Re: Cisco DNA - WLC HA error

AK002 · ‎03-08-2021

Hi Team,

With two Cisco WLC’s added to Cisco DNA, Both WLC’s read as reachable / Managed & compliant. But every time we configure them as a HA pair the WLC always displays as Non-Compliant within DNA. How can we make the HA configuration compliant.

Error message attached.

marce1000 · ‎03-08-2021

- Check controller(s) versus DNA compatibility info's here :

https://www.cisco.com/c/dam/en/us/td/docs/cloud-systems-management/network-automation-and-management/dna-center/2-1-2/supported_devices/Cisco_DNA_Center_2_1_2_0-Supported-Devices.xlsx

Also pay attention to the required software versions mentioned per device

M.

-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !

balaji.bandi · ‎03-08-2021

What WLC controller model and what Code it running.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

AK002 · ‎03-09-2021

Hello,

Below are the versions.

DNA System version 1.5.255 & Cisco WLC 9800-CL version 17.4.1.

After configuring HA from DNAC the WLC seems complilant for few minutes but after the compliance check it went on to the Non-Compilant state.

From WLC side HA config seems fine and HA formed sucessfully with all the config pushed by DNAC.

Regards,
AK

AK002 · ‎03-09-2021

Any help on this, Please help if someone overcome on this.

Regards,

Arun

balaji.bandi · ‎03-09-2021

The screenshot not help much to figure out what went wrong : ( you need to provide the WLC information on DNAC)

WLC # show wireless fabric summary - give you some information.

look at the video may help you -

https://www.youtube.com/watch?v=yhryDaFBaDk

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

AK002 · ‎03-10-2021

Hello,

I followed the video already and Provisioned the HA from DNA to the WLC but it became Non-Compilant after few minutes.

vWLC#Show wireless fabric summary

Fabric Status : Disabled

Control-plane:
Name IP-address Key Status
--------------------------------------------------------------------------------------------

vWLC#

Regards,AK

balaji.bandi · ‎03-10-2021

Thank you for the input, Time for TAC and investigate and help you, under the hood of DNAC?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Rich R · ‎03-09-2021

So I guess you decided to ignore @marce1000 advice?

Anyway you do need to check supported versions. I don't see any mention of DNA Center 1.5.255 but the 2.1.2.5 release notes https://www.cisco.com/c/en/us/td/docs/cloud-systems-management/network-automation-and-management/dna-center/2-1-2/release_notes/b_cisco_dna_center_rn_2_1_2.html#id_80742 show system module 1.5.255 so I guess you're using v2.1.2.5?

Anyway the compatibility spreadsheet @marce1000 pointed you to and https://www.cisco.com/c/dam/en/us/td/docs/Website/enterprise/sda_compatibility_matrix/index.html have the required info. The latest supported (and recommended) version of IOS-XE on 9800 is 17.3.2a so 17.4.1 is not supported. So you're on your own - unsupported means it's untested or they've tested it and can't support it because it's broken.

You should also refer to the open bugs in the release notes https://www.cisco.com/c/en/us/td/docs/cloud-systems-management/network-automation-and-management/dna-center/2-1-2/release_notes/b_cisco_dna_center_rn_2_1_2.html#Cisco_Reference.dita_f84af2d3-e1d5-4891-a917-9098f7156907

If you're running a supported version and encounter a problem which isn't already a known bug then you'll need to open a TAC case, TAC will then raise a bug for it and it will (hopefully depending on severity) get fixed in a future release. That's how these things work. They're both new products evolving rapidly so you can always expect some bugs when using the latest releases.

------------------------------
TAC recommended codes for AireOS WLC's   and   TAC recommended codes for 9800 WLC's
Best Practices for AireOS WLC's   and   Best Practices for 9800 WLC's
Cisco Wireless compatibility matrix
Field Notice: FN-63942 APs and WLCs Fail to Create CAPWAP Connections Due to Certificate Expiration
Field Notice: FN-72424 Later Versions of WiFi 6 APs Fail to Join WLC - Software Upgrade Required
Field Notice: FN-72524 - During Software Upgrade/Downgrade IOS APs Might Remain in Downloading State
     after 4 Dec 2022 Due to Certificate Expiration - Fixed in 8.10.185.3 and latest 9800 IOS-XE releases
     also fixed in 8.5.182.11 (8.5 mainline) and 8.5.182.108 (8.5 IRCM) if you can't upgrade to 8.10
     TAC confirmed that Mobility Express AP TFTP download is not affected so ME 8.5.182.0 still works but see FN-74035 below
Field Notice: FN-70479 Out-Of-The-Box AP Fails to Join WLC or Joins with Single Radio due to Country Mismatch - RMA required
How to avoid boot loop due to corrupted image on Wave 2 and Catalyst 11ax Access Points (CSCvx32806)
Field Notice: FN-74035 - Wave2 APs DFS May Not Detect Radar After Channel Availability Check Time
     fixed in 8.10.185.3 and see the field notice for 8.5, Mobility Express and other fixed releases
Check your WLC config with Wireless Config Analyzer using "show tech wireless" output (9800) or "config paging disable" then "show run-config" output (AireOS) and use Wireless Debug Analyzer to analyze your WLC client debugs
Leo Laohoo's list of bugs affecting 2800/3800/4800/1560 APs

AK002 · ‎03-10-2021

1. Yes DNAC will be running using v2.1.2.5 version.
2. We have seen the same issue on version 16.12.4a & 17.3.2a of the WLC as well during our testing.

3. I could see a bug for 2.1.3 version but not sure they referes WLC HA or DNAC HA.

May be as you said this can be esclated to TAC due to the latest codes and releases.

Many thanks for your help.