cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
6498
Views
30
Helpful
22
Replies

issues with WLC 9800-CL smart license

nporcelli
Level 1
Level 1

Hello community,

I am having lots of trouble with the licenses on a new 9800-CL version 17.6.3, this is the first time I am dealing with this device.

First the license page on the weui is not loading, snapshot attached.

Second I have the customer licenses loaded to the portal and associated to their on-prem SSM. I tried to configure the WLC to register to the on-prem but it seems not to be working, I followed the info from the following document

 

"Configure & Troubleshoot Catalyst 9800 WLC Licensing with Smart Licensing Using Policy (SLUP)"

 

I also attached the output from the following command to show the main config and the License status/logs.

I tested communication on port 443 to the on-prem and it looks ok (in the txt file).

I tried both smart transport method :

 

license smart transport smart

license smart transport cslu

 

on the on-prem I cannot see any registration attempts 

 

anyone having similar problems?

thanks

 

Nicola

 

22 Replies 22

marce1000
VIP
VIP

 

 - Could you run (CLI/SSH) show tech wireless and have the output analyzed by : https://cway.cisco.com/tools/WirelessAnalyzer/ , check if anything comes up related to network configuration and or your licensing issues.

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

nporcelli
Level 1
Level 1

thanks for the info, did not know that tool. I tried but the tool is not giving me any report at all as if it was ignoring the input

attached the file I used

 

Nicola

 

marce1000
VIP
VIP

 - Remember that for https://cway.cisco.com/tools/WirelessAnalyzer/ , it needs the output from show tech wireless not simply show tech neither show license tech

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

nporcelli
Level 1
Level 1

silly me, thanks Marce1000, this time I got many messages, I will go through them and see if there is anything useful for this issue.

 

 

nporcelli
Level 1
Level 1

hello, I run the tool and from the results it does not seem to be any network or license configuration issue. can anyone confirm the configuration I am using is correct?

 

thanks

Nicola

 

Can you check something? 

 

Your call home is configured with "destination transport-method http" but you tested on port 443. 

Can you test on port 80 or change the "destination transport-method http" "to destination transport-method https" ?

 

SWRN22WLC01#show run | section call-home
call-home
! If contact email address in call-home is configured as sch-smart-licensing@cisco.com
! the email address configured in Cisco Smart License Portal will be used as contact email address to send SCH notifications.
contact-email-addr sch-smart-licensing@cisco.com
profile "CiscoTAC-1"
active
destination transport-method http
SWRN22WLC01#
SWRN22WLC01#
SWRN22WLC01#
SWRN22WLC01#telnet 11.11.11.13 443
Trying 11.11.11.13, 443 ... Open

[Connection to 11.11.11.13 closed by foreign host]
SWRN22WLC01#

nporcelli
Level 1
Level 1

Thanks for your input Flavio, 

 

but I have one question, there are several license smart transport types: 

 

SWRN22WLC01(config)#license smart transport ?
automatic             Use default transport type.
callhome              Use the Callhome as transport.
cslu                      All future communication will use cslu url.
off                        Disable all communication from Smart Agent.
smart                   Use the Smart Transport.

 

the document I am following says to set type clsu, which I have tried, I also tried Smart as transport method.

https://www.cisco.com/c/en/us/support/docs/wireless/catalyst-9800-series-wireless-controllers/217348-configure-troubleshoot-catalyst-9800-w.html

 

But my understanding is that the 9800 should not use the call-home method if the transport call-home is not configured. am I wrong? also I have used the call-home method with other devices and in that case I have had to configure a profile different from the default to use the on-prem  server, because the default profile would try to connect to CSSM through the Internet and this device does not have access to the internet, so it cannot communicate directly with CSSM. 

am I getting this wrong?

 

Nicola

 

 

Seems right to me as well. If the device is not connected to the internet then you need to use the option with on-prim. The method you should use is callhome. 

 I had some problems with callhome and on-prime server with switches and this WLC is basially a switch.  But most of problem I had was on the server side cause the device site there´s not much we can setup.

 

marce1000
VIP
VIP

 

      - Possible bughttps://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv40929 , you may want to contact TAC to further work on this.

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

nporcelli
Level 1
Level 1

thanks, guys, I think I will contact TAC and see what they say, will post their solution once I have one.

 

Nicola

 

Rich R
VIP
VIP

I'll be interested to hear what TAC say.

We abandoned on-prem server because it was taking more than a year to support features already released in IOS (they only seem to think about on-prem after releasing each new version of IOS instead of developing them in tandem for simultaneous release).  We wasted a lot of time getting on-prem set up (to meet security requirements) and then were forced to switch to direct CSSM access to be able to actually use the products (which security acknowledged was unavoidable)! 

Presume you've configured trustpoint and revocation-check none as per the doc you linked above?

tfrechette
Level 1
Level 1

I'm having the same issue on 17.6.3 with the licensing page not loading on the WUI. Did you ever get a resolution for this?

 

The CLI info for licensing seems fine. Thanks.

No.

 

I also raised a ticket with TAC but the engineer told me he could not recreate the issue in lab.

Eventually I had to downgrade to version 17.3.5a, because I had other issues with WebAuth and this was not working with version 17.6.3. so I did not go any further with it. license works fine on 17.3.5a

 

 

 

 

Same issue, 9800-80 

Licensing and webauth working in 17.3.5a after downgrade from 17.6.3

Review Cisco Networking for a $25 gift card