Getting started with Cisco DNA Center

by

IP Addressing requirements:

(Tip: knowing port names help during IP address configurations)

  1. 1 IP per DNA-C Server for CIMC – Management Interface: To access DNA-C server CIMC remotely during installation. It gives access to launch KVM, for other port IP address configurations. (required)
  2. 1 IP per DNA-C Server for Enterprise Network: – 10 Gbps: For connection to network devices. In High Availability (HA) setup, Enterprise Network IPs of all DNA-C Servers should be in the same subnet. A default route can be configured on this interface. (required)
  3. 1 IP per DNA-C Server for Intra Cluster Link: – 10 Gbps: For connection to other DNA-C Servers in HA setup. In the High Availability setup, Intra Cluster Link IPs of all DNA-C Servers should be in the same subnet. No Default route required on this one. Need not be routable from other parts of the network, but must be unique within the network to avoid, conflict within DNA-C, when it connects to the network devices. (required, cannot be changed after installation)
  4. 1 IP per DNA-C Server for Appliance Management: – 1 Gbps: Used for out of band connection to the DNA Center Web page. It is optional. If not configured, you can use the Enterprise Network IPs to connect to the DNA-C appliance.
  5. 1 IP per DNA-C Server for Cloud Update Connectivity: – 1 Gbps: Used to connect to DNA Center Cisco Cloud, to get software updates or Plug-and-Play Cloud service. May needed for connection to DMZ for internet access. Default route not recommended. If not configured, you can use the Enterprise Network IPs to connect to the internet and configure proxy settings.
  6. 1 IP per DNA-C Cluster for Virtual IP: This IP needs to be in the subnet of the Enterprise Network interface (Step 2). This is the IP to which all the devices in your network will communicate. This IP will remain active even if any of the DNA-C servers in a HA setup goes down. The redundant server will take up the Virtual IP to keep the services up and running.
  7. Two /21 IP Subnets for Cluster sync and Services. Need not be routable from other parts of the network, but must be unique within the network to avoid, conflict within DNA-C, when it connects to the network devices.

Prerequisites:

  1. DNS Server IP address
  2. NTP Server IP address
  3. Any proxy settings required to connect to the Internet

Firewall

Allow connections to *.ciscoconnectdna.com:443 from Cisco DNA-C from enp1s0f1 port if configured, or else, from enp9s0.

  • https://www.ciscoconnectdna.com
  • https://cdn.ciscoconnectdna.com
  • https://registry.ciscoconnectdna.com
  • https://registry-cdn.ciscoconnectdna.com

Additionally allow these URLs for SMAR account and SWIM access:

  • https://apx.cisco.com
  • https://cloudsso.cisco.com/as/token.oauth2
  • https://.cisco.com/

Or, allow these specific URLs below:

Leave a Comment

Terms and Conditions - Privacy Policy

Close Bitnami banner
Bitnami