Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

New Cisco 5760 and Prime 2.1



we have deployed two new 5760 with Prime 2.1 -> New we have Problems.

Our old system was three WLC 4404 with WCS 7.0.240, this system works well but was outdated, so we make a clean install of the prime, generate new maps and installed the licenses.

This morning we changed the wlc, some of our antennas are connected with the new wlc but the most send a failure:

*%DTLS-4-BAD_CERT: 1 wcm:  Certificate verification failed. Peer IP:
Aug  4 13:25:23.819: *%DTLS-3-HANDSHAKE_FAILURE: 1 wcm:  Failed to complete DTLS handshake with peer  for AP 0000.0000.0000Reason: no certificate returned


This is the first problem, we don´t know why some aps will work and some not.

The second thing is that we can´t generate dynamic interfaces in Prime, if we want´t to send the template to the controllers we get these meassage:

Currently no controllers are added to Prime Infrastructure or the selected template options do not match any controller where the template can be applied.

But the controllers are listed and sync with the prime.


An the third thing is, the 5760 don´t work in a mobility group. We have decided to the centralized mode, so we give both wlc the same mob.-groupe  get them the multicast-address, but in both devices, the control-link is down. 

I know many problems, but maybe someone of you have solutions.


IOS athe 5760 are 3.3.2 and we use the prime 2.1.


kind regards 




VIP Purple

Hi Rene,You can't get

Hi Rene,

You can't get mobility working between 5760 & 4400. So roaming won't work between these two system.Below helps you to understand why


5760 is configuring totally different how we do it to 4400/5508, so those existing template may not work for 5760.


Regarding AP registration issue, may be those are old AP & did not have MIC to register with 5760




*** Pls rate all useful responses ****

New Member

Hi Rasika, we have replaced

Hi Rasika,


we have replaced the 4404, so we have only two 5760!

The question is, how should we configure the dynamic interfaces, when we couldn´t use the templates.


The error with the registration of the APs are solved, our fault.


The 5760 are configured like your link.




VIP Purple

Hi ReneGlad to see you sort

Hi Rene

Glad to see you sort out AP registration issues.

Configuring Dynamic interface on 5760 is not mandatory. If you want you can configure it like on a switch (ie interface vlan x & then IP address under it)

What you want to do is 

1. Define all wireless users L2 vlans on your 5760

2. Enable DHCP snooping for the required vlans where you will map it to WLANs

3. Trust DHCP snooping on your 5760 Port Channel & Physical interfaces connect to wired network.


If you want to use interface-group this post may help you as well. 3850 or 5760 configuration syntax is same as both operate on IOS-XE


NB: Dynamic interface of user vlan on 5760 or 3850 is required when you set DHCP server configuration under WLAN setting where you want to send different WLAN DHCP request to different DHCP servers.




**** Pls rate all useful responses ****

New Member

Thx for your reply. We need

Thx for your reply.


We need dynamic interfaces because later an 5508 will be our backup wlc.

We have found in Prime the option to design own templates, in this chase Controler->System->dynamic Interfaces.

We have chosen as devices CUWN and UA so we can use these template for all our controllers.

But when we try to deploy the template we get an SNMP operation to Device failed: COMMON-1.

kind regards