Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Add MSE on Switch 3850

Hi,

Does any body knows where to add the MSE key has on a Switch 3850, on WLC the command is 

 

config auth-list add lbs-ssc <MSE Ethernet MAC> <MSE key hash> 

 

thaks for your help.

 

1 ACCEPTED SOLUTION

Accepted Solutions
VIP Purple

HiSee whether this helps

4 REPLIES
VIP Purple

HiSee whether this helps

New Member

Hi Manannalage ras,I have

Hi Manannalage ras,

I have read your post and perform the commands to enable NMSP on the swich, now I can see the switch as ccontroller on Prime and assign it, thanks for your help

tep 1Login into MSE via ssh

tep 1
Login into MSE via ssh connection or via a console connection.
Step 2
Issue the commands:
[root@cmxmse ~]# cmdshell -- Issue this command to get into cmdshell
cmd> show server-auth-info - Issue this command to get auth info for the MSE
invoke command: com.aes.server.cli.CmdGetServerAuthInfo
AesLog queue high mark: 50000
AesLog queue low mark: 500
----------------
Server Auth Info
----------------
MAC Address: 00:0c:29:b1:f5:a8 - Note the MAC address
SHA1 Key Hash: ee68b5062b4181f68d5dd489db2bfcf5637b5eff
SHA2 Key Hash: ec7ebc55bbef366332da70e995f2c073bc7cfaf4cb6d845336adfc67ce961644 -- Make a
note of this key to be used later
Certificate Type: SSC
cmd> config unauthenticated-nmsp true - Enable Un-authenticated NSMP connection.
invoke command: com.aes.server.cli.CmdSetServerConfigParameter
E-2
Cisco Connected Mobile Experiences (CMX) CVD
Appendix E CMX Troubleshooting
Aspect Ratio Issues while Creating Maps
Parameter unauthenticated-nmsp was successfully modified
Step 3
Login into the WLC via SSH or Console shell and invoke the commands:
(Cisco Controller) >config auth-list add sha256-lbs-ssc <MAC ADDRESS> <KEY HASH>
MAC ADDRESS and KEY HASH are derived from Step 2.
Step 4
Verify that MSE has been manually added on the
WLC and the NSMP connections are up between the
two. Invoke the following commands on WLC:
(Cisco Controller) >show auth-list - Shows the manually added MSE to WLC
Authorize MIC APs against Auth-list or AAA ...... disabled
Authorize LSC APs against Auth-List ............. disabled
APs Allowed to Join
AP with Manufacturing Installed Certificate.... yes
AP with Self-Signed Certificate................ yes
AP with Locally Significant Certificate........ yes
Mac Addr Cert Type Key Hash
----------------------- ---------- ------------------------------------------
00:0c:29:b1:f5:a8 LBS-SSC-SHA256
ec7ebc55bbef366332da70e995f2c073bc7cfaf4cb6d845336adfc67ce961644
(Cisco Controller) >show nmsp status - Shows NSMP status
MSE IP Address Tx Echo Resp Rx Echo Req Tx Data Rx Data
-------------- ------------ ----------- ------- -------
<MSE IP > 75779 75779 210547 12

VIP Purple

Hi Salodh,The method you

Hi Salodh,

The method you described applicable only to AireOS controllers. So 3850/5760 it is little bit different. I have done a post to cover both scenarios. See below.

http://mrncciew.com/2014/09/25/what-is-nmsp/

HTH

Rasika

**** Pls rate all useful responses ****

 

351
Views
0
Helpful
4
Replies
CreatePlease to create content