07-17-2017 12:06 AM - edited 03-08-2019 11:20 AM
I've recently configured APIC-EM with a view to use PNP for auto deployment of our switches.
I've got the switch working with a DHCP address and have both the DNS pnpserver.fqdn entry and also the option 43 string 5A1N;B2;K5;I10.170.37.31;J443 configured but it doesn't even look like the switch is attempting to find the APIC server. See below boot messages. The switch is running 12.0(2)EX5 and from the Cisco supported devices for APIC this version of code is supported.
Can anyone help me with getting this working?
Any help would be much appreciated.
Thanks
Jon
*Mar 1 00:00:23.911: Read env variable - LICENSE_BOOT_LEVEL =
Mar 30 01:27:38.150: %IOS_LICENSE_IMAGE_APPLICATION-6-LICENSE_LEVEL: Module name = c2960x_lanbase Next reboot level = lanbase and License = lanbase
Jul 14 14:59:11.275: in Switch 0. Cannot read pid from Flexstack module
Jul 14 15:00:13.655: %STACKMGR-4-SWITCH_ADDED: Switch 1 has been ADDED to the stack
Jul 14 15:00:14.836: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to down
Jul 14 15:00:14.938: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0, changed state to down
Jul 14 15:00:17.280: %SPANTREE-5-EXTENDED_SYSID: Extended SysId enabled for type vlan
Jul 14 15:00:39.268: %STACKMGR-5-SWITCH_READY: Switch 1 is READY
Jul 14 15:00:39.268: %STACKMGR-4-STACK_LINK_CHANGE: Stack Port 1 Switch 1 has changed to state DOWN
Jul 14 15:00:39.268: %STACKMGR-4-STACK_LINK_CHANGE: Stack Port 2 Switch 1 has changed to state DOWN
Jul 14 15:00:40.936: %USB_CONSOLE-6-MEDIA_RJ45: Console media-type is RJ45.
Jul 14 15:00:40.967: %STACKMGR-5-MASTER_READY: Master Switch 1 is READY
Jul 14 15:00:41.449: %SYS-5-RESTART: System restarted --
Cisco IOS Software, C2960X Software (C2960X-UNIVERSALK9-M), Version 15.0(2)EX5, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2014 by Cisco Systems, Inc.
Compiled Fri 21-Feb-14 05:54 by prod_rel_team
Jul 14 15:00:42.973: %LINK-3-UPDOWN: Interface FastEthernet0, changed state to down
Jul 14 15:01:03.228: %LINK-3-UPDOWN: Interface GigabitEthernet1/0/49, changed state to up
Jul 14 15:01:04.231: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/49, changed state to up
Jul 14 15:01:31.246: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to up got vend id vend spec. info ret: succeed
Jul 14 15:03:49.218: AUTOINSTALL: Obtain siaddr 10.170.37.23 (as config server)
%Error opening tftp://10.170.37.23/network-confg (Timed out)
%Error opening tftp://10.170.37.23/cisconet.cfg (Timed out)
%Error opening tftp://10.170.37.23/router-confg (Timed out)
%Error opening tftp://10.170.37.23/ciscortr.cfg (Timed out)
%Error opening tftp://10.170.37.23/network-confg (Timed out)
%Error opening tftp://10.170.37.23/cisconet.cfg (Timed out)
%Error opening tftp://10.170.37.23/router-confg (Timed out)
%Error opening tftp://10.170.37.23/ciscortr.cfg (Timed out)
%Error opening tftp://10.170.37.23/network-confg (Timed out)
%Error opening tftp://10.170.37.23/cisconet.cfg (Timed out)
%Error opening tftp://10.170.37.23/router-confg (Timed out)
%Error opening tftp://10.170.37.23/ciscortr.cfg (Timed out)
%Error opening tftp://255.255.255.255/network-confg (Timed out)
%Error opening tftp://255.255.255.255/cisconet.cfg (Timed out)
%Error opening tftp://255.255.255.255/router-confg (Timed out)
%Error opening tftp://255.255.255.255/ciscortr.cfg (Timed out)
%Error opening tftp://255.255.255.255/network-confg (Timed out)
%Error opening tftp://255.255.255.255/cisconet.cfg (Timed out)
%Error opening tftp://255.255.255.255/router-confg (Timed out)
%Error opening tftp://255.255.255.255/ciscortr.cfg (Timed out)
%Error opening tftp://255.255.255.255/network-confg (Timed out)
%Error opening tftp://255.255.255.255/cisconet.cfg (Timed out)
%Error opening tftp://255.255.255.255/router-confg (Timed out)
%Error opening tftp://255.255.255.255/ciscortr.cfg (Timed out)
12-06-2017 04:24 AM - edited 12-06-2017 04:25 AM
Take a loot into the solution guide - https://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Plug-and-Play/solution/guidexml/b_pnp-solution-guide.html
"use the trustpool security feature, a valid certificate from a well-known certificate authority (CA) must be installed on the APIC-EM controller. The default self-signed certificate does not allow the use of trustpool security. Additionally, the DHCP option 43 string must be configured with the HTTPS transport option (K5); for details, see Configuring DHCP for APIC-EM Controller Auto-Discovery."
Took me 2 hours :-(
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide