About the Release Notes

We recommend that you use the latest version of Cisco DNA Spaces: Connector.

This release notes document describes what is new or changed, instructions to upgrade to the latest version of the Cisco DNA Spaces: Connector, and open and resolved caveats for each release. Unless otherwise noted, in this document, Cisco DNA Spaces: Connector is referred to as Connector.

Content Hub

Explore the Content Hub, the all-new product documentation portal in which you can use faceted search to locate content that is most relevant to you, create customized PDFs for ready reference, benefit from context-based recommendations, and much more.

Get started with the Content Hub at https://content.cisco.com/ to craft a personalized documentation experience.

Do provide feedback about your experience with the Content Hub.

Cisco DNA Spaces: Connector Overview

The Cisco DNA Spaces: Connector enables Cisco DNA Spaces to communicate with multiple controller efficiently, by allowing each controller to transmit client data without missing any client information.

The Connector gathers and aggregates data from controllers and access points (APs) efficiently and sends aggregated data to Cisco DNA Spaces. The Connector architecture allows multiple controllers and APs to connect to Cisco DNA Spaces through a single point (the Connector). A single Connector can connect to a Cisco Wireless Controller (controller) and a Cisco Catalyst 9800 Series Wireless Controller at the same time.


Note

The term controller is a generic term used to refer to the following. See the Cisco DNA Spaces: Connector Compatibility Matrix for specific details.

  • Cisco Wireless Controller (controller) (indicated on the Cisco DNA Spaces dashboard as WLC AireOS)

  • Cisco Catalyst 9800 Series Wireless Controller (indicated on the Cisco DNA Spaces dashboard as Catalyst WLC)

  • Cisco Embedded Wireless Controller on Catalyst Access Points (Cisco EWC-AP)


The Connector sends data to Cisco DNA Spaces over HTTPS; and can also route the data through a proxy.


Note

We recommend that you upgrade Connector to the latest version.


What's New in Cisco DNA Spaces: Connector 2.2

  • Cisco DNA Spaces: Connector 2.2 has the following new commands:

    • connectorctl checktimezone

    • connectorctl listtimezone

    • connectorctl changetimezone

    • connectorctl enabledebug

    • connectorctl viewdebuglogs

    • connectorctl disabledebug

    • connectorctl restartservices

    • connectorctl servicestatus

    • connectorctl containerstatus

    • connectorctl ntpconfig

    • connectorctl networkconfig

  • Support for AAA on Cisco DNA Spaces: Connector 2.2 is added.

  • Cisco DNA Spaces: Connector 2.2 web UI is updated to include details about gateway, domain, netmask, and NTP server.

  • Cisco DNA Spaces: Connector 2.2 installation workflow updated to include time zone configurations.

  • The following additional Linux commands are now allowed on the restricted CLI:

    • route

    • clear

    • wget

    • who

What's New in Cisco DNA Spaces: Connector 2.1

  • Cisco DNA Spaces: Connector 2.1 CLI now has new commands. The newly added commands are as follows:

    • connectorctl createcsr

    • connectorctl importcacert

    • connectorctl validatecert

    • connectorctl dockersubnet

What's New in Cisco DNA Spaces: Connector 2.0

  • Cisco DNA Spaces: Connector 2.0 allows a specific set of Linux commands on the CLI. Refer to the Restricted Command-Line Interface

  • Cisco DNA Spaces: Connector 2.0 CLI now has new commands. The newly added commands are as follows:

    • connectorctl setproxycert certificate

    • connectorctl lockinterval

    • connectorctl passwordpolicy

    • connectorctl generatecert

    • connectorctl showcert

    • connectorctl techsupport

    • connectorctl ntprestrict ipaddress

    • connectorctl ntpunrestrict ipaddress

Recommended Deployment Architecture

The recommended deployment architecture for Cisco DNA Spaces: Connector is below:

  • Virtual machine size (vCPU): 2

  • RAM: 4 GB

  • Hard Disk: 60 GB

  • NMSP messages/seconds: 10,500

  • AP count: 12,500

  • Client count: 350,000

  • Minimum bandwidth required: 4 Mbps (5k-APs, 60k-Clients).


    Note

    If you are using captive portals, then a minimum bandwidth of 30Mbps is recommended along with a buffer The bandwidth allows for a good enduser experience while loading captive portals from Cisco DNA Spaces.


Cisco DNA Spaces: Connector Compatibility Matrix

Hardware or Application Name

Support for Cisco DNA Spaces: Connector

Cisco Wireless Controller
  • 8.0

  • 8.2

  • 8.3

  • 8.5

  • 8.7

  • 8.8

  • 8.9

  • 8.10

Note 

Use latest software or maintenance release version for each listed release.

Cisco Catalyst 9800 Series Wireless Controllers
  • 16.12.1s

  • 16.12.2s

  • 16.12.3

  • 16.12.4

  • 17.1.1s

  • 17.2.1a

  • 17.3.1

Note 

Use latest software version or maintenance release for each listed release.

Cisco Embedded Wireless Controller on Catalyst Access Points (Cisco EWC-AP)

Supported versions are as follows:
  • 16.12.2s

  • 16.12.3

  • 16.12.4a

  • 17.1.1t

  • 17.2.1a

  • 17.3.1

Note 

Use latest software version or maintenance release for each listed release.

Supported access points are as follows:

  • Cisco Aironet 9115 Series Access Points

  • Cisco Aironet 9117 Series Access Points

  • Cisco Aironet 9120 Series Access Points

  • Cisco Aironet 9130 Series Access Points

Cisco Prime Infrastructure

Not Applicable

Cisco DNA Center

Not Applicable

Cisco DNA Spaces: IoT Services

  • Supported on Cisco Catalyst 9800 Series Wireless Controllers Release 17.3.1 only

  • Not supported on Cisco Wireless Controller

  • Not supported on Cisco Embedded Wireless Controller on Catalyst Access Points (Cisco EWC-AP)

OpenRoaming

  • Supported on Cisco Catalyst 9800 Series Wireless Controllers Release 16.12 and higher.

  • Supported on Cisco Wireless Controller 8.3 and higher.

Supported controllers for Cisco FastLocate

  • Supported on Cisco Wireless Controller Release 8.1.123.0

  • Supported on Cisco Catalyst 9800 Series Wireless Controllers

Supported controllers for Cisco Hyperlocation

  • Supported on Cisco Wireless Controller.

  • Supported on Cisco Catalyst 9800 Series Wireless Controllers

Connector active-active

  • Not supported on Cisco Embedded Wireless Controller on Catalyst Access Points (Cisco EWC-AP)

  • Supported on Cisco Catalyst 9800 Series Wireless Controllers

  • Supported on Cisco Wireless Controller

Tested VMware Environments

  • VMware ESXi: 6.5.0 Update 2 (Build 13004031), 6.7.0 Update 2 (Build 13006603), 6.7.0 Update 3 (Build 16316930)

  • VMware vSphere Client Version 6.7.0

  • VMware vCenter Server Appliance 6.7.0

Tested Proxies

  • Squid Proxy

    • Forward-only mode (SSL Tunneling)

    • Squid-in-the-Middle mode (SSL tunneling with intercept capabilities)

  • McAfee

  • Cisco web security appliance

Tested Access Points for Cisco FastLocate

  • Cisco Aironet 2800 Series Access Points

  • Cisco Aironet 3800 Series Access Points

  • Cisco Aironet 4800 Series Access Points

Tested Access Points for Cisco FastLocate (WiFi 6)

  • Cisco Aironet 9120 Series Access Points

  • Cisco Aironet 9130 Series Access Points

Tested Access Points for Cisco Hyperlocation

  • Cisco Aironet 3700 Series Access Points (Requires hyperlocation antenna)

  • Cisco Aironet 4800 Series Access Points

Connector minimum requirement and sizing

  • 2vCPU

  • 4GB RAM

  • 60 GB Hard Disk

Upgrade the Cisco DNA Spaces: Connector Docker

You can upgrade the Connector docker to the latest version from the Connector launched from the Web UI using the link provided during installation. The upgrade link appears only if a new upgrade image is available.


Note

This task does not upgrade the Connector OVA.


Figure 1. Docker Upgrade link on the Connector

You can also upgrade the Connector docker to the latest version from Cisco DNA Spaces dashboard. The upgrade link appears only if a new upgrade image is available.

Figure 2. Docker Upgrade link appears only if new image is available
Figure 3. Upgrade link on the Cisco DNA Spaces dashboard

Troubleshoot Cisco DNA Spaces: Connector

The following subsections provide information about how to troubleshoot Cisco DNA Spaces: Connector.

Unable to launch Connector web UI from MAC Catalina with Chrome

This error occurs on the MAC operating system Catalina when you use the Google Chrome browser to launch the Connector web UI. There isn't an option to proceed further from the Your Connection is not Private dialog box.
Figure 4. Error Message

SUMMARY STEPS

  1. Save the Connector web UI certificate by dragging it to the desktop.
  2. From the Finder window, choose Applications > Utilities > KeyChain Access. Drag the certificate from the desktop and drop into to the Certificates folder.
  3. Double-click the added certificate, and in the dialog box that is displayed, click the Always Trust option.

DETAILED STEPS


Step 1

Save the Connector web UI certificate by dragging it to the desktop.

Figure 5. Drag certificate to the desktop
Step 2

From the Finder window, choose Applications > Utilities > KeyChain Access. Drag the certificate from the desktop and drop into to the Certificates folder.

Figure 6. Manually Adding The Certificate to Keychain Access
Step 3

Double-click the added certificate, and in the dialog box that is displayed, click the Always Trust option.

Figure 7. Select Always Trust

What to do next

Attempt to launch the Connector web UI once again using the Google Chrome browser.

Caveats

The following sections provide information about the open and resolved caveats pertaining to Cisco DNA Spaces: Connector.

Cisco Bug Search Tool

Caveats describe unexpected behavior in a product. The Open Caveats section lists open caveats that apply to the current release and may apply to previous releases. A caveat that is open for a prior release and is still unresolved applies to all future releases until it is resolved.

The Bug Search Tool (BST) at https://tools.cisco.com/bugsearch/ is an online successor to the Bug Toolkit. The BST is designed to improve the effectiveness in network risk management and device troubleshooting. The BST allows partners and customers to search for software bugs based on product, release, and keyword, and aggregates key data, such as bug details, product, and version. The tool has a provision to filter bugs based on credentials to provide external and internal bug views for the search input.

For more information about how to use the Cisco Bug Search Tool effectively, including how to set email alerts for bugs and to save bugs and searches, see the Bug Search Tool and FAQs page.

Open Caveats in Cisco DNA Spaces: Connector, Release 2.2

Table 1. Caveats

Caveat

Description

CSCvt28589 cmxadmin user cannot access Connector Web UI when AAA is configured

CSCvt29826

AAA with IPSec enabled does not work when certificate generated on connector is of key type ECDSA

CSCvt63222

Cisco DNA Spaces: Connector Upgrade From 1.0 to 2.2 fails.

Open Caveats in Cisco DNA Spaces: Connector, Release 2.1.1

Table 2. Caveats

Caveat

Description

CSCvr68037 Re-configuring of proxy fails after upgrade from Connector 2.0 to Connector 2.1.1. You must install a new OVA or contact support to install the patch.

Resolved Caveats in Cisco DNA Spaces: Connector, Release 2.2

Table 3. Caveats

Caveat

Description

CSCvr67351

Cisco DNA Spaces: Connector allows root login via command line interface.

CSCvr68037

Re-configuring of proxy fails after upgrade from Connector 2.0 to Connector 2.1.1. You must install a new OVA or contact support to install the patch.

Resolved Caveats in Cisco DNA Spaces: Connector, Release 2.1

Table 4. Caveats

Caveat

Description

CSCvp77288

Cisco DNA Spaces: Connector appears to be built using ESXi 5.5.

CSCvp77214

Cisco DNA Spaces: Connector deployment attempts to list the OS as RedHat.

CSCvq38246

Cisco DNA Spaces: Connector download logs button does not work.

Resolved Caveats in Cisco DNA Spaces Connector, Release 1.0.188

Table 5. Caveats

Caveat

Description

CSCvo04257

DMS Agent does not validate SSL certificates during HTTPS requests without a proxy.

CSCvo21259

Time on the Connector Web UI is incorrect and difficult to read.

FAQs

Which are the Tested Browsers?

Cisco DNA Spaces: Connector has been tested on the following browser:

  • Google Chrome

Which Are the Tested VMware Environments?

  • VMware ESXI 6.5.0 Update 2 (build 8294253), ESXi 6.7.0

  • VMware vCenter Server Appliance 6.7.0

  • VMware vSphere 6.5.0

Which Are the Proxies Tested with Cisco DNA Spaces: Connector?

The following proxies have been tested with Cisco DNA Spaces: Connector:

  • Squid Proxy

    • Forward only mode (SSL Tunneling)

    • Squid-in-the-Middle mode (SSL Tunneling with Intercept Capabilities)


    Note

    When using Squid Proxy in Squid-in-the-Middle mode, you must disable interception of the WebSocket domains. Add the following lines to your Squid config file before the “ssl_bump bump all” section.

    • acl websocket_sites ssl::server_name .location-data.cisco.com

    • acl websocket_sites ssl::server_name .dms.cisco.com

    • ssl_bump splice websocket_sites


  • McAfee

  • Cisco Web Security Appliance