1. DNAC & ISE Integration 2. Border & Fusion Communication 3. DNAC Design Parameters [ISE, NTP, DHCP etc] 4. Manual Underlay & Manual Onboarding in DNAC 5. LAN Automation for Automatic Onboarding ================================================== ************************************* 1. DNAC & ISE Integration ************************************* ===================================================== 1. Configure the OS & ISE application passwords ===================================================== ---------------- OS Password: ---------------- password: Old Password: Kbits@123 New Password: Cisco@123 Confirm Password: Cisco@123 ---------------------------- ISE Application Password: ---------------------------- application reset-passwd ise admin New Password: Cisco@123 Confirm Password: Cisco@123 ========================================================= 2. Configure ISE to establish a relationship with DNAC ========================================================= ------- ISE ------- A. pxGrid => Administration -> System -> Deployment to enable the pxGrid Service B. RestAPI => Administration -> System -> Settings -> ERS Settings to enable the REST API. C. Check the Status of your pxGrid Service. Wait for it to come up. ------- DNAC ------- A. Navigate to System -> System Settings -> Settings -> Authentication & Policy Servers -> Add B. Specify the required Parameters ------- ISE ------- A. Approve any incoming requests from DNAC. ------- DNAC ------- A. Navigate to Policy & Start the Migration of SGTs into DNAC from ISE ************************************* 2. Border & Fusion Communication ************************************* ===================================================== 1. Configure Fusion ===================================================== vlan 199 ! ip routing ! Interface Gig1/0/10 switchport trunk encap dot1q switchport mode trunk ! Interface vlan 199 ip address 192.168.100.1 255.255.255.0 no shut ===================================================== 2. Configure the Border Switch ===================================================== hostname 9300CB ! vlan 199 ! ip routing ! Interface Gig1/0/1 switchport mode trunk ! Interface vlan 199 ip address 192.168.100.2 255.255.255.0 no shut ! ip route 0.0.0.0 0.0.0.0 192.168.100.1 ===================================================== 3. Configure SSH & SNMP Credentials on the Border ===================================================== snmp-server community RO ro public snmp-server community RW rw private ! username kbits privilege 15 password Cisco@123 ! line vty 0 4 login local ************************************* 3. DNAC Design Parameters ************************************* Design - Network Hierarchy [Area & Building] - Network Settings - Network (Servers like ISE, DHCP, DNS etc) - Device Credentials - IP Address Pools *********************************************** 4. Manual Underlay & Manual Onboarding in DNAC ************************************************ ===================================================== 1. Configure IP Addressing with the Fabric ===================================================== ---------- 9300CB ---------- Interface Gig1/0/2 no switchport ip address 172.16.12.1 255.255.255.0 no shut ! Interface Gig1/0/3 no switchport ip address 172.16.13.1 255.255.255.0 no shut ! Interface Loopback10000 ip address 172.16.1.1 255.255.255.255 ---------- 9300E1 ---------- hostname 9300E1 ! Interface Gig1/0/2 no switchport ip address 172.16.12.2 255.255.255.0 no shut ! Interface Gig1/0/1 no switchport ip address 172.16.23.2 255.255.255.0 no shut ! Interface Loopback10000 ip address 172.16.1.2 255.255.255.255 ---------- 9300E2 ---------- hostname 9300E2 ! Interface Gig1/0/3 no switchport ip address 172.16.13.3 255.255.255.0 no shut ! Interface Gig1/0/1 no switchport ip address 172.16.23.3 255.255.255.0 no shut ! Interface Loopback10000 ip address 172.16.1.3 255.255.255.255 ===================================================== 2. Configure Routing between the SDA Fabric & Fusion ===================================================== ---------- Fusion ---------- router ospf 1 router-id 0.0.0.100 network 192.168.100.0 0.0.0.255 area 0 network 10.10.101.0 0.0.0.255 area 0 ---------- 9300CB ---------- router ospf 1 router-id 0.0.0.1 network 192.168.100.0 0.0.0.255 area 0 network 172.16.0.0 0.0.255.255 area 0 ---------- 9300E1 ---------- ip routing ! router ospf 1 router-id 0.0.0.2 network 172.16.0.0 0.0.255.255 area 0 ---------- 9300E2 ---------- ip routing ! router ospf 1 router-id 0.0.0.3 network 172.16.0.0 0.0.255.255 area 0 ===================================================== 3. Configure the SSH & SNMP Credentials ===================================================== ---------- 9300E1 ---------- snmp-server community RO ro public snmp-server community RW rw private ! username kbits privilege 15 password Cisco@123 ! line vty 0 4 login local ---------- 9300E2 ---------- snmp-server community RO ro public snmp-server community RW rw private ! username kbits privilege 15 password Cisco@123 ! line vty 0 4 login local ===================================================== 4. Discover and Onboard the devices in DNAC ===================================================== *********************************************** 5. LAN Automation Onboarding in DNAC ************************************************ ===================================================== 1. Configure the Border Switch ===================================================== hostname 9300CB ! vlan 199 ! ip routing ! Interface Gig1/0/1 switchport mode trunk ! Interface vlan 199 ip address 192.168.100.2 255.255.255.0 no shut ! ip route 0.0.0.0 0.0.0.0 192.168.100.1 ! snmp-server community RO ro public snmp-server community RW rw private ! username kbits privilege 15 password Cisco@123 ! line vty 0 4 login local ===================================================== 2. Discover and Onboard the Border ===================================================== Tools -> Discovery ===================================================== 3. Verify the Pre-requisites for LAN Automation ===================================================== 1. Pool for LAN Automation - Type should be LAN 2. Credentials