Home
Support
Product Support
Cloud and Systems Management
Cisco Catalyst Center
Install and Upgrade Guides

Cisco Catalyst Center Third-Generation Appliance Installation Guide, Release 3.1.x

Releases

3.1.x
2.3.7.x

View all Saved Content

PDF

Is this helpful?

Helpful Unhelpful

Feedback

Thank you for your feedback. Your response has been recorded.

Ask about this document

Cisco Configuration Guide, Release 4.2

Table of contents

Expand all sections

About this document

Review the Catalyst Center Appliance Features

Appliance hardware specifications
Front and rear panels
Physical specifications
Environmental specifications
Power supply specifications

Plan the Deployment

Planning workflow
Catalyst Center and Cisco Software-Defined Access
Interface cable connections
Required IP addresses and subnets
Required internet URLs and fully qualified domain names
Provide secure access to the internet
Communication ports
HTTP port 80 exception list
Disaster recovery ports
Required ports and protocols for Cisco Software-Defined Access
Required configuration information
Required first-time setup information
Password policy
Password requirements

Install the Appliance

Appliance installation workflow
Unpack and inspect the appliance
Review the installation warnings and guidelines
Review the rack requirements
Connect and power on the appliance
Check the LEDs

Prepare the Appliance for Configuration

Preparation for appliance configuration overview
Enable browser access to the Cisco Integrated Management Controller
Execute preconfiguration tasks
NIC bonding overview
Reimage the appliance
Catalyst Center appliance configuration

Configure the Appliance Using the Maglev Wizard

Appliance configuration overview
IPv4 and IPv6 considerations
Password considerations
VLAN mode considerations
Configure the primary node using the Maglev wizard
Configure a secondary node using the Maglev wizard
Upgrade to the latest Catalyst Center release

Configure the 32-Core and 56-Core Appliances Using the Browser-Based Wizard

Appliance configuration overview
Password considerations
VLAN mode considerations
Configure an appliance using the Install Configuration wizard
Configure the primary node using the Advanced Install configuration wizard
Configure a secondary node using the Advanced Install configuration wizard
Upgrade to the latest Catalyst Center release

Configure the 80-Core Appliance Using the Browser-Based Wizard

Appliance configuration overview
Password considerations
VLAN mode considerations
Configure an appliance using the Install configuration wizard
Configure the primary node using the Advanced Install configuration wizard
Configure a secondary node using the Advanced Install configuration wizard
Upgrade to the latest Catalyst Center release

Complete First-Time Setup

First-time setup workflow
Compatible browsers
Log in to Catalyst Center for the first time
Complete the Quick Start workflow
Integrate Cisco ISE with Catalyst Center
Configure authentication and policy servers
Configure SNMP properties

Troubleshoot the Deployment

Troubleshooting tasks
Log out
Reconfigure the appliance using the Configuration wizard
Power cycle the appliance

Review High Availability Cluster Deployment Scenarios

New HA deployment
Existing HA deployment of the primary node with standard interface configurations
Existing HA deployment of primary node with nonstandard interface configurations
Activate HA
Additional HA deployment considerations

Required first-time setup information

Updated: April 3, 2026

Want to summarize with AI?

Overview

Explains the information that you must provide during the first-time setup of Catalyst Center.

After you have configured your appliances, log in to Catalyst Center and complete the essential setup tasks. During this first-time setup, provide this information:

New admin superuser password: You will be prompted to enter a new password for the Catalyst Center admin super user. Resetting the super user password enhances operational security. This is especially important if, for example, the enterprise staff member who installed and configured the Catalyst Center appliance is not a Catalyst Center user or administrator.
Cisco.com credentials: The cisco.com user ID and password that your organization uses to register software downloads and receive system communications through email.
Cisco Smart Account credentials: The cisco.com Smart Account user ID and password your organization uses for managing your device and software licenses.
IP Address Manager URL and credentials: The host name, URL, admin user name, and admin password of the third-party IP address manager (IPAM) server you plan to use with Catalyst Center. This release supports InfoBlox and Bluecat.
Proxy URL, port, and credentials: The URL (host name or IP address), port number, user name, and user password of the proxy server you plan to use with Catalyst Center in order to get updates to the Catalyst Center software, manage device licenses, and retrieve other downloadable content.
Catalyst Center users: User names, passwords, and privilege settings for the new Catalyst Center users you will be creating. Always use one of the new user accounts for normal Catalyst Center operations. Use the admin super user account only for reconfiguring Catalyst Center and for operations that require super user privileges.

Ensure that the passwords you configure for Catalyst Center users and the admin super user comply with the Password requirements.

For details about how to launch and respond to the first-time setup wizard that prompts you for this information, see Complete First-Time Setup.

Use this information to complete additional setup tasks, which can be done after your first login:

Catalyst Center server IP address and credentials: You will need the Cisco ISE server IP address and credentials, administrative user name, and password. These are needed to log in to and configure your organization's ISE server to share data with Catalyst Center, as explained in Integrate Cisco ISE With Catalyst Center.

When you install or upgrade to the latest release of Catalyst Center, the system checks whether Cisco ISE is configured as an authentication and policy (AAA) server. If the correct version of Cisco ISE is already configured, you can start migrating group policy data from Cisco ISE to Catalyst Center.

If Cisco ISE is not configured, or if the required version of Cisco ISE is not present, Catalyst Center installs, but Group Based Policy is disabled. You must install or upgrade Cisco ISE and connect it to Catalyst Center. You can then start the data migration.

Catalyst Center data present in the previous version is preserved when you upgrade. The data migration operation merges data from Catalyst Center and Cisco ISE. If a conflict occurs during migration, the system uses data from Cisco ISE.

If Catalyst Center becomes unavailable, and it is imperative to manage policies before Catalyst Center becomes available again, there is an option in Cisco ISE to override the Read-Only setting. This allows you to make policy changes directly in Cisco ISE. After Catalyst Center is available again, you must disable the Read-Only override on Cisco ISE, and re-synchronize the policy data on Catalyst Center Group Based Access Control Settings page.

Caution

Use this option only when necessary. Changes made directly in Cisco ISE do not transfer to Catalyst Center.
Authorization and policy server information: If you are using Cisco ISE as your authentication and policy server, you need the same information listed in the previous bullet, plus:
- ISE CLI user name
- CLI password
- server FQDN
- subscriber name (such as cc )
- ISE SSH key (optional)
- protocol choice (RADIUS or TACACS)
- authentication port
- accounting port
- retry and timeout settings
If you are using an authorization and policy server that is not Cisco ISE, you will need the server's IP address, protocol choice (RADIUS or TACACS), authentication port, accounting port, and retry and timeout settings.

This information is required to integrate Catalyst Center with your chosen authentication and policy server, as explained in Configure authentication and policy servers.
SNMP retry and timeout values: This is required to set up device polling and monitoring, as explained in Configure SNMP properties.

Need help?

Open a support case

(Requires a Cisco Service Contract)

Bias-free language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.