Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1183
Views
0
Helpful
6
Replies

Cisco ap disassociated from controller on PRIME

huseyin
Level 1
Level 1

‎09-30-2024 07:11 AM

Hi everyone

We installed a lot of Cisco Switches, 2 wireless controllers, and a lot of APs.

Also, we installed Cisco PRIME. The Cisco Prime version is 3.9.0.0.219. Also, I added Security Update and Device Pack files. All switch platforms work on PRIME successfully. But all APs are not. When I click Controllers or APs I see a blank webpage. I added a lot of screenshots. As you can see; ALL APs disassociated from the controller. Do you know how I can fix it?

Regards. 

1 person had this problem
Labels:
Preview file
186 KB
Preview file
148 KB
Preview file
199 KB
Preview file
374 KB
0 Helpful
6 Replies 6

Flavio Miranda
VIP
VIP

‎09-30-2024 07:16 AM

@huseyin 

 Try to remove the WLC from cisco prime and add it again. As long as the WLC is not successfully communicating with Cisco Prime, what you are seing is actually the expected behavior.

 

0 Helpful

huseyin
Level 1
Level 1

‎09-30-2024 11:29 AM

Unfortunately, this solution was a growing problem. For this reason, we found a bug! I couldn't delete this WLC.  Also, I couldn't add this WLC again. I need a different solution. 

Cisco Bug: CSCvx50660 Unable to delete wireless LAN controllers from Prime Infrastructure 

0 Helpful

Flavio Miranda
VIP
VIP
In response to huseyin

‎09-30-2024 11:44 AM

You need TAC assistance. They are able to get to the Prime data base and manuallly remove the entry.

0 Helpful

huseyin
Level 1
Level 1

‎10-03-2024 03:41 AM

I was working on my Lab. And I successfully deleted Controller from PRIME. 

But When I try to add again. It can not happen.

On C9800 WLC CLI portal;

C9800-CL#
Oct 3 10:38:14.053: %SSH-3-NO_MATCH: No matching mac found: client hmac-sha1-96,hmac-sha1,hmac-md5-96,hmac-md5,hmac-sha2-256,hmac-sha2-512 server hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com
Oct 3 10:38:14.053: %SSH-5-SSH2_SESSION: SSH2 Session request from 192.168.40.26 (tty = 1) using crypto cipher '', hmac '' Failed
Oct 3 10:38:14.054: %SSH-5-SSH2_CLOSE: SSH2 Session from 192.168.40.26 (tty = 1) for user '' using crypto cipher '', hmac '' closed

What is that? Do You have any Idea?

Regards

0 Helpful

huseyin
Level 1
Level 1

‎10-03-2024 03:43 AM

On C9800 CLI Screen;

C9800-CL#sh ip ssh
SSH Enabled - version 2.0
Authentication methods:publickey,keyboard-interactive,password
Authentication Publickey Algorithms:ssh-rsa,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,x509v3-ecdsa-sha2-nistp256,x509v3-ecdsa-sha2-nistp384,x509v3-ecdsa-sha2-nistp521,rsa-sha2-256,rsa-sha2-512,x509v3-rsa2048-sha256
Hostkey Algorithms:rsa-sha2-512,rsa-sha2-256,ssh-rsa
Encryption Algorithms:chacha20-poly1305@openssh.com,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-gcm,aes256-gcm,aes128-ctr,aes192-ctr,aes256-ctr
MAC Algorithms:hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com
KEX Algorithms:curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512
Authentication timeout: 120 secs; Authentication retries: 3
Minimum expected Diffie Hellman key size : 2048 bits
IOS Keys in SECSH format(ssh-rsa, base64 encoded): CLOUDM_PKEY
Modulus Size : 2048 bits
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCrtQ111wlzeTAnlhYY+y2RXvdMHdmvPYdMrWH/oWxl
1EhXBdJqtklu+Zkn6caEXSYJeU/h3fgdCBKWR0vtvTOseo956/NM41aRu05sfIbJKcEt1ZkSnIecYpie
/+xq+An9P2hGai1LwSF4PHiUjjjF+hit3UXuNhOd5Hf27HfG0mboK2e3Gc8ePD5dgUISN8byBwjFI+Mv
w5Jk+8bjCkpqj4/KwN/BWgQjXWXKlrmFb6H2z87sM9OMG/Yz9Jn0krNqKE44IC2xvGk9+NXHZafDH8qx
tAJynTsmEJSWPQmwl7jac2Fsg5fkmug2BYdDfcAxXjLBSYFfOpi06sVoWTD7

0 Helpful

huseyin
Level 1
Level 1
In response to huseyin

‎10-03-2024 03:44 AM

On Prime CLI Screen;

prime/admin# sho security-status

Open TCP Ports : 21 22 443 1522 8078 8080 8082 8087 9992 20830 61617
Open UDP Ports : 69 162 514 9991

FIPS Mode : disabled
SSH Legacy
Algorithms : enabled

TFTP Service : enabled
FTP Service : enabled

JMS port(61617) : enabled
Root Access : enabled

Certificate validation settings for pubnet
Cert check : enabled
OCSP check : disabled
Auto CA update : enabled

Certificate validation settings for system
Cert check : trust-on-first-use
OCSP check : disabled
Auto CA update : disabled

Certificate validation settings for devicemgmt
Cert check : enabled
OCSP check : disabled
Auto CA update : enabled

Certificate validation settings for user
Cert check : enabled
OCSP check : disabled
Auto CA update : disabled

Algorithm settings enabled for SSH service
KexAlgorithms : diffie-hellman-group16-sha512,diffie-hellman-group14-sha256,ecdh-sha2-nistp52
1,ecdh-sha2-nistp384,ecdh-sha2-nistp256,curve25519-sha256@libssh.org,diffie-hellman-group18-sha
512,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha256,diffie-hellman-group-excha
nge-sha1,diffie-hellman-group1-sha1
MACs : hmac-sha2-512,hmac-sha2-256,hmac-sha1
Ciphers : aes128-gcm@openssh.com,aes128-ctr,chacha20-poly1305@openssh.com,aes256-ctr,ae
s256-gcm@openssh.com,aes192-ctr,3des-cbc,aes128-cbc,aes256-cbc

TLS versions : TLSv1.2
TLS ciphers : tls-ecdhe-sha2,tls-static-sha2

Note : Shows currently configured values
Changes made after last system start if any,
will be effective after next restart

prime/admin#

0 Helpful
Customers Also Viewed These Support Documents