Ensure that the controller can ping the agents and communicate. If you cannot ping the agents, check your network settings.
When you ran the agent and controller setup scripts, you also generated public key certificates. The Learning Network License system implements certificate pinning to identify public key certificates. If you enable TOFU, the agent trusts the first certificate it sees the first time it connects to the controller. It generates a certificate fingerprint, and on subsequent connections, compares the stored fingerprint to the passed certificate to verify the identity of the controller. If you do not enable TOFU, you can also generate a certificate fingerprint and upload that to the agent.
On the controller, you can also enable TOFU. On first connection, the controller adds the agent public key certificate to a trusted store. For future connections, when the agent connects to the controller, the controller compares the certificate to those stored in the trusted store. If the certificate matches a certificate in the store, the controller establishes the connection.
To configure the certificates, run the agent administrator script to:
Then, restart the agent's processes.
After that, enable TOFU on the controller, and then restart the controller processes to ensure the controller recognizes and trusts these certificates.