Guest

Preview Tool

Cisco Bug: CSCvu42893 - EPL: EPL dashboard is empty when NXAPI calls are dropped by ISE due to missing Remote IP

Last Modified

Jun 30, 2020

Products (1)

  • Cisco Data Center Network Manager

Known Affected Releases

11.4(0.313)

Description (partial)

Symptom:
Cisco Identity Service Engine (ISE) discovery accounts which are locked down is deployed along with policies that allow it to talk to only specific DCNM IP/subnet . This Cisco Identity Service Engine (ISE) settings  in conjunction with Cisco DCNM and the switches are running NXOS 9.3(4) or lower, the NXAPI calls to the switch from DCNM may fail. Therefore, if EPL is enabled with NXAPI, meta information (VRF Name, VLAN, Port) does not get collected or reflected in EPL dashboards.

Conditions:
This issue is seen when all of the following conditions hold:
(1) Cisco Identity Service Engine (ISE) should have a discovery account locked down. The discovery account is only permitted to send commands that originate from the DCNM server IP addresses
(2) Switches are running NXOS 9.3(4) or lower. 
(3)EPL is enabled with NXAPI
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.