Step 1
|
Click the menu icon () and choose .
|
Step 2
|
In the Discovery window, click Add Discovery.
|
Step 3
|
In the New Discovery window, enter a name in the Discovery Name field.
|
Step 4
|
If the IP Address/Range area is not already visible, expand it and configure the following fields:
-
Discovery Type: Enable CDP by clicking the CDP radio button.
-
IP Address: Enter a seed IP address for Cisco DNA Center to start the Discovery scan.
-
Subnet Filters: Exclude an IP address or subnet from the Discovery scan. To exclude an IP address, enter an individual IP address (x.x.x.x ). To exclude a subnet, enter a classless inter-domain routing (CIDR) address (x.x.x.x/y) , where x.x.x.x is the IP address and y is the subnet mask. The subnet mask can be a value from 0 to 32.
To exclude more IP addresses and subnets, click the add icon ( ).
-
CDP Level: Enter the number of hops from the seed device that you want to scan.
Valid values are from 1 to 16. The default value is 16. For example, CDP level 3 means that CDP will scan up to three hops
from the seed device.
-
Preferred Management IP Address: Click one of the following radio buttons:
|
Step 5
|
Expand the Credentials area and choose the credentials that you want to use.
Choose any of the global credentials that have already been created or configure your own Discovery credentials.
|
Step 6
|
To use existing credentials, select the global credentials that you want to use and proceed to Step 14. If you do not want
to use a credential, deselect it.
|
Step 7
|
To configure new credentials, click Add Credentials.
Note
|
If you configure your own credentials, you can save them future Discovery jobs by checking the Save as global settings check box.
|
|
Step 8
|
For CLI credentials, do the following:
-
Configure the following fields:
Table 1. CLI Credentials
Field |
Description |
Name/Description
|
Name or phrase that describes the CLI credentials.
|
Username
|
Name that is used to log in to the CLI of the devices in your network.
|
Password
|
Password that is used to log in to the CLI of the devices in your network.
For security reasons, re-enter the password as confirmation.
Note
|
Passwords are encrypted for security reasons and are not displayed in the configuration.
|
|
Enable Password
|
Password used to move to a higher privilege level in the CLI. Configure this password only if your network devices require
it.
For security reasons, re-enter the enable password.
Note
|
Passwords are encrypted for security reasons and are not displayed in the configuration.
|
|
-
If you want to save these credentials for future use, click the Save as global settings check box. If you don't click this checkbox, the credentials can be used only for the current Discovery job.
-
Click Save.
|
Step 9
|
For SNMP v2c credentials, click SNMP v2c and do the following:
-
Configure the following fields:
Table 2. SNMPv2c Credentials
Field |
Description |
Read
|
Note
|
Passwords are encrypted for security reasons and are not displayed in the configuration.
|
|
Write
|
Note
|
Passwords are encrypted for security reasons and are not displayed in the configuration.
|
|
-
If you want to save these credentials for future use, click the Save as global settings check box. If you don't click this checkbox, the credentials can be used only for the current Discovery job.
-
Click Save.
|
Step 10
|
(Optional) For SNMP v3 credentials, click SNMP v3 and do the following:
-
Configure the following fields:
Table 3. SNMPv3 Credentials
Field |
Description |
Name/Description
|
Name or description of the SNMPv3 settings that you are adding.
|
Username |
Name associated with the SNMPv3 settings.
|
Mode
|
Security level that an SNMP message requires. Choose one of the following modes:
-
noAuthNoPriv: Does not provide authentication or encryption.
-
AuthNoPriv: Provides authentication, but does not provide encryption.
-
AuthPriv: Provides both authentication and encryption.
|
Auth Type
|
Authentication type to be used. (Enabled if you select AuthPriv or AuthNoPriv as Mode.) Choose one of the following authentication types:
|
Auth Password
|
SNMPv3 password used for gaining access to information from devices that use SNMPv3. These passwords (or passphrases) must
be at least eight characters in length.
Note
|
-
Some wireless controllers require that passwords (or passphrases) be at least 12 characters long. Be sure to check the minimum
password requirements for your wireless controllers. Failure to ensure these required minimum character lengths for passwords
results in devices not being discovered, monitored, or managed by Cisco DNA Center.
-
Passwords are encrypted for security reasons and are not displayed in the configuration.
|
|
Privacy Type
|
Privacy type. (Enabled if you select AuthPriv as Mode.) Choose one of the following privacy types:
-
AES128: 128-bit CBC mode AES for encryption.
-
CISCOAES192: 192-bit CBC mode AES for encryption on Cisco devices.
-
CISCOAES256: 256-bit CBC mode AES for encryption on Cisco devices.
Note
|
-
Privacy types CISCOAES192 and CISCOAES256 are supported only for use with Discovery and Inventory features. Assurance features are not supported.
-
Privacy type AES128 is supported for Discovery, Inventory, and Assurance.
|
|
Privacy Password
|
SNMPv3 privacy password that is used to generate the secret key for encrypting messages that are exchanged with devices that
support encryption standards. Passwords (or passphrases) must be at least eight characters long.
Note
|
-
Some wireless controllers require that passwords (or passphrases) be at least 12 characters long. Be sure to check the minimum
password requirements for your wireless controllers. Failure to ensure these required minimum character lengths for passwords
results in devices not being discovered, monitored, or managed by Cisco DNA Center.
-
Passwords are encrypted for security reasons and are not displayed in the configuration.
|
|
-
If you want to save these credentials for future use, click the Save as global settings check box. If you don't click this checkbox, the credentials can be used only for the current Discovery job.
-
Click Save.
|
Step 11
|
(Optional) To configure SNMP properties, click SNMP PROPERTIES and do the following:
-
Configure the following fields:
Table 4. SNMP Properties
Field |
Description |
Retries |
Number of times Cisco DNA Center tries to communicate with network devices using SNMP.
|
Timeout |
Amount of time, in seconds, between retries. |
-
If you want to save these credentials for future use, click the Save as global settings check box. If you don't click this checkbox, the credentials can be used only for the current Discovery job.
-
Click Save.
|
Step 12
|
(Optional) To configure HTTP(s) credentials, click HTTP(S) and do the following:
-
Configure the following fields:
Table 5. HTTP(S) Credentials
Field |
Description |
Type
|
Specifies the kind of HTTPS credentials you are configuring. Valid types are Read or Write.
|
Read/Write
|
You can configure up to 10 HTTPS read or write credentials:
-
Name/Description: Name or description of the HTTPS credentials that you are adding.
-
Username: Name used to authenticate the HTTPS connection.
-
Password: Password used to authenticate the HTTPS connection. Passwords are encrypted for security and are not displayed in the configuration.
-
Port: Number of the TCP/UDP port used for HTTPS traffic. The default is port number 443 (the well-known port for HTTPS).
The password must contain between 7 and 128 characters, including at least one of the following:
-
Lowercase letter (a to z)
-
Uppercase letter (A to Z)
-
Number (0 to 9)
-
Special character: # _ * ? –
The password cannot contain spaces or angle brackets (< >). Note that some Cisco IOS XE devices do not allow a question mark
(?).
|
-
(Optional) If you want to save these credentials for future use, click the Save as global settings check box. If you don't click this checkbox, the credentials can be used only for the current Discovery job.
-
Click Save.
|
Step 13
|
(Optional) If you have network devices with NETCONF enabled and want Cisco DNA Center to use NETCONF to install, manipulate, and delete the configurations of these devices, click NETCONF and do the following:
-
In the Port field, enter a port number. You can use one of the following ports:
-
Port 830 (default)
-
Any other port that is available on the device
-
A custom port that Cisco DNA Center configures (You can use a custom port only if Device Controllability is enabled. For more information, see the Device Controllability
section in the Cisco DNA Center Administrator Guide.)
)
Note
|
NETCONF is disabled if you choose the Telnet protocol in the Advanced area of the Add Discovery window.
|
Note
|
To discover Cisco Catalyst 9800 Series Wireless Controller devices, you must enable NETCONF.
|
-
If you want to save these credentials for future use, click the Save as global settings check box. If you don't click this checkbox, the credentials can be used only for the current Discovery job.
-
Click Save.
|
Step 14
|
(Optional) To configure the protocols that are used to connect with devices, expand the Advanced area and do the following:
-
Click the names of the protocols that you want to use. A green check mark indicates that the protocol is selected.
Valid protocols are SSH (default) and Telnet.
-
Drag and drop the protocols in the order that you want them to be used.
Note
|
NETCONF is disabled if you choose the Telnet protocol in the Advanced area of the Add Discovery window.
|
|
Step 15
|
Click Discover.
|
Step 16
|
To run Discovery now, click the Now radio button in the Discover Devices slide-in pane and click Start. Otherwise, proceed to the next step.
If you want to discover only new devices, click the Discover only new devices toggle button.
|
Step 17
|
To schedule Discovery for a later time, do the following:
-
Click the Later radio button.
-
Define the start date and time.
-
From the Time Zone drop-down list, choose a time zone.
-
In the Recurrence area, click None, Daily, or Weekly.
-
None: Discovery will not recur.
-
Daily: Enter the interval in days in the Run at Interval (Days) field.
-
Weekly: Enter the interval in weeks in the Run at Interval (Weeks) field.
-
If you have chosen Daily or Weekly for recurrence, check the Set Schedule End check box to define the end date and time.
Note
|
You can discover only new devices in recurrence. The Discover only new devices toggle button at the top is enabled by default.
|
-
Click End Date or End After.
-
End Date: Enter month, date, and year for recurrence to end.
-
End After: Enter the number of occurrences after you want recurrence to end.
-
Click Start.
Click the notifications icon to view the scheduled Discovery. Before Discovery starts, you can click Edit to edit it, or Cancel to cancel it.
The Discoveries window displays the results of your scan.
The Discovery Details pane shows the status (active or inactive) and the Discovery configuration. The Discovery Devices pane displays the host names, IP addresses, and status of the discovered devices.
|