Re: Cisco DNA - WLC HA error

AK002 · ‎03-08-2021

Hi Team,

With two Cisco WLC’s added to Cisco DNA, Both WLC’s read as reachable / Managed & compliant. But every time we configure them as a HA pair the WLC always displays as Non-Compliant within DNA. How can we make the HA configuration compliant.

Error message attached.

marce1000 · ‎03-08-2021

- Check controller(s) versus DNA compatibility info's here :

https://www.cisco.com/c/dam/en/us/td/docs/cloud-systems-management/network-automation-and-management/dna-center/2-1-2/supported_devices/Cisco_DNA_Center_2_1_2_0-Supported-Devices.xlsx

Also pay attention to the required software versions mentioned per device

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

balaji.bandi · ‎03-08-2021

What WLC controller model and what Code it running.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

AK002 · ‎03-09-2021

Hello,

Below are the versions.

DNA System version 1.5.255 & Cisco WLC 9800-CL version 17.4.1.

After configuring HA from DNAC the WLC seems complilant for few minutes but after the compliance check it went on to the Non-Compilant state.

From WLC side HA config seems fine and HA formed sucessfully with all the config pushed by DNAC.

Regards,
AK

AK002 · ‎03-09-2021

Any help on this, Please help if someone overcome on this.

Regards,

Arun

balaji.bandi · ‎03-09-2021

The screenshot not help much to figure out what went wrong : ( you need to provide the WLC information on DNAC)

WLC # show wireless fabric summary - give you some information.

look at the video may help you -

https://www.youtube.com/watch?v=yhryDaFBaDk

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

AK002 · ‎03-10-2021

Hello,

I followed the video already and Provisioned the HA from DNA to the WLC but it became Non-Compilant after few minutes.

vWLC#Show wireless fabric summary

Fabric Status : Disabled

Control-plane:
Name IP-address Key Status
--------------------------------------------------------------------------------------------

vWLC#

Regards,AK

balaji.bandi · ‎03-10-2021

Thank you for the input, Time for TAC and investigate and help you, under the hood of DNAC?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Rich R · ‎03-09-2021

So I guess you decided to ignore @marce1000 advice?

Anyway you do need to check supported versions. I don't see any mention of DNA Center 1.5.255 but the 2.1.2.5 release notes https://www.cisco.com/c/en/us/td/docs/cloud-systems-management/network-automation-and-management/dna-center/2-1-2/release_notes/b_cisco_dna_center_rn_2_1_2.html#id_80742 show system module 1.5.255 so I guess you're using v2.1.2.5?

Anyway the compatibility spreadsheet @marce1000 pointed you to and https://www.cisco.com/c/dam/en/us/td/docs/Website/enterprise/sda_compatibility_matrix/index.html have the required info. The latest supported (and recommended) version of IOS-XE on 9800 is 17.3.2a so 17.4.1 is not supported. So you're on your own - unsupported means it's untested or they've tested it and can't support it because it's broken.

You should also refer to the open bugs in the release notes https://www.cisco.com/c/en/us/td/docs/cloud-systems-management/network-automation-and-management/dna-center/2-1-2/release_notes/b_cisco_dna_center_rn_2_1_2.html#Cisco_Reference.dita_f84af2d3-e1d5-4891-a917-9098f7156907

If you're running a supported version and encounter a problem which isn't already a known bug then you'll need to open a TAC case, TAC will then raise a bug for it and it will (hopefully depending on severity) get fixed in a future release. That's how these things work. They're both new products evolving rapidly so you can always expect some bugs when using the latest releases.

------------------------------
Please click Helpful if this post helped you and Select as Solution (drop down menu at top right of this reply) if this answered your query.
------------------------------
TAC recommended codes for AireOS WLC's and TAC recommended codes for 9800 WLC's
Best Practices for AireOS WLC's, Best Practices for 9800 WLC's and Cisco Wireless compatibility matrix
Check your 9800 WLC config with Wireless Config Analyzer using "show tech wireless" output or "config paging disable" then "show run-config" output on AireOS and use Wireless Debug Analyzer to analyze your WLC client debugs
Field Notice: FN63942 APs and WLCs Fail to Create CAPWAP Connections Due to Certificate Expiration
Field Notice: FN72424 Later Versions of WiFi 6 APs Fail to Join WLC - Software Upgrade Required
Field Notice: FN72524 IOS APs stuck in downloading state after 4 Dec 2022 due to Certificate Expired
- Fixed in 8.10.196.0, latest 9800 releases, 8.5.182.12 (8.5.182.13 for 3504) and 8.5.182.109 (IRCM, 8.5.182.111 for 3504)
Field Notice: FN70479 AP Fails to Join or Joins with 1 Radio due to Country Mismatch, RMA needed
How to avoid boot loop due to corrupted image on Wave 2 and Catalyst 11ax Access Points (CSCvx32806)
Field Notice: FN74035 - Wave2 APs DFS May Not Detect Radar After Channel Availability Check Time
Leo's list of bugs affecting 2800/3800/4800/1560 APs
Default AP console baud rate from 17.12.x is 115200 - introduced by CSCwe88390

AK002 · ‎03-10-2021

1. Yes DNAC will be running using v2.1.2.5 version.
2. We have seen the same issue on version 16.12.4a & 17.3.2a of the WLC as well during our testing.

3. I could see a bug for 2.1.3 version but not sure they referes WLC HA or DNAC HA.

May be as you said this can be esclated to TAC due to the latest codes and releases.

Many thanks for your help.