Verify which VLAN or SGT is assigned to the switchport. The VLAN or SGT can be assigned and verified as follows.
Description of the issue
The VLAN or the SGT is not applied to the packets originating from a client connected to a particular physical interface.
The VLAN or SGT is not correctly configured for the physical interface.
CTS environment data is not downloaded at the fabric edge.
SVI (Switch Virtual Interface) is not created for the IP pool that is configured in Cisco DNA Center for the physical interface.
Use the following commands and verify whether thee VLAN or SGT is pushed properly to the fabric edges.
VLAN and SGT verification
Run the following command and check to ensure that the VLAN has been created for the IP pool.
show vlan br
Specify the VLAN ID obtained from the previous step, and run the following command.
show run int vlan <VLAN ID>
Run the following command:
sh run int <physical interface where client is connected>
The output of the command should show the following configuration:
'switchport access vlan <VLAN ID>
policy static sgt <SGT ID>
Following is a sample VLAN and SGT configuration verification.
3850_FE_1#sh run int gigl/0/13 Building configuration... Current configuration : 257 bytes ! interface GigabitEtherenet1/0/13 switchport access vlan 1021 switchport mode access device-tracking attach-policy IPDT_MAX_10 load-interval 30 cts manual policy static sgt 4 no propagate sgt no macro auto processing spanning-tree portfast end
For VLAN configuration errors
In the case of VLAN configuration errors, you do not find thee VLAN ID in the output of the verification command. Check the provisioning status of the fabric edge on the Cisco DNA Center Provision page.
If the provisioning status indicates a failure, then open . TAC case to further troubleshoot the issue.
For SGT configuration errors
In the case of an SGT configuration error, you do not find the SGT ID in the output of the verification command. If the SGT is not configured correctly, then complete the following steps:
Verify whether all AAA servers are UP, using the following command:
sh aaa servers
In the output of the command, thee status of all AAA servers should be UP.
Verify whether the CTS environment data is downloaded to the Switch, using the following command.
sh cts environment-data
Open a TAC case and provide the status of the AAA servers and mention whether the CTS environment data is downloaded to the Switch to enable further troubleshooting.
*Jul 17 10:31:35.615: %FABRIC-5-FABRIC_MODULE_BACKUP: The Switch Fabric Module in slot 4 became standby*Jul 17 10:31:42.439: %OIR-6-PWRFAILURE: Module 5 is being disabled due to power convertor failure. PMB registers are dumped as follows, R0= 0x0, R1= 0x...
Hi, I read an article about the vtpv3 :https://www.cisco.com/c/en/us/products/collateral/switches/catalyst-6500-series-switches/solution_guide_c78_508010.htmlIn it is stated that one of the advantages of vtp v3 is that : • Protection from uninte...
Hi,I am looking for complete step by step upgradation commands for Cisco WS-C4503-E switches in VSS, as we have a scheduled activity next week for IOS upgradation. Currently Cisco 4503 is running on 03.07.03.E Version, please let me know the latest s...
Hi all Is there any way DNAC can pull detailed reports on the radio types of the clients connected to it, ie, 802.11ac vs 802.11n. Doing it via scripting hasnt really worked out and i was hoping that DNAC held this information somewhere. I...
We have two 24 port 3850 switches stacked. Now CPU processing of the stack is very high and it causes the packet loss. Cisco shows fed (PunjectRx and Xcvr) process is mostly consuming the CPU. See the attached process output. Is there any solutions t...