Preview Tool

Cisco Bug: CSCuw40406 - PI 3.0 does not properly push template for L3 WLAN to vWLC

Last Modified

Feb 24, 2018

Products (1)

  • Cisco Prime Infrastructure

Known Affected Releases


Description (partial)

When Prime Infrastructure 3.0 attempts to push a WLAN template to vWLC for Layer 3 / Web Security the template fails on first attempt.  SNMP set messages do not include an OID to enable WebSecurity.  SNMP get messages are there requesting the values and vWLC returns SNMP get responses.  The OID to enable a specific type of L3 security are present but since Web Security is not enabled the vWLC does not know how to react.  The WLAN will be created but will have default 802.1x Layer 2 security settings.

Prime Infrastructure 3.0
vWLC version
Pushing a template for Layer 3 Web Security type Web Pass-thru from PI to the vWLC fails on initial attempt

It is witnessed that upon initial attempt to push the WLAN template to the vWLC there is a failure where PI reports "SNMP operation to Device failed: Attempt to set conflicting attribute value"

The WLAN is created on the vWLC but it remains with default L2 Security settings for 802.1x and is disabled.  packet captures via tcpdump on PI show that the initial template push does an SNMP GET for the OID values listed below:

Object	bsnDot11EssWebSecurity

Object	bsnDot11EssWebPassthru

The initial SNMP SET does not attempt to SET WebSecurity and therefore will fail when attempting to SET WebPassthru.
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.