Cisco Bug: CSCuw40406 - PI 3.0 does not properly push template for L3 WLAN to vWLC
Feb 24, 2018
- Cisco Prime Infrastructure
Known Affected Releases
Symptom: When Prime Infrastructure 3.0 attempts to push a WLAN template to vWLC for Layer 3 / Web Security the template fails on first attempt. SNMP set messages do not include an OID to enable WebSecurity. SNMP get messages are there requesting the values and vWLC returns SNMP get responses. The OID to enable a specific type of L3 security are present but since Web Security is not enabled the vWLC does not know how to react. The WLAN will be created but will have default 802.1x Layer 2 security settings. Conditions: Prime Infrastructure 3.0 vWLC version 126.96.36.199 Pushing a template for Layer 3 Web Security type Web Pass-thru from PI to the vWLC fails on initial attempt It is witnessed that upon initial attempt to push the WLAN template to the vWLC there is a failure where PI reports "SNMP operation to Device failed: Attempt to set conflicting attribute value" The WLAN is created on the vWLC but it remains with default L2 Security settings for 802.1x and is disabled. packet captures via tcpdump on PI show that the initial template push does an SNMP GET for the OID values listed below: Object bsnDot11EssWebSecurity OID 188.8.131.52.4.1.14184.108.40.206.1.29 Object bsnDot11EssWebPassthru OID 220.127.116.11.4.1.1418.104.22.168.1.39 The initial SNMP SET does not attempt to SET WebSecurity and therefore will fail when attempting to SET WebPassthru.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases