 PST 48 460] pnp_httpc_send_get: HTTP send success()

[11/11/16 08:27:20.664 PST 49 460] send_work_req: HTTP SEND GET REQUEST SUCCESS

[11/11/16 08:27:20.664 PST 4A 460] HA registry indicates presence of standby

[11/11/16 08:27:20.664 PST 4B 460] HA, config safe check [NOT OK], for configuring[try:0]

[11/11/16 08:27:20.664 PST 4C 460] HA, config safe check [NOT OK], for configuring[try:1]

[11/11/16 08:27:20.664 PST 4D 460] pnpa_dhcp_discovery:PnP profile config unsuccessful

[11/11/16 08:27:25.670 PST 4E 460] pnpa_dns_discovery: Starting PnP DNS discovery

[11/11/16 08:27:25.670 PST 4F 460] pnpa_disc_dhcp_dns: domain name abc.com on interface Vlan107

[11/11/16 08:27:25.690 PST 50 460] pnpa_disc_dhcp_dns: CA Bundle address resolution failed

[11/11/16 08:27:25.690 PST 51 460] pnpa_disc_dhcp_dns: CA bundle URL [http://pnpserver.abc.com/ca/trustpool]

[11/11/16 08:27:25.698 PST 52 460] pnp_httpc_register: PnP Already registered with httpc

[11/11/16 08:27:25.698 PST 53 460] get_pnp_work_req_url: Port is 80

[11/11/16 08:27:25.698 PST 54 460] pnp_httpc_send_get: url http://pnpserver.abc.com/pnp/HELLO

[11/11/16 08:27:25.699 PST 55 460] pnp_httpc_send_get: HTTP SEND SUCCESS

[11/11/16 08:27:25.717 PST 56 350] pnp_http_resp_data_alloc: PnP response data alloc 4096 bytes

[11/11/16 08:27:25.717 PST 57 350] pnp_resp_data: request status Response data recieved, successfully

[11/11/16 08:27:25.717 PST 58 350] pnp_resp_data: DATA STARTS HERE

[11/11/16 08:27:25.717 PST 59 350] pnp_resp_data: DATA ENDS HERE

[11/11/16 08:27:25.717 PST 5A 350] pnp_resp_data: Status of this transaction is 200

[11/11/16 08:27:25.717 PST 5B 350] pnp_resp_data: Length of data handed over 21

[11/11/16 08:27:25.717 PST 5C 350] pnp_resp_data: session id       : 3

[11/11/16 08:27:25.717 PST 5D 350] pnp_resp_data: transaction id   : 3

[11/11/16 08:27:25.717 PST 5E 350] pnp_resp_data: status_code      : 200

[11/11/16 08:27:25.717 PST 5F 350] pnp_resp_data: status_string    : OK

[11/11/16 08:27:25.717 PST 60 350] pnp_resp_data: content_type     : application/json;charset=UTF-8

[11/11/16 08:27:25.717 PST 61 350] pnp_resp_data: content_encoding :

[11/11/16 08:27:25.717 PST 62 350] pnp_resp_data: content_length   : 21

[11/11/16 08:27:25.717 PST 63 350] pnp_resp_data: Location         :

[11/11/16 08:27:25.717 PST 64 350] pnp_resp_data: Server           : Jetty(9.0.z-SNAPSHOT)

[11/11/16 08:27:25.717 PST 65 350] pnp_resp_data: Data has not been cached

[11/11/16 08:27:25.717 PST 66 350] pnp_http_resp_data_free: pnp response data freed

[11/11/16 08:27:25.717 PST 67 460] pnp_httpc_send_get: HTTP send success()

[11/11/16 08:27:25.718 PST 68 460] send_work_req: HTTP SEND GET REQUEST SUCCESS

[11/11/16 08:27:25.718 PST 69 460] HA registry indicates presence of standby

[11/11/16 08:27:25.718 PST 6A 460] HA, config safe check [NOT OK], for configuring[try:0]

[11/11/16 08:27:25.718 PST 6B 460] 10.stdby Disabled;

[11/11/16 08:27:26.793 PST 6C 460] HA, config safe check [OK], for configuring[try:1]

[11/11/16 08:27:26.793 PST 6D 460] pnpa_dns_discovery:Configured pnp profile

[11/11/16 08:27:26.794 PST 6E 460] pnp_setup_abort:Setup abort initiated

[11/11/16 08:27:26.794 PST 6F 460] start_pnpa_discovery: PnP discovery process successful

[11/11/16 08:27:26.794 PST 70 460] pnp_autoinstall_terminate: Terminating ip autoinstall

[11/11/16 08:27:26.794 PST 71 460] pnp_autoinstall_terminate: Terminating DHCP autoinstall

[11/11/16 08:28:10.478 PST 72 167] 11.stdby Disabled;

[11/11/16 08:28:10.478 PST 73 167] 12.stdby Disabled;

[11/11/16 08:28:10.478 PST 74 167] HA registry indicates NO standby up

[11/11/16 08:28:10.478 PST 75 167] 13.stdby Disabled;

[11/11/16 08:28:10.011 PST 76 167] HA, config safe check [OK], for configuring[try:0]

[11/11/16 08:28:10.497 PST 77 166] 14.stdby Disabled;

[11/11/16 08:28:10.497 PST 78 166] HA registry indicates NO standby up

[11/11/16 08:28:10.497 PST 79 166] 15.stdby Disabled;

[11/11/16 08:28:11.500 PST 7A 166] HA, config safe check [OK], for configuring[try:0]

[11/11/16 08:28:36.815 PST 7B 172] 16.stdby Disabled;

[11/11/16 08:36:06.038 PST 7C 460] pnp_ntp_pre_sync_notification NTP clock Pre-sync notification

[11/11/16 08:36:09.039 PST 7D 460] pnp_ntp_clock_synced_notify NTP clock synced

[11/11/16 08:37:22.924 PST 7E 172] Setting pnpa pnp_start_cfg_empty_flag var to FALSE

Are you changing the IP address or the VLAN or both?

Can you share the config for IP/VLAN you are pushing