Design Recommendation for APIC-EM Network

Question asked by cdeluna on Dec 8, 2016
We are working on building out a proof of concept for zero touch provisioning and would like to focus on APIC-EM.


We have a temp server that we are using for a single APIC-EM VM.  Its an ESXi 5.5 host. Along with that we have a MS DHCP server configured to provide option 43.  We are running as a standalone server.


Eth0 of the host goes to an external network with services (NTP etc.), Eth1 goes to the private "Provisioning Network".  The APIC-EM VM is similarly configured so that it is accessible for scripting etc on its first interface and has access to the private network on the second interface.


Everything seems to be working as expected except that we can't seem to successfully use the PnP application.  I've tried disabling the "external interface" so that only the private network is available thinking the network interfaces were more 'HA' /NIC Teaming but that did not make any difference.


We've tried a variety of devices which all meet the minimum requirements for hardware and software

2901 ISR (Gen2)

2960S Switch

3650 Switch


We've tried projects as well as just seeing they will be "discovered" without success.


The devices do get an IP address and they start the AutoInstall process and the APIC-EM never recognizes them, pre-provisioined or not.


Here is the log from the 2960S



*Mar  1 00:02:26.098: %SYS-5-RESTART: System restarted --

Cisco IOS Software, C2960S Software (C2960S-UNIVERSALK9-M), Version 12.2(58)SE2, RELEASE SOFTWARE (fc1)

Copyright (c) 1986-2011 by Cisco Systems, Inc.

Compiled Thu 21-Jul-11 02:22 by prod_rel_team

*Mar  1 00:02:27.634: %LINK-3-UPDOWN: Interface FastEthernet0, changed state to down

to up

*Mar  1 00:02:29.107: %USB_CONSOLE-6-MEDIA_RJ45: Console media-type is RJ45.

*Mar  1 00:02:30.444: %LINK-3-UPDOWN: Interface GigabitEthernet1/0/1, changed state to up

*Mar  1 00:02:58.446: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to up

*Mar  1 00:03:09.215: AUTOINSTALL: Vlan1 is assigned got vend id vend spec. info ret: succeed

*Mar  1 00:03:19.224: AUTOINSTALL: Obtain siaddr (as config server) <--.100 is the DHCP server

%Error opening tftp:// (Timed out)

%Error opening tftp:// (Timed out)

%Error opening tftp:// (Timed out)

%Error opening tftp:// (Timed out)

%Error opening tftp:// (Timed out)

%Error opening tftp:// (Timed out)

%Error opening tftp:// (Timed out)



Any suggestions on where to look for issues would be very welcome!