10-31-2019 06:39 AM - edited 07-05-2021 11:13 AM
Hi community,
After setting up my 3-node DNAC cluster, I discovered my newly installed Catalyst 9800 to provision them, but the status column returns "ERROR-NETCONF-CONNECTION-PORT-MISSING".
All the credentials are right, CLI, SNMPv3, SNMPv2 and also Netconf is enabled for discovery (default port 830), and enabled in the controller (Device(config)# netconf-yang). No firewall is between DNAC and c9800 so traffic is going straight through.
Any solution?
Device(config)# show platform software yang-management process
confd : Running
nesd : Running
syncfd : Running
ncsshd : Running
dmiauthd : Running
nginx : Running
ndbmand : Running
pubd : Running
gnmib : Not Running
Solved! Go to Solution.
11-26-2019 10:16 AM
Good new ! :-)
thats weird you had to do this anyway...
you didn’t have to create a new certificate through crypto pki command ?
Alex
11-26-2019 12:47 PM
Nope, but i removed all existing certs. DNAC add the certificates first before it attempt to do netconf.
09-24-2020 04:28 AM
I found correcting this on the WLC was the easiest method - also, within ISE, ensure your WLC has Priv 15.
06-03-2021 06:20 AM
Due to an omission of a Device License for our SD Access Lab ISE VM I have had to change from TACACS+ to RADIUS Authentication. I did this and reprovisioned the Catalyst 9300's and 9800 controller, however hit this issue with Netconf access not working. After some debugging and looking at the ISE logs I discovered that for a netconf login over TCP/830 the RADIUS request doesn't include the NAS-PORT-TYPE attribute which we are using in the ISE policy to push 'priv-lvl=15' to the devices. It does however send the attribute 'service-type=Outbound' so I have added this to the Authorisation policy and it now works as it did with TACACS+.
11-04-2022 02:23 AM
Make sure you have these two configs in your switch :
aaa authentication login default local
aaa authorization exec default local
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide