cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1398
Views
0
Helpful
2
Replies

How to configure PnP behind a vEdge Device

Weberb6834
Level 1
Level 1

Hello everyone,

 

We are trying to setup Zero Touch Deployment of Routers, Switches and APs for a school project.

 

We have been able to configure vManage and get all our routers connected to it and pull configuration, but the issue we are having is now that since the routers need to be in controller mode in order to pull their configs from vManage, we are no longer able to deploy our Switches using Cisco PnP.

 

What we have setup is that the Router (cEdge Router 4451-x) uses DHCP options 67 and 150 to provide the Switch (Catalyst 9300) with the location of our TFTP server and a python script which the switch then uses to configure itself, this works perfectly when the router is not in controller/SD WAN mode. But ever since we have made this change, when the switch reaches out for its configuration we get the error "GET Dropped because peer didn't response" on the TFTP server. I did a "show pnp trace" on the switch and have included that output below.

 

It seems to me that there is some sort of built in access list on the router once it is put into controller mode that prevents the switch from being able to pull its configuration, the TFTP server is seeing the connection from the switch because before it errors out it says "GET Started c:\tftp-root\Test3.py" about 5 times before starting to drop the connection but there just seems to be something stopping the switch from actually running the file.

 

Any assistance would be greatly appreciated, I have attached the router config as well as the script that is being access through the TFTP server and the "show pnp trace" command from the switch.

 

Thanks!

2 Replies 2

 I think that both ways should work; basically the different is who you provision the router. Unless when in sdwan mode you have differents config.

 I can see that on the DHCP pool, you  are using default-router 10.100.5.1 

which is the interface router´s

 

GigabitEthernet0/0/1
ip address 10.100.5.1 255.255.255.0
negotiation auto

Which means, once the switch gets the IP address and try to call 10.10.30.111,  It will send it to router. 

Does the router can get to this IP? Using which interface?

And this guy 10.10.30.111 can reply to swtich?

 On the PnP logs looks like the switch complain a lot about many things.

 

 

Hey Flavio,

 

Yes that is correct, our router acts as the DHCP server, gives DHCP to the switch via interface GigabitEthernet 0/0/1 and then the switch reaches out to the TFTP server (10.10.30.111) through the router.

 

The router is able to ping the TFTP server using GigabitEthernet 0/0/1 and 0/0/0 (I did a ping test with source from both interfaces on the router)

 

I believe the switch is able to reach the TFTP server during the boot process, it gets an IP of 10.100.5.51 on VLAN 1 through DHCP, the same process happens when the switch boots from a router not in controller mode, but after the boot process is over, I was unable to ping 10.10.30.111 from the switch.

 

We wiped the router completely and put it back into SD WAN mode and entered the bare minimum commands to get it to work but still no luck so I don't believe its configured differently than our router not in SD WAN mode.

 

Let me know if I can provide you with anymore show commands or documentation to help with troubleshooting.

 

Thanks!

 

-Ben Weber

Review Cisco Networking for a $25 gift card