Symptom
TLOC down post ios-xe to viptela Nutella migration when enterprise cert used.
Conditions
When trying to convert IOS-XE to Viptela OS on nutella device when using enterprise certificate
Workaround
After migration from IOS-XE to Viptela OS
1. Check all configs are migrated
2. Check all cert are migrated
3. Check status if TLOC is down. If tloc is down perform below >>
4. Remove installed certs
5. TLOC came up
6. Installed the existing root cert again.(It was already present)
Still we are not able to form control connection ->
vbond dtls 0.0.0.0 0 0 115.0.0.14 12346 115.0.0.14 12346 default challenge_resp RXTRDWN BIDNTVRFD 23 2023-01-19T14:42:02+0000 dtls 0.0.0.0 0 0 115.0.0.169 12346 115.0.0.169 12346 default connect DCONFAIL NOERR 15 2023-01-19T14:41:43+0000
7. Generate new CSR on device#request csr upload bootflash:nutella.csr
8. Get is signed and install the cert again back to device
9. Check show certificates installed for certificates status
10 check sh control connection . Control connection will be still down. dtls 0.0.0.0 0 0 115.0.0.14 12346 115.0.0.14 12346 default challenge_resp RXTRDWN BIDNTVRFD 47 2023-01-19T14:58:56+0000
11. GO to all controllers and manually delete and add the serial no/chassis no as below >>
vbond1# request vedge delete chassis-num ISR1100-6G-FGL2420LAU3 # request vedge add chassis-num ISR1100-6G-FGL2420LAU3 org-name pbbsdwan serial-num 022F783B success
above on all controllers
doing above control connection will come up.
12. Check if device OS has migrated on device section page.
Further Problem Description
