Configure the 112 Core Appliance Using the Browser-Based Wizard

Appliance Configuration Overview

You can deploy the 112 core appliance in your network in one of the following two modes:

  • Standalone: As a single node offering all the functions. This option is usually preferred for initial or test deployments and in smaller network environments.

  • Cluster: As a node that belongs to a three-node cluster. In this mode, all the services and data are shared among the hosts. This is the preferred option for large deployments.

If you choose the Standalone mode for your initial deployment, this will be your first, or primary, node. Note that you can add more appliances later to form a cluster.

If you choose the Cluster mode for your initial deployment, be sure to finish configuring the primary node before configuring the add-on nodes.

To proceed, complete the following tasks:

  1. Configure the primary node in your cluster. See Configure the Primary Node Using the Browser-Based Wizard.

  2. If you have installed three appliances and want to add the second and third nodes to your cluster, see Configure Add-On Nodes Using the Browser-Based Wizard.

Browser-Based Wizard Prerequisites

To use the browser-based wizard and ensure that it configures your appliance properly, do the following:

  • Designate at least one of the interfaces on your appliance to use the IP address, subnet mask, and default gateway that a DHCP server assigns to it. When you configure this interface in the wizard, you will not be able to change the IP address or subnet mask that have been assigned to it. You will only be able to change its default gateway. The topics in this chapter assume that the Management interface was chosen for this purpose.

  • Confirm that the IP address assigned by the DHCP server is reachable by the machine from which you will complete the wizard.

  • For the intracluster and enterprise interfaces, verify that both interfaces are connected and in the UP state.

Configure the Primary Node Using the Browser-Based Wizard

Perform the following steps to configure the first installed appliance as the primary node using the browser-based wizard. You must always configure the first appliance as the primary node, whether it will operate standalone or as part of a cluster.


Important

The following second generation Cisco DNA Center appliances support configuration using the browser-based wizard:

  • 112 core appliance: Cisco part number DN2-HW-APL-XL

  • 112 core upgrade appliance: Cisco part number DN2-HW-APL-XL-U

If you are configuring the installed appliance as an add-on node for an existing cluster that already has a primary node, follow the steps in Configure Add-On Nodes Using the Browser-Based Wizard instead.

Before you begin

Ensure that you:

  • Installed the Cisco DNA Center software image onto your appliance, as described in Reimage the Appliance.


    Important

    This is only applicable if you are going to configure an upgrade appliance, because the Cisco DNA Center software image is not preinstalled on the 112 core upgrade appliance (Cisco part number DN2-HW-APL-XL-U).

  • Collected all of the information called for in Required IP Addresses and Subnets and Required Configuration Information.

  • Installed the first appliance as described in Appliance Installation Workflow.

  • Configured Cisco IMC browser access on the primary node, as described in Enable Browser Access to Cisco Integrated Management Controller.

  • Checked that the primary node appliance's ports and the switches it uses are properly configured, as described in Execute Preconfiguration Checks.

  • Are using a browser that is compatible with Cisco IMC and Cisco DNA Center. For a list of compatible browsers, see the Release Notes for the version of Cisco DNA Center you are installing.

  • Enabled ICMP on the firewall between Cisco DNA Center and the DNS servers you will specify in the following procedure. This wizard uses Ping to verify the DNS server you specify. This ping can be blocked if there is a firewall between Cisco DNA Center and the DNS server and ICMP is not enabled on that firewall. When this happens, you will not be able to complete the wizard.

Procedure

Step 1

Point your browser to the Cisco IMC IP address you set during the Cisco IMC GUI configuration you performed, then log in to the Cisco IMC GUI as the Cisco IMC user (see Enable Browser Access to Cisco Integrated Management Controller).

After successful login, the appliance displays the Cisco Integrated Management Controller Chassis Summary window, with a blue link menu at the upper right, as shown below.
Step 2

From the blue link menu, choose Launch KVM and then select either Java based KVM or HTML based KVM. If you select the Java-based KVM, you will need to launch the Java startup file from your browser or file manager in order to view the KVM console in its own window. If you select the HMTL-based KVM, it will launch the KVM console in a separate browser window or tab automatically.

Irrespective of the KVM type you choose, use the KVM console to monitor the progress of the configuration and respond to Maglev Configuration Wizard prompts.

Step 3

With the KVM displayed, reboot the appliance by making one of the following selections:

  1. In the main Cisco IMC GUI browser window: Choose Host Power > Power Cycle. Then switch to the KVM console to continue.

  2. In the KVM console: Choose Power > Power Cycle System (cold boot).

If asked to confirm your choice to reboot the appliance, click OK.

After displaying reboot messages, the KVM console displays the Maglev Configuration wizard welcome screen.

Note the URL listed in the Web Installation field.

Step 4

Open this URL to bring up the browser-based configuration wizard.

There are four ports that you can configure on your appliance, and the wizard presents them (one at a time) in the following order:

  • 10Gbps Enterprise Port (enp69s0f0)

  • 1Gbps/10Gbps Management Port (enp53s0f0)

  • 1Gbps/10Gbps Cloud Port (enp53s0f1)

  • 10Gbps Cluster Port (enp69s0f1)

At a minimum, you must configure the Enterprise and Cluster ports, as they are required for Cisco DNA Center functionality. If the wizard fails to display either or both of these ports during the course of configuration, they may be non-functional or disabled. If you discover that they are non-functional, choose Cancel to exit the wizard immediately. Be sure you have completed all of the steps provided in Execute Preconfiguration Checks before resuming configuration or contacting the Cisco Technical Assistance Center (TAC).

Step 5

To start the wizard, click the New: Single-node radio button, then click Let's start.

The wizard's Enterprise Network screen opens.

Step 6

Enter configuration values for the Enterprise port.

As explained in Interface Cable Connections, this is a required port used to link the appliance to the enterprise network. See Required IP Addresses and Subnets and Required Configuration Information for a more detailed description of the values you need to enter.

Table 1. Primary Node Entries for the Enterprise Port (enp69s0f0)

Host IP Address field

Enter the IP address for the Enterprise Port. This is required.

Subnet Mask field

Enter the netmask for the port's IP address. This is required.

Cluster Virtual IP to access Enterprise Network field

Enter the virtual IP address that will be used for traffic between the cluster and your Enterprise network. This is required for both three-node clusters and single-node clusters that will be converted into a three-node cluster in the future. If you have a single-node cluster setup and plan to stick with it, you can leave this field blank.

Important 

You must enter one virtual IP address for each configured network interface. You will not be able to complete the wizard unless you do so. This address is tied to the cluster link's status, which must be in the UP state.

DNS field

Enter the IP address of the preferred DNS server. If entering multiple DNS servers, separate the IP addresses in the list with commas.

Important 

For each appliance in your cluster, configure a maximum of three DNS servers. Problems can occur if you configure more than three DNS servers for an appliance.

Default Gateway IP Address field

Enter a default gateway IP address to use for the port.

Important 

Ensure that you enter a default gateway IP address for at least one of your appliance's interfaces. Otherwise, you will not be able to complete the configuration wizard.

Note 

If you designated this interface to use the default gateway assigned to it by a DHCP server, complete the following steps to specify a different gateway:

  1. Delete the IP address that is currently listed in this field and then click Save & Exit.

    This will bring you back to the first wizard screen.

  2. Return to the Enterprise port's wizard screen and enter the gateway IP address you want to use.

Connect to another network via this enterprise network (Static Route) check box

To configure a static route, check this check box and then enter the following information:

  • Its network IP prefix

  • Its subnet mask

  • Its nexthop IP address

To configure additional static routes, click the Add icon.

From here, do one of the following:

  • To save the settings you have entered in this screen and exit the wizard, click Save & Exit.

  • To open the next wizard screen, click Next. A message appears, prompting you to confirm the settings you have entered. Click YES to proceed.

    The wizard validates the information you have entered, confirms that the port is up, and notifies you of any settings that need to be changed before you can proceed with the wizard. If the settings you have entered are valid and the port is up, the wizard's Management Network screen opens.

Step 7

(Optional) Enter configuration values for the Management port.

As explained in Interface Cable Connections, this port is used to access the Cisco DNA Center GUI from your management network. In the Do you use a dedicated Management Network to access Cisco DNA Center UI? field, do one of the following:

  • If you want to use this port to access the GUI, click the Yes radio button and enter the information described in the following table. (See Required IP Addresses and Subnets and Required Configuration Information for a more detailed description of the values you need to enter.)

  • If you want to access the GUI from the Enterprise port that you configured in the previous step instead, click the No radio button, then click Next.

Table 2. Primary Node Entries for the Management Port (enp69s0f0)

Host IP Address field

Enter the IP address for the Management Port. This is required.

Subnet Mask field

Enter the netmask for the port's IP address. This is required.

Cluster Virtual IP to access Management Network field

Enter the virtual IP address that will be used for traffic between the cluster and your Management network. This is required for both three-node clusters and single-node clusters that will be converted into a three-node cluster in the future. If you have a single-node cluster setup and plan to stick with it, you can leave this field blank.

Important 

You must enter one virtual IP address for each configured network interface. You will not be able to complete the wizard unless you do so. This address is tied to the cluster link's status, which must be in the UP state.

DNS field

Enter the IP address of the preferred DNS server. If entering multiple DNS servers, separate the IP addresses in the list with spaces.

Important 

  • For NTP, ensure port 123 (UDP) is open between Cisco DNA Center and your NTP server.

  • For each appliance in your cluster, configure a maximum of three DNS servers. Problems can occur if you configure more than three DNS servers for an appliance.

Default Gateway IP Address field

Enter a default gateway IP address to use for the port.

Important 

Ensure that you enter a default gateway IP address for at least one of your appliance's interfaces. Otherwise, you will not be able to complete the configuration wizard.

Note 

If you designated this interface to use the default gateway assigned to it by a DHCP server, complete the following steps to specify a different gateway:

  1. Delete the IP address that is currently listed in this field and then click Save & Exit.

    This will bring you back to the first wizard screen.

  2. Return to the Management port's wizard screen and enter the gateway IP address you want to use.

Connect to another network via this enterprise network (Static Route) check box

To configure a static route, check this check box and then enter the following information:

  • Its network IP prefix

  • Its subnet mask

  • Its nexthop IP address

To configure additional static routes, click the Add icon.

From here, do one of the following:

  • To save the settings you have entered in this screen and exit the wizard, click Save & Exit.

  • To return to the previous wizard screen in order to make setting changes, click Previous.

  • To open the next wizard screen, click Next. A message appears, prompting you to confirm the settings you have entered. Click YES to proceed.

    The wizard validates the information you have entered, confirms that the port is up, and notifies you of any settings that need to be changed before you can proceed with the wizard. If the settings you have entered are valid and the port is up, the wizard's Internet Access screen opens.

Step 8

(Optional) Enter configuration values for the Internet Access port.

As explained in Interface Cable Connections, this is an optional port used to link the appliance to the Internet when you cannot do so through the Enterprise port. In the Do you use a dedicated Internet Access? field, do one of the following:

  • If you want to use this port to access the Internet, click the Yes radio button and enter the information described in the following table. (See Required IP Addresses and Subnets and Required Configuration Information for a more detailed description of the values you need to enter.)

  • If you want to access the Internet from the Enterprise port that you configured previously instead, click the No radio button, then click Next.

Table 3. Primary Node Entries for the Internet Access Port (enp53s0f1)

Host IP Address field

Enter the IP address for the Cloud Port.

Subnet Mask field

Enter the netmask for the port's IP address. This is required if you enter an IP address.

Cluster Virtual IP for Internet Access field

Enter the virtual IP address that will be used for traffic between the cluster and the Internet. This is required for both three-node clusters and single-node clusters that will be converted into a three-node cluster in the future. If you have a single-node cluster setup and plan to stick with it, you can leave this field blank.

Important 

You must enter one virtual IP address for each configured network interface. You will not be able to complete the wizard unless you do so. This address is tied to the cluster link's status, which must be in the UP state.

DNS field

Enter the IP address of the preferred DNS server. If entering multiple DNS servers, separate the IP addresses in the list with spaces.

Important 

For each appliance in your cluster, configure a maximum of three DNS servers. Problems can occur if you configure more than three DNS servers for an appliance.

Default Gateway IP Address field

Enter a default gateway IP address to use for the port.

Important 

Ensure that you enter a default gateway IP address for at least one of your appliance's interfaces. Otherwise, you will not be able to complete the configuration wizard.

Connect to another network via this enterprise network (Static Route) check box

To configure a static route, check this check box and then enter the following information:

  • Its network IP prefix

  • Its subnet mask

  • Its nexthop IP address

To configure additional static routes, click the Add icon.

From here, do one of the following:

  • To save the settings you have entered in this screen and exit the wizard, click Save & Exit.

  • To return to a previous wizard screen in order to make setting changes, click Previous.

  • To open the next wizard screen, click Next. A message appears, prompting you to confirm the settings you have entered. Click YES to proceed.

    The wizard validates the information you have entered, confirms that the port is up, and notifies you of any settings that need to be changed before you can proceed with the wizard. If the settings you have entered are valid and the port is up, the wizard's Intra-Cluster screen opens.

Step 9

Enter configuration values for your intracluster link.

As explained in Interface Cable Connections, this required port is used to link the appliance to your cluster. See Required IP Addresses and Subnets and Required Configuration Information for a more detailed description of the values you need to enter.

Table 4. Primary Node Entries for the Intracluster Link (enp69s0f1)

Host IP Address field

Enter the IP address for the Cluster Port. This is required. Note that you cannot change the address of the Cluster Port later.

Subnet Mask field

Enter the netmask for the port's IP address. This is required.

Cluster Virtual IP to access Intra Cluster field

Enter the virtual IP address that will be used for traffic between the nodes in your cluster. This is required for both three-node clusters and single-node clusters that will be converted into a three-node cluster in the future. If you have a single-node cluster setup and plan to stick with it, you can leave this field blank.

Important 

You must enter one virtual IP address for each configured network interface. You will not be able to complete the wizard unless you do so. This address is tied to the cluster link's status, which must be in the UP state.

Connect to another network via this enterprise network (Static Route) check box

To configure a static route, check this check box and then enter the following information:

  • Its network IP prefix

  • Its subnet mask

  • Its nexthop IP address

To configure additional static routes, click the Add icon.

From here, do one of the following:

  • To save the settings you have entered in this screen and exit the wizard, click Save & Exit.

  • To return to a previous wizard screen in order to make setting changes, click Previous.

  • To open the next wizard screen, click Next. A message appears, prompting you to confirm the settings you have entered. Click YES to proceed.

    The wizard validates the information you have entered, confirms that the port is up, and notifies you of any settings that need to be changed before you can proceed with the wizard. If the settings you have entered are valid and the port is up, the wizard's Cluster Settings screen opens.

Step 10

Enter configuration values for your cluster.

Table 5. Primary Node Entries for Cluster Settings

Host Name field

Enter the fully qualified domain name (FQDN) for your cluster. Cisco DNA Center does the following with this hostname:

  • It uses this hostname to access your cluster’s web interface and the Representational State Transfer (REST) APIs used by devices in the enterprise network that Cisco DNA Center manages.

  • In the Subject Alternative Name (SAN) field of Cisco DNA Center certificates, it uses the FQDN to the define the Plug and Play server that should be used for device provisioning.

NTP Servers field

Enter one or more NTP server addresses or hostnames, separated by commas. At least one NTP address or hostname is required.

For a production deployment, Cisco recommends that you configure a minimum of three NTP servers.

Services Subnets

Services Subnet field

A dedicated, non-routed IP subnet that Cisco DNA Center uses to manage internal services. By default, this is already set to 169.254.32.0/20, and we recommend that you use this subnet. If you choose to enter another subnet, ensure that it does not conflict with or overlap any other subnet used by the Cisco DNA Center internal network or an external network. For more information, see the Services Subnet description in Required IP Addresses and Subnets.

Cluster Services Subnet field

A dedicated, non-routed IP subnet that Cisco DNA Center uses to manage internal cluster services. By default, this is already set to 169.254.48.0/20, and we recommend that you use this subnet. If you choose to enter another subnet, ensure that it does not conflict with or overlap any other subnet used by the Cisco DNA Center internal network or an external network. For more information, see the Cluster Services Subnet description in Required IP Addresses and Subnets.

Linux Admin Credential

Admin Password and Confirm Password fields

Enter and then confirm the password for the maglev user.

Click here to Generate New Password link

Click if you want to use a Linux password that is generated by Cisco DNA Center. See Generate a Linux Password.

Proxy Server

Proxy Type field

Check the HTTPS check box.

Proxy Server field

Enter the URL or host name of an HTTPS network proxy used to access the Internet.

Note 
Connection from Cisco DNA Center to the HTTPS proxy is supported only via HTTP in this release.

Port field

Enter the port your appliance used to access the network proxy.

User Name field

Enter the user name used to access the network proxy. If no proxy login is required, leave this field blank.

Password field

Enter the password used to access the network proxy. If no proxy login is required, leave this field blank.

Cisco DNA Center Web Admin Credential

Admin Password and Confirm Password fields

Enter and then confirm the password for the default admin superuser, used to log in to Cisco DNA Center for the first time.

From here, do one of the following:

  • To save the settings you have entered in this screen and exit the wizard, click Save & Exit.

  • To return to a previous wizard screen in order to make setting changes, click Previous.

  • To open the next wizard screen, click Next. A message appears, prompting you to confirm the settings you have entered. Click YES to proceed.

    The wizard validates the information you have entered and notifies you of any settings that need to be changed before you can proceed with the wizard. If the settings you have entered are valid, the wizard's Install screen opens.

Step 11

To complete the configuration of your Cisco DNA Center appliance, click Install.

The configuration process takes roughly 90 minutes. The wizard screen continuously updates during the process, indicating the tasks that are currently being completed and their progress, as well as any errors that have occurred.

To view this information in a separate pane, click the View Details link at the bottom of the screen.

To save a local copy of this information as a text file, click .

What to do next

When this task is complete:

Configure Add-On Nodes Using the Browser-Based Wizard

Perform the following steps to configure the second and third appliances in the cluster using the browser-based wizard.


Important

  • In order to build a three-node cluster, the same version of the System package must be installed on your three Cisco DNA Center appliances. Otherwise, unexpected behavior and possible downtime can occur.

  • The following second generation Cisco DNA Center appliances support configuration using the browser-based wizard:

    • 112 core appliance: Cisco part number DN2-HW-APL-XL

    • 112 core upgrade appliance: Cisco part number DN2-HW-APL-XL-U

When joining each new add-on node to the cluster, you must specify the first host in the cluster as the primary node. Note the following when joining add-on nodes to a cluster:

  • Before adding a new node to the cluster, be sure that all installed packages are deployed on the primary node. You can check this by using Secure Shell to log in to the primary node's Cisco DNA Center Management port as the Linux User (maglev) and then running the command maglev package status. All installed packages should appear in the command output as DEPLOYED. In the following example, the application-policy, sd-access, sensor-assurance and sensor-automation packages were not installed, so they are the only packages whose status is NOT_DEPLOYED. Your package status should look similar to this before configuring an add-on node. 

    $ ssh maglev@172.29.131.14 -p 2222
The authenticity of host '[172.29.131.14]:2222 ([172.29.131.14]:2222)' can't be established.
ECDSA key fingerprint is SHA256:scye+2ll6NFHAkOZDs0cNLHBR75j1KV3ZXIKuUaiadk.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[172.29.131.14]:2222' (ECDSA) to the list of known hosts.
Welcome to the Maglev Appliance
maglev@172.29.131.14's password:

Welcome to the Maglev Appliance

System information as of Thu Dec 20 03:07:13 UTC 2019

System load: 4.08                   IP address for enp69s0f0: 17.192.1.14
Usage of /: 59.8% of 28.03GB        IP address for enp69s0f1: 192.192.192.14
Memory usage: 21%                   IP address for enp53s0f0: 172.29.131.14
Swap usage: 0%                      IP address for docker0: 169.254.0.1
Processes: 831                      IP address for tun10: 10.60.3.0
Users logged in: 0                  

To run a command as administrator (user "root"), use "sudo <command>".
See "man sudo_root" for details.

[Thu Dec 20 03:07:13 UTC] maglev@192.192.192.14 (maglev-master-1) ~
$ maglev package status
[administration] password for 'admin': 

maglev-1 [main - https://kong-frontend.maglev-system.svc.cluster.local:443]

NAME                           DEPLOYED        AVAILABLE       STATUS              
-----------------------------------------------------------------------------------
application-policy             -               2.1.10.170000   NOT_DEPLOYED        
assurance                      1.0.5.686       1.1.8.1440      DEPLOYED            
automation-core                2.1.8.60044     2.1.12.60011    DEPLOYED            
base-provision-core            2.1.8.60044     2.1.12.60016    DEPLOYED            
command-runner                 2.1.8.60044     2.1.9.60029     DEPLOYED            
device-onboarding              2.1.8.60044     2.1.12.60016    DEPLOYED            
image-management               2.1.8.60044     2.1.12.60011    DEPLOYED            
ncp-system                     2.1.8.60044     2.1.9.60029     DEPLOYED            
ndp-base-analytics             1.0.7.878       1.0.7.908       DEPLOYED            
ndp-platform                   1.0.7.829       1.0.7.866       DEPLOYED            
ndp-ui                         1.0.7.956       1.0.7.975       DEPLOYED            
network-visibility             2.1.8.60044     2.1.12.60016    DEPLOYED            
path-trace                     2.1.8.60044     2.1.12.60016    DEPLOYED            
sd-access                      -               2.1.12.60016    NOT_DEPLOYED        
sensor-assurance               -               1.1.5.40        NOT_DEPLOYED        
sensor-automation              -               2.1.9.60029     NOT_DEPLOYED        
system                         1.0.4.807       1.0.4.855       DEPLOYED

  • Be sure to join only a single node to the cluster at a time. Do not attempt to add multiple nodes at the same time, as doing so will result in unpredictable behavior.

  • Expect some service downtime during the cluster attachment process for each add-on node. Services will need to be redistributed across the nodes and the cluster will be down for periods of time during that process.

Before you begin

Ensure that you:

  • Installed the Cisco DNA Center software image onto your appliance, as described in Reimage the Appliance.


    Important

    This is only applicable if you are going to configure an upgrade appliance, because the Cisco DNA Center software image is not preinstalled on the 112 core upgrade appliance (Cisco part number DN2-HW-APL-XL-U).

  • Configured the first appliance in the cluster, following the steps in Configure the Primary Node Using the Browser-Based Wizard.

  • Collected all of the information called for in Required IP Addresses and Subnets and Required Configuration Information.

  • Installed the second and third appliances as described in Appliance Installation Workflow.

  • Have done the following:

    1. Ran the maglev package status command on the first appliance.

      You can also access this information from the Cisco DNA Center GUI by clicking the Help icon () and choosing About > Packages.

    2. Contacted the Cisco TAC, gave them the output of this command, and asked them to point you to the ISO that you should install on your second and third appliances.

  • Configured Cisco IMC browser access on both add-on appliances as described in Enable Browser Access to Cisco IMC.

  • Checked that both add-on node appliances' ports and the switches they use are properly configured, as described in Execute Preconfiguration Checks.

  • Are using a compatible browser. For a list of compatible browsers, see the Release Notes for the version of Cisco DNA Center you are installing.

  • Enabled ICMP on the firewall between Cisco DNA Center and the DNS server you will specify in Step 7 of the following procedure. This wizard uses Ping to verify the DNS server you specify. This ping can be blocked if there is a firewall between Cisco DNA Center and the DNS server and ICMP is not enabled on that firewall. When this happens, you will not be able to complete the wizard.

Procedure

Step 1

Point your browser to the Cisco IMC IP address you set during the Cisco IMC GUI configuration you performed, and log in to the Cisco IMC GUI as the Cisco IMC user (see Enable Browser Access to Cisco Integrated Management Controller).

After successful login, the appliance displays the Cisco Integrated Management Controller Chassis Summary window, with a blue link menu at the upper right, as shown below.
Step 2

From the blue link menu, choose Launch KVM and then select either Java based KVM or HTML based KVM. If you select the Java-based KVM, you will need to launch the Java startup file from your browser or file manager in order to view the KVM console in its own window. If you select the HMTL-based KVM, it will launch the KVM console in a separate browser window or tab automatically.

Irrespective of the KVM type you choose, use the KVM console to monitor the progress of the configuration and respond to Maglev Configuration Wizard prompts.

Step 3

With the KVM displayed, reboot the appliance by making one of the following selections:

  1. In the main Cisco IMC GUI browser window: Choose Host Power > Power Cycle. Then switch to the KVM console to continue.

  2. In the KVM console: Choose Power > Power Cycle System (cold boot).

If asked to confirm your choice to reboot the appliance, click OK.

After displaying reboot messages, the KVM console displays the Maglev Configuration wizard welcome screen.

Note the URL listed in the Web Installation field.

Step 4

Open this URL to bring up the browser-based configuration wizard.

There are four ports that you can configure on your appliance, and the wizard presents them (one at a time) in the following order:

  • 10Gbps Enterprise Port (enp69s0f0)

  • 1Gbps/10Gbps Management Port (enp53s0f0)

  • 1Gbps/10Gbps Cloud Port (enp53s0f1)

  • 10Gbps Cluster Port (enp69s0f1)

At a minimum, you must configure the Enterprise and Cluster ports, as they are required for Cisco DNA Center functionality. If the wizard fails to display either or both of these ports during the course of configuration, they may be non-functional or disabled. If you discover that they are non-functional, choose Cancel to exit the wizard immediately. Be sure you have completed all of the steps provided in Execute Preconfiguration Checks before resuming configuration or contacting the Cisco Technical Assistance Center (TAC).

Step 5

To start the wizard, do the following:

  1. Click the Join an existing cluster radio button.

  2. Enter the IP address configured for the primary node's cluster port, as well as the username and password for the Linux (maglev) user.

  3. Click Let's start.

The wizard's Enterprise Network screen opens.

Step 6

Enter configuration values for the Enterprise port.

As explained in Interface Cable Connections, this is a required port used to link the appliance to the enterprise network. See Required IP Addresses and Subnets and Required Configuration Information for a more detailed description of the values you need to enter.

Table 6. Add-On Node Entries for the Enterprise Port (enp69s0f0)

Host IP Address field

Enter the IP address for the Enterprise Port. This is required.

Subnet Mask field

Enter the netmask for the port's IP address. This is required.

DNS field

Enter the IP address of the preferred DNS server. If entering multiple DNS servers, separate the IP addresses in the list with commas.

Important 

For each appliance in your cluster, configure a maximum of three DNS servers. Problems can occur if you configure more than three DNS servers for an appliance.

Default Gateway IP Address field

Enter a default gateway IP address to use for the port.

Important 

Ensure that you enter a default gateway IP address for at least one of your appliance's interfaces. Otherwise, you will not be able to complete the configuration wizard.

Note 

If you designated this interface to use the default gateway assigned to it by a DHCP server, complete the following steps to specify a different gateway:

  1. Delete the IP address that is currently listed in this field and then click Save & Exit.

    This will bring you back to the first wizard screen.

  2. Return to the Enterprise port's wizard screen and enter the gateway IP address you want to use.

Connect to another network via this enterprise network (Static Route) check box

To configure a static route, check this check box and then enter the following information:

  • Its network IP prefix

  • Its subnet mask

  • Its nexthop IP address

To configure additional static routes, click the Add icon.

From here, do one of the following:

  • To save the settings you have entered in this screen and exit the wizard, click Save & Exit.

  • To open the next wizard screen, click Next. A message appears, prompting you to confirm the settings you have entered. Click YES to proceed.

    The wizard validates the information you have entered, confirms that the port is up, and notifies you of any settings that need to be changed before you can proceed with the wizard. If the settings you have entered are valid and the port is up, the wizard's Management Network screen opens.

Step 7

(Optional) Enter configuration values for the Management port.

As explained in Interface Cable Connections, this port is used to access the Cisco DNA Center GUI from your management network. In the Do you use a dedicated Management Network to access Cisco DNA Center UI? field, do one of the following:

  • If you want to use this port to access the GUI, click the Yes radio button and enter the information described in the following table. (See Required IP Addresses and Subnets and Required Configuration Information for a more detailed description of the values you need to enter.)

  • If you want to access the GUI from the Enterprise port that you configured in the previous step instead, click the No radio button, then click Next.

Table 7. Add-On Entries for the Management Port (enp69s0f0)

Host IP Address field

Enter the IP address for the Management Port. This is required.

Subnet Mask field

Enter the netmask for the port's IP address. This is required.

DNS field

Enter the IP address of the preferred DNS server. If entering multiple DNS servers, separate the IP addresses in the list with spaces.

Important 

  • For NTP, ensure port 123 (UDP) is open between Cisco DNA Center and your NTP server.

  • For each appliance in your cluster, configure a maximum of three DNS servers. Problems can occur if you configure more than three DNS servers for an appliance.

Default Gateway IP Address field

Enter a default gateway IP address to use for the port.

Important 

Ensure that you enter a default gateway IP address for at least one of your appliance's interfaces. Otherwise, you will not be able to complete the configuration wizard.

Note 

If you designated this interface to use the default gateway assigned to it by a DHCP server, complete the following steps to specify a different gateway:

  1. Delete the IP address that is currently listed in this field and then click Save & Exit.

    This will bring you back to the first wizard screen.

  2. Return to the Management port's wizard screen and enter the gateway IP address you want to use.

Connect to another network via this enterprise network (Static Route) check box

To configure a static route, check this check box and then enter the following information:

  • Its network IP prefix

  • Its subnet mask

  • Its nexthop IP address

To configure additional static routes, click the Add icon.

From here, do one of the following:

  • To save the settings you have entered in this screen and exit the wizard, click Save & Exit.

  • To return to the previous wizard screen in order to make setting changes, click Previous.

  • To open the next wizard screen, click Next. A message appears, prompting you to confirm the settings you have entered. Click YES to proceed.

    The wizard validates the information you have entered, confirms that the port is up, and notifies you of any settings that need to be changed before you can proceed with the wizard. If the settings you have entered are valid and the port is up, the wizard's Internet Access screen opens.

Step 8

(Optional) Enter configuration values for the Internet Access port.

As explained in Interface Cable Connections, this is an optional port used to link the appliance to the Internet when you cannot do so through the Enterprise port. In the Do you use a dedicated Internet Access? field, do one of the following:

  • If you want to use this port to access the Internet, click the Yes radio button and enter the information described in the following table. (See Required IP Addresses and Subnets and Required Configuration Information for a more detailed description of the values you need to enter.)

  • If you want to access the Internet from the Enterprise port that you configured previously instead, click the No radio button, then click Next.

Table 8. Add-On Entries for the Internet Access Port (enp53s0f1)

Host IP Address field

Enter the IP address for the Cloud Port.

Subnet Mask field

Enter the netmask for the port's IP address. This is required if you enter an IP address.

DNS field

Enter the IP address of the preferred DNS server. If entering multiple DNS servers, separate the IP addresses in the list with spaces.

Important 

For each appliance in your cluster, configure a maximum of three DNS servers. Problems can occur if you configure more than three DNS servers for an appliance.

Default Gateway IP Address field

Enter a default gateway IP address to use for the port.

Important 

Ensure that you enter a default gateway IP address for at least one of your appliance's interfaces. Otherwise, you will not be able to complete the configuration wizard.

Connect to another network via this enterprise network (Static Route) check box

To configure a static route, check this check box and then enter the following information:

  • Its network IP prefix

  • Its subnet mask

  • Its nexthop IP address

To configure additional static routes, click the Add icon.

From here, do one of the following:

  • To save the settings you have entered in this screen and exit the wizard, click Save & Exit.

  • To return to a previous wizard screen in order to make setting changes, click Previous.

  • To open the next wizard screen, click Next. A message appears, prompting you to confirm the settings you have entered. Click YES to proceed.

    The wizard validates the information you have entered, confirms that the port is up, and notifies you of any settings that need to be changed before you can proceed with the wizard. If the settings you have entered are valid and the port is up, the wizard's Intra-Cluster screen opens.

Step 9

Enter configuration values for your intracluster link.

As explained in Interface Cable Connections, this required port is used to link the appliance to your cluster. See Required IP Addresses and Subnets and Required Configuration Information for a more detailed description of the values you need to enter.

Table 9. Add-On Entries for the Intracluster Link (enp69s0f1)

Host IP Address field

Enter the IP address for the Cluster Port. This is required. Note that you cannot change the address of the Cluster Port later.

Subnet Mask field

Enter the netmask for the port's IP address. This is required.

Connect to another network via this enterprise network (Static Route) check box

To configure a static route, check this check box and then enter the following information:

  • Its network IP prefix

  • Its subnet mask

  • Its nexthop IP address

To configure additional static routes, click the Add icon.

From here, do one of the following:

  • To save the settings you have entered in this screen and exit the wizard, click Save & Exit.

  • To return to a previous wizard screen in order to make setting changes, click Previous.

  • To open the next wizard screen, click Next. A message appears, prompting you to confirm the settings you have entered. Click YES to proceed.

    The wizard validates the information you have entered, confirms that the port is up, and notifies you of any settings that need to be changed before you can proceed with the wizard. If the settings you have entered are valid and the port is up, the wizard's Master Appliance Details dialog box opens.

Step 10

Complete the following tasks, then click Save:

  1. Enter the IP address configured for the primary node's intracluster link.

  2. In the Username field, enter maglev.

  3. Enter the password configured for the maglev user.

The wizard validates the information you entered. If this information is correct, the wizard's Cluster Settings screen opens.

Step 11

Enter configuration values for your cluster.

Table 10. Add-On Entries for Cluster Settings

Click here to View/Edit info of Master Appliance in the cluster to be connected link

Click to open the Master Appliance Details dialog box and any of the following information:

  • The IP address configured for the primary node's intracluster link.

  • The password configured for the maglev user.

NTP Servers field

Enter one or more NTP server addresses or hostnames, separated by commas. At least one NTP address or hostname is required.

For a production deployment, Cisco recommends that you configure a minimum of three NTP servers.

Linux Admin Credential

Password and Confirm Password fields

Enter and then confirm the password for the maglev user.

Click here to Generate New Password link

Click if you want to use a Linux password that is generated by Cisco DNA Center. See Generate a Linux Password.

Proxy Server

Proxy Type field

A check box for the proxy type configured for your cluster's primary node (HTTPS) is displayed. To configure the same proxy type for this node, check the check box.

Proxy Server field

Enter the URL or host name of an HTTPS network proxy used to access the Internet.

Note 
Connection from Cisco DNA Center to the HTTPS proxy is supported only via HTTP in this release.

Port field

Enter the port your appliance used to access the network proxy.

User Name field

Enter the user name used to access the network proxy. If no proxy login is required, leave this field blank.

Password field

Enter the password used to access the network proxy. If no proxy login is required, leave this field blank.

From here, do one of the following:

  • To save the settings you have entered in this screen and exit the wizard, click Save & Exit.

  • To return to a previous wizard screen in order to make setting changes, click Previous.

  • To open the next wizard screen, click Next. A message appears, prompting you to confirm the settings you have entered. Click YES to proceed.

    The wizard validates the information you have entered and notifies you of any settings that need to be changed before you can proceed with the wizard. If the settings you have entered are valid, the wizard's Install screen opens.

Step 12

To complete the configuration of your Cisco DNA Center appliance, click Install.

The configuration process takes roughly 90 minutes. The wizard screen continuously updates during the process, indicating the tasks that are currently being completed and their progress, as well as any errors that have occurred.

To view this information in a separate pane, click the View Details link at the bottom of the screen.

To save a local copy of this information as a text file, click .

What to do next

When this task is complete:

  • If you have an additional appliance to deploy as the third and final node in the cluster, repeat this procedure.

  • If you are finished adding hosts to the cluster, continue by performing first-time setup: First-Time Setup Workflow.

Generate a Linux Password

When configuring your appliance, you have the option of using a Linux password that is generated by Cisco DNA Center. To generate this password, complete the following steps:

Procedure

Step 1

From the wizard's Cluster Setting screen, click the Click here to Generate New Password link.

The Generate Password dialog box opens.

Step 2

In the Password Generation Seed field, enter a seed phrase.

The seed phrase can contain letters, numbers, spaces, underscores, and hyphens.
Step 3

Click the Generate Password link.

In the Auto Generated Password field, the seed phrase appears as part of a random and secure password that Cisco DNA Center generates. You can either use this password as is or make any desired changes.

Step 4

When you are happy with the password, click Use Generated Password.

Make sure to save this password for future logins.

Upgrade to the Latest Cisco DNA Center Release

For information about upgrading your current release of Cisco DNA Center, see the Cisco DNA Center Upgrade Guide.