cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
975
Views
0
Helpful
4
Replies

Add MSE on Switch 3850

Alejandro.Angon
Level 1
Level 1

Hi,

Does any body knows where to add the MSE key has on a Switch 3850, on WLC the command is 

 

config auth-list add lbs-ssc <MSE Ethernet MAC> <MSE key hash> 

 

thaks for your help.

 

1 Accepted Solution

Accepted Solutions
4 Replies 4

Hi Manannalage ras,

I have read your post and perform the commands to enable NMSP on the swich, now I can see the switch as ccontroller on Prime and assign it, thanks for your help

Saurav Lodh
Level 7
Level 7

tep 1
Login into MSE via ssh connection or via a console connection.
Step 2
Issue the commands:
[root@cmxmse ~]# cmdshell -- Issue this command to get into cmdshell
cmd> show server-auth-info - Issue this command to get auth info for the MSE
invoke command: com.aes.server.cli.CmdGetServerAuthInfo
AesLog queue high mark: 50000
AesLog queue low mark: 500
----------------
Server Auth Info
----------------
MAC Address: 00:0c:29:b1:f5:a8 - Note the MAC address
SHA1 Key Hash: ee68b5062b4181f68d5dd489db2bfcf5637b5eff
SHA2 Key Hash: ec7ebc55bbef366332da70e995f2c073bc7cfaf4cb6d845336adfc67ce961644 -- Make a
note of this key to be used later
Certificate Type: SSC
cmd> config unauthenticated-nmsp true - Enable Un-authenticated NSMP connection.
invoke command: com.aes.server.cli.CmdSetServerConfigParameter
E-2
Cisco Connected Mobile Experiences (CMX) CVD
Appendix E CMX Troubleshooting
Aspect Ratio Issues while Creating Maps
Parameter unauthenticated-nmsp was successfully modified
Step 3
Login into the WLC via SSH or Console shell and invoke the commands:
(Cisco Controller) >config auth-list add sha256-lbs-ssc <MAC ADDRESS> <KEY HASH>
MAC ADDRESS and KEY HASH are derived from Step 2.
Step 4
Verify that MSE has been manually added on the
WLC and the NSMP connections are up between the
two. Invoke the following commands on WLC:
(Cisco Controller) >show auth-list - Shows the manually added MSE to WLC
Authorize MIC APs against Auth-list or AAA ...... disabled
Authorize LSC APs against Auth-List ............. disabled
APs Allowed to Join
AP with Manufacturing Installed Certificate.... yes
AP with Self-Signed Certificate................ yes
AP with Locally Significant Certificate........ yes
Mac Addr Cert Type Key Hash
----------------------- ---------- ------------------------------------------
00:0c:29:b1:f5:a8 LBS-SSC-SHA256
ec7ebc55bbef366332da70e995f2c073bc7cfaf4cb6d845336adfc67ce961644
(Cisco Controller) >show nmsp status - Shows NSMP status
MSE IP Address Tx Echo Resp Rx Echo Req Tx Data Rx Data
-------------- ------------ ----------- ------- -------
<MSE IP > 75779 75779 210547 12

Hi Salodh,

The method you described applicable only to AireOS controllers. So 3850/5760 it is little bit different. I have done a post to cover both scenarios. See below.

http://mrncciew.com/2014/09/25/what-is-nmsp/

HTH

Rasika

**** Pls rate all useful responses ****

 

Review Cisco Networking for a $25 gift card