Hi
I want to convert Cisco Catalyst 9300 to Meraki management.
But i get this error when i try to do: service meraki register
Switch#service meraki register
Starting to register switch 1
Converting catalyst.meraki.com to 209.206.49.184
Successfully connect to Meraki Dashboard
resp_msg len: 439
Error: Received failed respose from Meraki Dashboard!!!
(Message Response: HTTP/1.1 400 Bad Request
title 400 No required SSL certificate was sent /title
Failed to register switch 1
And i can ping: dashboard.meraki.com
Switch(config)#do ping dashboard.meraki.com
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 209.206.49.184, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 160/160/162 ms
KR Christian Josiassen
I think you cannot manage it yet, just monitor.
The error says the meraki dashboard did not provide a certificate for your TLS session.
I guess this is a case for support!
Please let us know how that went!
Hi GldenJoe
I have a case with Meraki, but the supporter just said that the Development Engineering team is looking on it, it has been 3 weeks now.
KR Christian Josiassen
The certificate error seems like an odd one.
Double check your pre-requisites (firmware version etc).
I'd also check if the upstream firewall is performing SSL inspection/proxy services. If it is, disable it for that rule:
HTTPS proxy servers that modify the certificate in transit are not currently supported
Is it running a support version of IOS-XE? If not - it doesn't work. Try using 17.9.3 or better.
IMHO, you should consider "management" a beta feature at this stage. It is much safer to just use Meraki to perform the monitoring.
Hi
I know it's a pretty new feature, but i want to try it.
It's running IOS-XE 17.11.1:
Switch#sh meraki compatibility
===========================================================================================
Compatibility Check Status
-------------------------------------------------------------------------------------------
Boot Mode INSTALL - Compatible
----------------------------------------------------------------------------------------------
Switch# SKU Bootloader Version Network Modules
----------------------------------------------------------------------------------------------
1 C9300-48P - Compatible 17.11.1r[FC1] - Compatible C9300-NM-8X - Compatible
----------------------------------------------------------------------------------------------------------------------
Compatible SKUs: C9300-24P, C9300-24T, C9300-24U, C9300-24UX, C9300-48P, C9300-48T, C9300-48U, C9300-48UN, C9300-48UXM
Compatible NMs : C3850-NM-2-40G, C3850-NM-4-10G, C3850-NM-8-10G, C9300-NM-2Q, C9300-NM-8X, MA-MOD-2X40G, MA-MOD-4X10G,
MA-MOD-8X10G
----------------------------------------------------------------------------------------------------------------------
I have also factory reseted it and now i get this error when i try to register it:
Switch#service meraki register
% Health Check Warning: Uptime is less than 15 minutes.
% Are you sure you want to continue? [no]: yes
Starting to register switch 1
ip http client source-interface is not configured
Failed to register switch 1
KR Christian Josiassen
Because you can have multiple IP interfaces on a switch you have to tell it what interface to use to reach for an http service. So if you have a vlan interface that is meant to reach the internet you can add it as your ip http client source-interface by using the command that is in the error message.
Let's say you are using vlan 20 as your management interface to reach the internet.
interface vlan 20
no shutdown
ip address 10.1.0.20 255.255.255.0
ip route 0.0.0.0 0.0.0.0 10.1.0.1
ip name-server 8.8.8.8
ip http client source-interface vlan 20
Edit: this example is using a fixed address, however a dhcp pool should also be available on that subnet so when the switch fact defaults it can actually reach dashboard again.
Hi
Sorry for the late reply, it's because i've been on vacation.
I have set the ip http client source-interface now, and then i get this error:
Switch#service meraki register
Starting to register switch 1
Converting catalyst.meraki.com to 209.206.49.184
Successfully connect to Meraki Dashboard
resp_msg len: 439
Error: Received failed respose from Meraki Dashboard!!!
(Message Response: HTTP/1.1 400 Bad Request
title>400 No required SSL certificate was sent</title
Failed to register switch 1
KR Christian Josiassen
We have Same issue. after upgrading to 17.12.91 (cat9k_iosxe.17.12.01.SPA.bin) it's working as expected.