Information About Transport Layer Security Tunnel Support
The wireless controller requires direct access to a public cloud to implement the teleworker solution using Cisco Office-Extend Access Points (OEAPs). With the introduction of Transport Layer Security (TLS) tunnel support from Cisco IOS XE Amsterdam 17.3.2 onwards, the controller is now able to reach a public cloud automatically. This helps Cisco DNA-C on Cloud to establish TLS communication channels with the controller to perform monitoring and management of wireless solutions.
The TLS connection ensures that the configuration and telemetry are reliably and securely communicated between the controller and the Cisco DNA-C on Cloud. The TLS tunnel encrypts all data sent over the TCP connection. The TLS tunnel provides a more secure protocol across the Internet. After the controller discovery, the Cisco DNA-C on Cloud uses DNA Assurance and Automation features to manage the controller centrally.
Cisco Plug and Play
The Cisco Plug and Play solution is a converged solution that provides a highly secure, scalable, seamless, and unified zero-touch deployment experience.
The Cisco Plug and Play (PnP) agent is an embedded software component that is present in all Cisco network devices that support simplified deployment architecture. The PnP agent understands and interacts only with a PnP server. The PnP agent, using DHCP, DNS or other such methods, tries to acquire the IP address of the PnP server with which it wants to communicate. After a server is found and a connection has been established, the agent communicates with the PnP server to perform deployment-related activities.
For more information on Cisco Plug and Play, see the Cisco Plug and Play Feature Guide.
The TLS over PnP feature is supported on the following controllers:
Cisco Catalyst 9800-80 Wireless Controller
Cisco Catalyst 9800-40 Wireless Controller
Cisco Catalyst 9800-L Wireless Controller