Configuring the Cisco DNA Spaces Connector
To use the Cisco DNA Spaces Connector, first you must install the Cisco DNA Spaces Connector in your local deployment network. Then, you must create a Cisco DNA Spaces Connector in the Cisco DNA Spaces dashboard to generate the token for the Cisco DNA Spaces Connector. Configure this token in the Cisco DNA Spaces Connector to establish a connection between Cisco DNA Spaces and Cisco DNA Spaces Connector. Also, setup connectivity between Cisco DNA Spaces Connector and Cisco Wireless Controller by configuring the Wireless Controller in the Cisco DNA Spaces dashboard.
To configure the Cisco DNA Spaces Connector, perform the following steps:
1. Downloading and Deploying the Cisco DNA Spaces Connector
2. Creating Cisco DNA Spaces Connector and Retrieving the Cisco DNA Spaces Connector Token
3. Setting Up the Cisco DNA Spaces Connector
4. Setting up Connectivity between the Cisco DNA Spaces Connector and Cisco Wireless Controller
Downloading and Deploying the Cisco DNA Spaces Connector
To download and deploy the Cisco DNA Spaces Connector, perform the following steps:
Step 1 Download any of the following versions of Cisco DNA Spaces Connector OVA.
Note Cisco DNA Spaces Connector v2.0 has restricted command line interface. So certain commands added in this document will not work if you are using Cisco DNA Spaces Connector v2.0. To know the commands supported, see Restricted Command Line Interface.
Step 2 Create a virtual machine in the ESXi server, and deploy the downloaded Cisco DNA Spaces Connector OVA.
Step 3 In the log in screen that appears, enter the following username and password.
- username: root
- password: cisco
Figure 1-1 Login screen
Step 4 Enter the network settings by specifying the parameters such as IP address, host name, and so on that you want to configure on the Cisco DNA Spaces Connector.
Step 5 After specifying the network settings, enter yes to confirm.
Step 6 After successful verification of endpoints, you are asked to finalize the network setup within 60 seconds. Enter yes to finalize the network setup.
Figure 1-2 Network Settings
Note Ensure to provide the input within 60 seconds. Otherwise, the configuration will time out and you may have to reconfigure.
Step 7 Enter NTP settings, if required.
Step 8 Create a new password for the root user and cmxadmin user.
The message stating installation is complete appears along with the URL for the Cisco DNA Spaces Connector.
Figure 1-3 Installation Complete Message
Step 9 Press Enter to reboot the device, and open the WebUI using the address provided.
Creating Cisco DNA Spaces Connector and Retrieving the Cisco DNA Spaces Connector Token
Cisco DNA Spaces enables you add Cisco DNA Spaces Connector from the Cisco DNA Spaces dashboard. Cisco DNA Spaces supports multiple Cisco DNA Spaces Connectors, and each Cisco DNA Spaces Connector can be associated with multiple Wireless Controllers.
A token will be generated for each Cisco DNA Spaces Connector added to Cisco DNA Spaces. This token is used to connect Cisco DNA Spaces with Cisco DNA Spaces Connector. Each token is Cisco DNA Spaces Connector-specific, and thereby enables Cisco DNA Spaces to identify the Cisco DNA Spaces Connector.
To create a Cisco DNA Spaces Connector in Cisco DNA Spaces, and to retrieve the token for that connector, perform the following steps:
Step 1 Log in to Cisco DNA Spaces.
Step 2 In the Cisco DNA Spaces dashboard, choose Setup > Wireless Networks.
Step 3 In the Get your wireless network connected with Cisco DNA Spaces area, click Add New.
Step 4 Click Select for Cisco AireOS/Catalyst.
Step 5 In the window that appears, click Select for Via Spaces Connector.
Prerequisites for Cisco DNA Spaces Connector is displayed.
Step 6 Click Customize Setup.
A Connect via Spaces Connector bar appears in the Wireless Networks window.
Step 7 Click the drop down arrow at the far right of the Connect via Spaces Connecto r bar.
Step 8 Click Create a new token that appears at Step 2.
Figure 1-4 Create a New Token
Step 9 In the Create a new token window, enter the name of the connector.
Step 10 Click Generate Token.
Figure 1-5 Generate Token
Step 11 In the window that appears, enter your Cisco DNA Spaces login credentials, and click Submit.
Step 12 In the window that appears, click Copy to copy the token string.
Note A Cisco DNA Spaces Connector is shown as active after its establishes connection with Cisco DNA Spaces.
Note In the View Connectors window, the total number of Wireless Controllers added to a Cisco DNA Spaces Connector is displayed.
Setting Up the Cisco DNA Spaces Connector
You must establish connection between the Cisco DNA Spaces Connector and Cisco DNA Spaces, and do the necessary configurations in the Cisco DNA Spaces Connector to transmit data using Cisco DNA Spaces Connector.
To set up the Cisco DNA Spaces Connector, perform the following steps:
Step 1 Log into the Cisco DNA Spaces Connector using the URL provided during the OVA deployment, https://<IP -address>/ at step 8 of “Downloading and Deploying the Cisco DNA Spaces Connector” section.
Step 2 In the Cisco DNA Spaces Connector window that appears, enter the cmxadmin username and password configured at step 8 of “Downloading and Deploying the Cisco DNA Spaces Connector” section.
Step 3 In the Configuration window that appears, hover over the Settings icon, and choose Configure Token. In the Token window, enter the token copied at step 8 of “Creating Cisco DNA Spaces Connector and Retrieving the Cisco DNA Spaces Connector Token” section, and click Save.
Note When configuring the token, you may have to wait a few minutes (depending on the speed of your connection). The status changes from Configuring Token to Retrieving Connector Status. You will notice that the Configure Token notification is automatically removed from the Cisco DNA Spaces Connector UI.
Step 4 If your device is behind a Proxy, click Setup HTTP Prox y to configure which proxy to use. For more information on configuring the proxy, see the “Configuring a Proxy” section.
Note In this case, without a proxy, the Cisco DNA Spaces Connector will not be able to communicate with Cisco DNA Spaces.
Step 5 Click Privacy Settings to configure privacy settings.
Note You can download logs and update the Cisco DNA Spaces Connector version from this dashboard.
Setting up Connectivity between the Cisco DNA Spaces Connector and Cisco Wireless Controller
To setup connectivity between Cisco DNA Spaces Connector and Cisco Wireless Controller, perform the following steps:
Step 1 In the Cisco DNA Spaces dashboard, choose Setup> Wireless Networks.
Step 2 Click the drop-down arrow at the far right of the Connect via Spaces Connector bar.
Step 3 Click Add Controllers provided at Step 3.
Figure 1-6 Add Controller
Step 4 In the Add Controller window, enter the details of the Connector and Wireless Controller between which you want to establish connection. Specify the details such as Connector name, IP address, name, and controller type.
Note The Wireless Controller IP you configure must be able to reach out to the Cisco DNA Spaces Connector.
Figure 1-7 Add Controller
a. From the Connector drop-down list, choose the connector for which you want add controller.
b. In the Controller IP field, enter the IP address of the Wireless Controller.
c. In the Controller name field, enter the name of the Wireless Controller.
d. From the Controller Type drop-down list, choose the controller type as Wireless Controller.
e. From the Controller SNMP Version drop-down list, choose the SNMP Version of the Wireless Controller.
– If you choose t he SNMP version as v2C, specify the SNMP Community.
– If you choose the SNMP version as v3, specify the SNMP v3 version username, password, and authentication protocol credentials.
Note As the Cisco DNA Spaces Connector certificate needs to be registered with the Wireless Controller, SNMP v2c and SNMP v3 must have read-write permission in the Wireless Controller. The Cisco DNA Spaces Connector does not support SNMP v1.
f. Click Save and Close.
The new Wireless Controller is now listed in the View Controllers window. The Wireless Controller that is connected to the Cisco DNA Spaces Connector successfully appears as active.
Note It takes approximately 5 minutes for the Wireless Controller to be shown as Active. You must refresh your window to view status change. If the Wireless Controller does not have any APs associated with it, then the status will remain as Inactive.
The Wireless Controller added also gets listed in the Controller Details window of the Cisco DNA Spaces Connector.
Figure 1-8 Cisco DNA Spaces Connector window
Note ● You can add multiple Wireless Controllers to a Cisco DNA Spaces Connector.
.Now the Cisco Wireless Controller will be available for import in the Cisco DNA Spaces location hierarchy.
Importing a Cisco Wireless Controller to Location Hierarchy
To import a Cisco Wireless Controller to the Cisco DNA Spaces location hierarchy, perform the following steps:
Step 1 In the Connect your wireless network window, click the drop-down arrow for the Connect via Spaces Connecto r bar.
Step 2 Click Import Controller provided at Step 4.
Step 3 In the Import Controller window, click the radio button for the location for which you want to import the Cisco Wireless Controller.
Ideally, the root location appears for selection. If you have added any Cisco Wireless Controller previously, those controllers also appear for selection. You can import new controllers under existing controllers as additional controllers.
Figure 1-9 Importing Cisco Wireless Controller
Step 4 Make the remaining selections based on whether you select the root location or an existing controller.t
If you have selected the root location, the following window appears.
Figure 1-10 Importing Cisco Wireless Controller
g. Check the check box for the Cisco Wireless Controller that you want to import.
h. Click Next.
If the APs of the Wireless Controller are grouped as networks based on the naming convention, those network names appears. If you want to maintain the same grouping, select the networks. If the APs are not grouped, network names are not displayed.
Figure 1-11 Cisco DNA Spaces Connector window
i. Click Finish.
The Cisco Wireless Controller gets imported under the specified location.
If you have selected an existing controller, the following screen appears:
Figure 1-12 Existing Cisco Wireless Controller
a. Check the check box for the Cisco Wireless Controller that you want to import.
b. Click Finish.
The imported controller gets added as an additional controller under the primary controller selected.
Configuring a Proxy
To configure a proxy, perform the following steps:
Step 1 In the Cisco DNA Spaces Connector dashboard, choose Settings > Configure Proxy to add the proxy server.
Figure 1-13 Configure Proxy
Step 2 Add proxy IP with port.
Format : http://<proxy server IP>:<port>
Figure 1-14 HTTP Proxy
Note You can configure a HTTP or HTTPS proxy.
Step 3 After the proxy is configured, the Proxy Status in the Cisco DNA Spaces Connector dashboard gets changed to Proxy is configured.
Step 4 If any error occurs while configuring the proxy, log into the Cisco DNA Spaces Connector CLI and verify whether you can ping proxy server IP using the following command:
ping <proxy server IP>
Note As there is restricted command line interface, commands added in Step 5 and Step 6 will not work for Cisco DNA Spaces Connector 2.0.
Step 5 In the Cisco DNA Spaces Connector CLI, execute the following command to verify whether a connection can be established to dms.dnaspaces.io and connector.dnaspaces.io through proxy.
docker container exec -it $(docker container ls -q) /bin/bash
curl -X GET -vvv https://connector.dnaspaces.io/ --proxy http://<proxy server IP>:<port>
If the connection is successful, the following result is shown:
HTTP/1.1 200 OK
Step 6 If you are getting any certificate error such as curl: (60) Peer's certificate issuer has been marked as not trusted by the user, perform the following steps to add a proxy server certificate to the Cisco DNA Spaces Connector.
a. Retrieve the certificate used by the proxy, and copy it to the Cisco DNA Spaces Connector.
b. Run the command
connectorctl setproxycert <cert>.
c. Reconfigure the token in Cisco DNA Spaces Connector dashboard.
d. If you want to verify that the certificate is correct, run one of the following commands on the Cisco DNA Spaces Connector (it should respond with HTTP/1.1 200 OK).
– Command for transparent proxies:
curl -vvv https://connector.dnaspaces.io --cacert <cert>
– Command for explicit proxies:
curl -vvv https://connector.dnaspaces.io --proxy http://<proxy server IP>:<port> --cacert <cert>
There is a known issue that will cause the
connectorctl command to say that command failed if you are using a transparent proxy or if you have not configured your proxy through the UI yet. However, if the following message is displayed, the certificate is considered to be configured successfully.
[cmxadmin@connector-1 ~]$ connectorctl setproxycert <cert>
New cert exists.
Starting connector container...
Step 7 If the previous step is not resolving the issue, then you must include the dnaspaces.io domain in the allowed list for your proxy, and exclude it from HTTPS decryption (if enabled on your proxy).
Note Attempting to perform HTTPS decryption on the dnaspaces.io domain can interfere with or prevent the Websocket connections entirely.
For more information on CLI commands, privacy settings, and supported proxies, see https://support.cmxcisco.com/hc/en-us/categories/360000937753-Cisco-DNA-Spaces-Connector.
Cisco DNA Spaces Compatibility Matrix
Table 1-3 Cisco DNA Spaces Compatibility Matrix
Cisco DNA Spaces Features
Cisco DNA Spaces Connector
AireOS 8.0 to 8.5 and later
- Captive portal
- Behavior Metrics
- Operational Insights
- Cloud Location(Beta)
- BLE Manager (Beta)
- SDK (Beta)
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.
The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.
NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE.
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.
All printed copies and duplicate soft copies of this document are considered uncontrolled. See the current online version for the latest version.
Cisco has more than 200 offices worldwide. Addresses, phone numbers, and fax numbers are listed on the Cisco website at www.cisco.com/go/offices.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)
© 2018, 2019 Cisco Systems, Inc. All rights reserved.