03-19-2024 02:28 AM
Hi
I'm trying a very simple LAN Automation test where I have one Border manually configured and discovered which I am then going to use as a seed device for my second Border. When I start the LAN automation process the second Border upgraded to my Golden image. It then carries on with the LAN automation process. The new device gets its IP address and option 43 from the seed device just fine.
Acquired IPv4 address 198.18.0.6 on Interface Vlan1
Received following DHCPv4 options:
vendor : 5A1D;B2;K4;Ixxx.xxx.xxx.xxx;J80;
I get a successful hello on port 80
PnP Discovery done successfully (PnP-DHCP-IPv4) profile (pnp-zero-touch) via (http://xxx.xxx.xxx.xxx:80/pnp/HELLO)
After a short time I then see
%PNP-6-PNP_BACKOFF_NOW: PnP Backoff now for (169200) seconds requested (1/3) by (profile=pnp-zero-touch, ip=xxx.xxx.xxx.xxx, port=443)
So it seems to switch to port 443 and starts an extremely long backoff timer. If I do a capture on the seed device I do see a conversation going on between my device and DNAC on 443.
After this the LAN automation never succeeds.
I waited overnight and still the same so I then looked in some logs on the new device and this jumps out to me
%PNPA-MONITOR: 990 _pmpjne.don: watch_id=[-], pmen_type=[pnp-server-unreachable], pmew_type=[pnp-server-tracking], notified: by=[profile=pnp-zero-touch, ip=xxx.xxx.xxx.xxx, port=443], at=[08:50:48 UTC Tue Mar 19 2024], reason=[pnp-zero-touch], progress=-1%
However, I can ping my DNAC and do a telnet test to both port 80 and 443 successfully. But the logs just keep saying pnp-server-unreachable.
Has anyone seen this before?
Kev.
Solved! Go to Solution.
03-19-2024 03:03 AM
Can you see the device under PNP?
03-19-2024 03:03 AM
Can you see the device under PNP?
03-19-2024 07:22 AM
The device was in PnP. I deleted the device and ensured it was also not in the inventory. I then restarted the LAN Automation process and the device is working now.
I have to say the error info was pretty confusing implying the device couldn't reach the DNAC. I think Cisco need to do some work on their error reporting.
Thanks for your reply, Kev.
03-19-2024 07:39 AM
Great that you got it working!
I agree, DNAC/Catalyst Center error messages are some times less than useful...
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide