Cisco Secure Equipment Access Quick Start Guide for Industrial Routers

Configure industrial routers to connect to IoT OD

Updated: June 13, 2025

Overview

Use this procedure to configure industrial routers for secure connection and registration with the Cisco IoT Operations Dashboard (IoT OD).

Enable industrial routers to connect securely to the Cisco IoT Operations Dashboard (IoT OD).

This task guides you through configuring your network devices so that they can securely connect and register with the Cisco IoT Operations Dashboard (IoT OD).

Before you begin

Ensure you have access to the device CLI.
Have an appropriate device profile with validated credentials ready on IoT OD.

Procedure

	1.	Create a privilege 15 user by applying the following configuration. The credentials should match the values configured in the Device Profile on the Cisco IoT Operations Dashboard: Example: `conf t username <DEVICE PROFILE USERNAME> privilege 15 algorithm-type scrypt secret <DEVICE PROFILE PASSWORD> end`
	2.	Configure the authentication-related settings and Web Services Management Agent (WSMA) settings. `conf t aaa new-model aaa authentication login default local aaa authorization exec default local ip http server ip http authentication local ip http secure-server wsma agent exec profile exec wsma profile listener exec transport http path /wsma/exec cgna gzip end`
	3.	Configure the Intelligent Device Agent (IDA) transport profile: Enable a secure TLS connection using WebSocket to Cisco IoT Operations Dashboard using TLS with port TCP 443. For the US cluster: `conf t ida transport-profile wst callhome-url wss://device-us.ciscoiot.com/wst/cgna active end` For the EU cluster: `conf t ida transport-profile wst callhome-url wss://device-eu.ciscoiot.com/wst/cgna active end`
	4.	Configure the Connected Grid NMS Agent (CGNA) registration profile. `conf t cgna profile cg-nms-register transport-profile wst add-command show version \| format flash:/managed/odm/cg-nms.odm add-command show inventory \| format flash:/managed/odm/cg-nms.odm interval 3 active url https://localhost/cgna/ios/registration gzip end` Note Once the the configuration is done, the device connects to IoT OD and triggers the registration process.
	5.	(Optional) Enable DNS on the router if it’s not already acquired through the DHCP server. This is important if the router is configured with a static IP and a static default gateway, and no DNS server is explicitly specified. In this example, we use a Cisco DNS. You can use any DNS server. `conf t ip name-server 208.67.222.222 end`

The device securely connects to Cisco IoT Operations Dashboard and completes registration.

What to do next

Verify device registration on the IoT Operations Dashboard and optionally on the device's terminal.

Need help?

Open a support case

(Requires a Cisco Service Contract)

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.