10-21-2020 09:34 AM - edited 07-05-2021 12:41 PM
Hi,
I am attempting to create a WMI on c9800 controller. I had used the pre-installed MIC (CISCO_IDEVID_SUDI) on 16.10.1 but upon upgrading to 16.12.4s, I am now unable to use this trustpoint.
Via the Gui, I no longer have a list of trustpoints to select from even though they are still present under PKI management.
Via the CLI, attempting to configure with "wireless management trustpoint" command, I receive the following output:
% switch-1:dbm:wireless:Default Cisco SUDI trustpoint name is not allowed
Also, does it matter whether I create a SSC or use the MIC. What's the difference?
Could anyone assist? Any help is appreciated.
10-21-2020 01:00 PM - edited 10-21-2020 11:12 PM
See Grendizer answer below
10-21-2020 01:20 PM
Check the 9800 best practices doc, https://www.cisco.com/c/en/us/products/collateral/wireless/catalyst-9800-series-wireless-controllers/guide-c07-743627.html in it, you will see you need to use:
c9800(config)#no wireless management trustpoint
c9800(config)#wireless management trustpoint CISCO_IDEVID_SUDI
10-22-2020 01:58 AM
Thanks for your replies.
I actually found what seems to be a bug - CSCvr03501 - On 9800-40/-80/-L GUI, wireless mgmt interface should only list non-default LSC in cert menu
Appears the option should be blank as MICs are used a default. If i go to Monitoring --> System --> Wireless Interface then it informs I'm using CISCO_IDEVID_SUDI
Adding this info just in case anyone else needs some answers.
Yet to adopt an AP to ensure it does work.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide