Professional Documents
Culture Documents
Physical and virtual infrastructure Automation for provisioning Platform for extensibility
• Zero-touch deployment • Integrate APIs with third-party solutions
• Device lifecycle management • Integrate and customize ServiceNow
Cisco and third party • Policy enforcement • Evolve operational tools and processes
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco DNA Assurance
From network data to business insights
Traceroute
Complex
Syslog NetFlow correlation Clients Baseline
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco DNA Assurance Architecture
Customer Datacenter Cloud Based
ML Engine)
Cisco DNA Center Assurance UI
Insights
Feedback
Cisco DNA
Automation Cisco DNA Data
Cisco DNA
Assurance Cloud Analytics
Network
Control Network Data Platform
Platform
ssh/NETCONF
Protocols & APIs (WSA, gRPC, SNMP, NetFlow, Syslog, Location, NETCONF, CLI, ...)
CMX
DHC
P
WAN
Internet
Assurance
Enabled
WAN Edge
ACI Fabric
WAN
Shared
Services Core
Distribution
WAN Sites
Access
Enable Assurance across all deployments © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Wireless Assurance Feature by Deployment
model
Network Client Health Client Issue Sensor Intelligent
Health 360 Capture
Local Mode
● ● ● ● ● ●
FlexConnect
(Central Auth) ● ● ● ● ● ●
LocalAuth,
LocalDHCP ● ● ○* ○* ● ●
Mobility Express
● ● ● ● ● ●
Catalyst 9800
(Overlay, Fabric) ● ● ● ● ● ●
*In FlexConnect LocalAuth/DHCP/Assoc mode, Event Viewer and Onboarding Widget, Onboarding Issue has limited
visibility
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Wireless Assurance AP Feature Matrix
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Key Use Cases
Overall
Client Device Wireless Application
Health
Health Health Sensor Health
Dashboard
Use Case: Use Case: Use Case Use Case: Use Case:
Executive Dashboard Client Onboarding (wireless): SLA Monitoring Application
Network Experience Experience
Topics Covered: Topics Covered: Topics Covered:
Topics Covered: Topics Covered:
• Overall Health • Client Health • Day 0 Setup
Dashboard Dashboard • Network Health • Manage 18+ • Application
• Client 360 Dashboard tests Health
• Device 360 • Sensor Dashboard
Use Case: Dashboard • App 360
Level 1 Issue Use Case (wired):
Analysis and Ticket Network Experience
management
Topics Covered:
Topics Covered:
• Network Health
• Global Issues Dashboard
• Service Now • Issues with
Integration Suggested
Actions
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Streaming Telemetry
for Wireless Analytics
Streaming Telemetry
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
*Available with 16.10.1s
Purpose-Built for Cisco DNA Assurance and Cisco DNAC 1.2.8 or later
• HTTP 2.0/gRPC based • Supported from AireOS 8.5 • KPI Parity with AireOS • HTTPS for Automation and
• Anomaly Event, RF Stat, • Real-Time client event • Immediate Event Update reporting
PCAP, Spectrum • Embedded Wireless in • PnP-based Provisioning
• Scheduled and Automated Cat9300 • Fully Managed by DNAC
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
AireOS WLC Provisioning troubleshooting
• Streaming Telemetry Failure -WLC shows “partial collection failure” in Last
Sync Status
• Check following items,
1. Check if WLC has right SNMP Read Only community name
2. Check if Cisco DNAC has right WLC Credential
3. Check if WLC Network Assurance is properly “Externalizing Data”
4. Check if WLC has right time(NTP or manual)
5. Check if WLC properly subscribed necessary channels from WLC GUI,
[MANAGEMENT] [Cloud Services] [Telemetry] [Network Assurance] [Server] [Advanced
Configuration]
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 14
Wireless Assurance with
Catalyst 9800
Cisco DNA Center automatically turns on streaming
telemetry when Catalyst 9800 is added to inventory
1 Download
3
NA Cert
Streaming Telemetry
Automation (NETCONF)
2 data (TDL) using TLS
Script to enable WSA
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 16
Data flow between Catalyst 9800 and Cisco
DNAC
Cisco DNAC
Binary TDL to java TDL
objects + map to NDP Assurance
Schema kafka pipeline
NCP
IOS-XE collector (TLS server)
Assurance-backend
• Subscribe using
NETCONF based
automation Export subscribed data in
• Setup PKI/SSL for • Binary TDL encoding
export • Native TDL model
• Over TLS (not https)
Catalyst 9800
Catalyst 9300 w/ Embedded Wireless
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 17
Wireless Assurance provide feature Parity
between AireOS and IOS-XE based Controller
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 18
Wireless Network
Troubleshooting
Zoom Into most problematic location from global
view
Geomap View
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 20
Latest or Trend view per Network device type
• Health Score assignment is Based on the Cisco Best Practice KPI threshold value
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 21
Actionable Dashboard - Drill-down by KPIs
• Breakdown of Device Health per type, with latest or trend view
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 22
Network Health Score Details
• Health Score = Single KPI that indicate network device and link condition
• Calculated per every 5 min, with 15 min window.
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 23
Network Device Table – Health Drill Down view
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 25
Device 360 – Enhanced Neighbor Topology
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 27
Client Health Dashboard
Client Health Summary Workflow
• All Client or breakdown of the client health site
score for Wired and Wireless clients
• last 5min view is provided across all widgets
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 29
4 Level Wi-Fi connection quality indicator =
Wireless Health Score
• Based on Client connection status & RF quality
• Calculated per every 5 min, using client RSSI and SNR from WLC
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 32
Roaming Times
• Overall Roaming
Performance
• Fast Roam: <150msec
• Slow Roam: Above >3sec
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 33
Client Table and Health Hover
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 34
Troubleshooting Wi-Fi
- Onboarding
Client 360
• Shows Details on specific client
• Application Experience
• Using Router – App Health derived from
Network Delay, App Delay, Packet Loss
• Path Trace Tool for Troubleshooting
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 36
Client 360 – Event Viewer
• Client Onboarding State Analytics
• Always On for All of Clients
• Capture Onboarding Failure,
Roaming Failure, De-
authentication from AP or Client
• Each Events are aggregated per
onboarding session, provide
session details
• Provide Onboarding delay and
duration per each step
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 37
Wireless Client Troubleshooting Start and Stop Full Packet
Capture for AP4800
36
Event
Viewer All or
Failed Onboard Packet
Onboard stage identifier Download
Auto Event Onboard Packet
Packet
Analyzer Onboarding
De-authentication
Packet
Session
Interpacket Gap (ms)
RSSI Chart per Packet bar chart
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Real-Time Client location Tracking
De-authentication Packet
from AP to client 2
on “3:18:54.183 pm”
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 43
Zoom into Client Wi-Fi Onboarding failure
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 44
Troubleshooting Wi-Fi
- RF Interference
Mitigation
Real Time Client RF monitoring
Live On/Off Button
Type of Real Time Client RF Chart - RSSI/SNR, Rx/Tx Data Rate, Tx/Rx Pkt Count, Tx Pkt Retry
Client RF stat is different feature from Onboarding PCAP but scheduled parallelly with same duration
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 46
Monitoring AP RF Insight
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 47
Real Time Spectrum Analyzers
• Persistent FFT
• Swept Spectrogram
• Interferers with
impacted BW
• Available on
AP2800/3800/4800
APs
• Support
Local/FlexConnect and
Monitor mode AP
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 48
Wireless Client
Troubleshooting - Demo
Wireless Issue analysis
DNA-C Wireless Assurance
From Network Data to Business Insights
Unified Network Telemetry Correlation Issues Guided Remediation
Auto Fix It - Future
Contextual Data Complex Event Processing Insights - Now
Clients Baseline
INSI GHTS
Application Network
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 52
Wireless Client Issues Notification
DNA to generate
Client Issue
Onboarding Issue
- Slow, Onboarding/Roaming Failure
• DNAC to correlated, aggregate Client Events from AP& WLC and generate issue
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 53
Wireless Device (WLC & AP) – Issues
DNA to generate
Edge Analytics
AP/WLC Issue
Notification
API
• Smart Edge Analytics can trigger AP Anomaly Event (Beacon Miss, Beacon Recovered) w/ PCAP
• DNAC to correlated, aggregate Device Events from AP& WLC and generate issue
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 55
Issue Grouping
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 56
Enable Intelligent
Capture
Intelligent Capture ~ Key Use-Cases
VIP Assurance
RF Scanner
Automated PCAP*
Spectrum Analysis
HTTPS/JWT
CAPWAP
AP Data (Client & AP Stats) WLC RT stats (client, AP, AAA, etc) DNA Center
Events: onboarding, RRM, etc up to 2 sec.
gRPC, TCP 32656 (PCAP, Anomaly Events, Real Time AP and Client RF Stats) up to 5 sec.
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 59
Intelligent Capture
Automated Stitching from Multiple APs Capture
5 GHz / 36 Ch
11111001 • Auto Decrypted Data Packet
DNA Center
• Capture Across AP, across Floor
Roam 00111101
11111001
00000111
• Pre-Scheduled Packet Capture
00000111
5 GHz / 161 Ch
• Automated Packet Capture
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 60
Intelligent Capture
Three Configuration Step
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 61
Intelligent Capture config on AireOS 8.8
Automated via DNA Assurance
Complicated, error-prone
Intent-based, DNA Automation
Device-level Config
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 62
Intelligent Capture Workflow - Step 1
Device Preparation
Cisco DNAC 1.2.10 – Intelligent Capture
New* Push-based
gRPC/gNMI WSA/JWT Location Update
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 63
Intelligent Capture Workflow - Step 2
Enabling Intelligent Capture
1 Select [Assurance] [Manage][Scheduled Capture]
2 Select Global Auto-Capture Settings
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 64
Intelligent Capture Workflow - Step 3
Enabling Intelligent Capture (Cont’d)
• Toggle AP RF Stat
• Provides real-time RF stats from AP
3
Select Configure Intelligent
Location 4 Capture per AP
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 65
Scheduled On-Boarding Packet Capture
On-boarding capture can be configured
for Up to 16 clients per DNAC
DNAC
AP2800/3800/4800
AP sends packets only for the following On-Boarding
and roaming protocols:
802.11 AUTH, ASSOC, EAP, DHCP, DNS, ARP,
ICMP, 802.11k, 11v, Action Frames
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 66
Scheduling Onboard Packet Capture
1 Note Device Identify of 2 Schedule specific Onboard Packet Capture for specific clients
troubleshooting target device
1. Select Location
2. Run now or
scheduled
3. Up to 8 hours
All APs
Converted into
global command
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 68
Drill-down Onboard Failure debugging session
1 Confirm current/past Onboard Packet Capture session 2 Select Troubleshooting client
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 69
CMX integration CMX
Notify
NMSP Subscribe
Fast Path
WLC DNA-C
AP
• Client updates sent via existing methods using NMSP or Fast Path
• DNAC to subscribe/register for location updates for one or list of clients
• Push-based Client location update from CMX to DNAC
• Enable Hyperlocation support for NTP enforcement
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 70
Real-Time Application Analysis using AP4800
Full Packet Capture
Data Center
• vNAM can be deployed as
Out-of-Band Deployment
Packet Capture
• vNAM is consumer of DNA-C using PCAP
• Packet capture from AP4800
vNAM DNA-C • On-Demand Packet Analysis
WLC • Deployment Agnostics – works on
vNAM retrieve packet
Central, FlexConnect or Fabric mode
capture from DNA-C
• Use-Cases
• RTP (VoIP) analysis
• TCP Analysis
• Real Client Traffic Analysis
AP4800 AP4800 AP4800 • Raw Packet Analysis
• Advantages
• Single Node deployment
WAN Branch/FlexConnect
• Remote node Analysis
• Zero User Throughput Impact
AP4800
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 71
AP4800 Full Packet Capture create two PCAP
files per single capture
• Concurrent, Dual PCAP File capture
• Wireless PCAP
• Wired PCAP
7c468520795e_80211_1530109006495976.pcap 7c468520795e_ethernet_1530109005954280.pcap
BRKEWN-2034
Supported on AP 4800 using 3rd Radio
73
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
vNAM Integration(step1)
vNAM Config
1. data-port 1 ip-address <open IP
address in subnet> Assign an IP
address to data-port 1
Prerequisite 2. cdb-export collector 1 ip-address
<IP of DNAC>
1. NAM 6.4(1) on Appliance or VM
3. Time / sync ntp <NTP server IP>
2. DNAC 1.2.5
3. WLC w/ AireOS 8.8.111.0
4. AP4800
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
vNAM Integration from DNAC Enable DNA Agent Export
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Available Packet Type per Capture
PCAP Type How to Media Type Captured Protocol Features Supported
trigger AP and
capture
method
Onboard On-demand • Wireless 802.11 mgmt. • Auto Packet Analyzer AP2800/380
PCAP or PCAP (Auth, Assoc) • Downloadable from anywhere 0/4800 –
Scheduled Data – (802.1x/EAP, using Web browser Inline-based
or DHCP, DNS, ARP, • Automated Onboard Failure Packet
automated ICMP), PCAP up to 100 packet per capture
Roaming – 802.11k, session
802.11v • Data Packet auto decryption
Block Ack
Full PCAP On-demand • Wireless • 802.11 with Radio • Application Analyzer, AP4800 – 3rd
PCAP Header • Wireless Delay, Wireless Radio w/
• Wired (Mgmt, Control, Packet Loss Chart Self-Sniffing
PCAP Data Frame) • Jitter chart using RTP (Wired & feature
• 802.3 with Wireless)
Ethernet Header • Data Packet auto decryption
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Intelligent Capture Operation and Scale
DataType Operation Scale
Single Client Device
Full Packet Capture On-Demand
(1 client at any point in time on DNA Assurance)
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Intelligent Capture FAQ
• Bandwidth Consumption modeling – Intelligent Capture is essentially On-
demand, scheduling-based feature
• BW consumption only occurs when each feature get turned on
• Partial Packet Capture
• Spectrum
• On-Demand Full Packet Capture : Client BW consumption x 2 (wired, wireless)
• Catalyst 9800 platform Intelligent Capture support – scheduled on 16.12.1
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Client Insights using
Wireless Sensor
Two Formfactors, Two Difference Purposes
Clients Baseline
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 80
Sensor Dashboard
• Sensor Test Result Dashboard
• Top N Location, Top N APs by failure
• Sensor Test Performance
• Common filter set as Client Health Page
• Network Time Travel Navigation up to 7 Days
• Customizable Dashlet
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 81
Sensor Test result drill down
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 83
Sensor Feature Matrix
Note: Sensor is dedicated to Wireless client mode. No AP service available when it’s on AP-as-a-Sensor
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 84
Schedule Sensor Testing: Step2
Select tests and Assign Sensor
Setp3. Select Tests
Sensor – Target AP Threshold
RSSI Threshold: -35 ~ -90 dBm
Target AP # : 1 ~ 5
Step 4.
Select Test Sensor
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 85
Proactive Wireless
Testing Sensor - Demo
How to setup
Sensor
Sensor Workflow
Day-0 Day-1 Day-2
SensorProvisioning
Sensor Provisioning Sensor Test Config Sensor
Sensor Upgrade
Upgrade
- Sensor Profile creation - Select Onboard SSID - Upgrade using DNAC
- DNAC Discovery - Network Test - Upgrade using CLI
- Claim - Performance Test
- Map Placement (Speed Test, SLA)
- Application Connectivity
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 88
DNAC Discovery from
Sensor
Two types of Sensor, Two types of discovery
path to DNAC
AP1800/
WLC
AP2K/3K/4800*
WSA Channel
DNAC
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Dedicate Sensor discover DNA Center via DHCP
Option 43 or DNS Hostname
AP1/2/3/4800
WLC
https (JWT)
DNA Center
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 91
DNAC Discovery using
DHCP/DNS Server
From DHCP Server From DNS Server
• If Option 43 field is already
used for other purpose, Use
conditional Option 43 using
VCI string. AP1800S’s VCI
string is “Cisco AP c1800”
OR
• Alternatively, DNAC IP
Address can be manually
provision from CLI Console
(AIR-CONSADPT=)
# config dot11 sensor pnp ip
Create Option 43 <xxx.xxx.xxx.xxx>
“5A1N;B2;K4;I10.13.1.100;J80" Create entry “PNPSERVER”
10.13.1.100 – DNAC IP Address and assign DNAC IP Address
BRKEWN-2034
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 92
Create Backhaul SSID Profile for Sensor
1. Create Wireless SSID Settings for Sensor Test report 2. Create Wireless SSID for Sensor
[DESIGN] [Network Settings][Sensor Settings]
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 93
Sensor Provisioning
Step 0
Before Claim Sensor, Let’s change sensor name
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 95
Step 1
Assign Sensor Provision profile to Sensors
[PROVISION] [Devices][Unclaimed Devices]
1
1.
1 Go to [Provision] Menu then
2 2.
2 Go to [Plug and Play], confirm newly discovered
AP1800S, appeared as “UNCLAIMED” Status
3.
3 Select newly discovered AP1800
New AP1800S sensor will appear once Sensor discovers DNAC via
DHCP Option 43 or DNS Host name “PNPSERVER”
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 96
Step 2
AP1800S Sensor Provisioning
Assign Sensor Provision profile to Sensors
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 97
Step 3
AP1800S Sensor Provisioning
Place Sensor to actual sensor location
[DESIGN] [Network Hierarchy]
One device is pending for placement
Note: Once AP1800S provisioned and assigned to floor, Admin need to place
Sensor to actual location on the map using DESIGN module
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 98
Sensor using Wireless
Backhaul
Step1. On WLC
Create Wireless Provisioning SSID for AP1800S
• Off-the-self AP1800s sensor can connect
wirelessly using “CiscoSensorProvision”
SSID
• Hidden SSID
• WLC Internal AAA – EAP-TLS
Trigger
following
changes
Ensure that the SSID name and security matches an existing WLAN in the WLC
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 101
Sensor-Driven Test
Config
Convert AP as a Sensor using DNAC automation
1 ssh
WLC
DNA Center
2
AP1/2/3/4800
AP as a Sensor
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 103
Sensor-Test config gets downloaded to each
type of sensor
WLC
DNA Center
AP1/2/3/4800
AP as a Sensor
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 104
Sensor-Test result traverse directly to DNAC
WLC
DNA Center
Wired PoE
AP1800S
Dedicate Sensor AP1/2/3/4800
Sensor Test result is directly reported to DNAC using Wireless Backhaul SSID or
Wired Backhaul. Make sure Sensor can directly communicate to DNAC
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 105
Sensor Software
Upgrade
10 Step Sensor Image Upgrade through DNAC
Prep - Image Management Upgrade from PROVISION
5 Select Upgrade Target Sensor
1 Download Image from CCO
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Conclusion
Cisco DNA Wireless Assurance
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 109
Cisco Webex Teams
Questions?
Use Cisco Webex Teams (formerly Cisco Spark)
to chat with the speaker after the session
How
1 Find this session in the Cisco Events Mobile App
2 Click “Join the Discussion”
3 Install Webex Teams or go directly to the team space
4 Enter messages/questions in the team space
cs.co/ciscolivebot#BRKXXX-xxxx
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 110
Complete your online
session survey
• Please complete your Online Session
Survey after each session
• Complete 4 Session Surveys & the Overall
Conference Survey (available from
Thursday) to receive your Cisco Live T-
shirt
• All surveys can be completed via the Cisco
Events Mobile App or the Communication
Stations
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 111
Continue Your Education
BRKEWN-2034 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 112
Thank you
Backup
DNAC Setup
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
DNA center assurance and automation
Install Discover Assure
If sites have been
These tasks run in the background
created already, you can Run discovery
skip to run discovery and (ping sweep or CDP)
add devices to sites
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
DNA Assurance - Getting Started Workflow
Provision
Telemetry
Configuration
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Getting Started Workflow – Network Discovery
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Getting Started Workflow – Assign Device to Sites
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Min SW and HW Requirements for DNA
Assurance
• Controllers supported:
• DNA Optimized Infrastructure: CT 3504, 5520 and 8540, ME (production beta)
• APs Supported
• DNA Optimized Infrastructure: Wave 2 APs (1810, 1815, 1830, 1850, 2800, 3800, 4800, 1540, 1560)
• Other APs supported: Wave 1 APs (1700, 2700, 3700) and 11n APs (700, 1600, 2600, 3500 and 3600)
• Sensor Support1:
• AP as a Sensor - AP 1800, 2800, 3800, 4800 2
• Dedicated Sensor - AP 1800S
• SDA is only supported on Wave 1 and Wave 2 APs
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Wireless Assurance
Troubleshooting
General Troubleshooting
• Make sure NTP is configured across all components
• Make sure that all devices on the DNAC inventory page are Reachable and
Managed. If any device is not Reachable and Managed, then select the
device(s) and use the Actions => Resync to establish the connection.
• Make sure that all devices on Assurance => Health => Network are in an
assigned location. If any device is not assigned to a location, then go to
the Provision page, select the device(s) and use the Actions => Assign
Device to Site action to assign the device(s) to a site/location.
• Using the WLC GUI, check page Advanced => Management > User
Sessions to make sure there are less than 4 user sessions. If there are
more, then delete oldest sessions until there are less than 4.
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Catalyst 9800 Provisioning in Cisco DNAC
• Discovery – Ensure NETCONF is enabled on the device and device version
is 16.10 and above. Also ensure that NETCONF with port is selected during
discovery via DNAC UI
• After successful discovery and device going to be managed state,
following subscriptions are pushed
• Network Assurance Cert
• Network Assurance Config enablement including url, icap port
• Telemetry Subscriptions
• DNAC-CA and sdn-network-infra-iwan trustpoints
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Catalyst 9800 Wireless Streaming Telemetry
subscription
• On change and periodic subscriptions
• On change – immediately on any change in any of the table fields
• Periodic – predefined intervals
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Intelligent Capture Troubleshooting
AP debug (1/2)
• show ap icap telemetry: configs that is pushed to gRPC regarding to stats
enable/disable and frequencies.
• debug grpc server <debug/ info… >: to set the debugging level of grpc-server
• show grpc server log: to show the logs of grpc-server
• debug trace kernel level <detail/warning… >: this turns on aptrace logging on
console
• debug trace user level <detail/warning…>: this turns on anomaly-detection engine
logging to be saved to /var/log/aptraced.log
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Intelligent Capture Troubleshooting
AP debug (2/2)
• show ap icap anomaly-detection: configs of anomaly-detection, type of packets
analytics engine received, counters for events generated, and memory usage for
queued events
• show ap icap config <connection …>: ap saved config history for anomaly-detection,
connection, … etc
• show ap icap connection: configs of gRPC server and port, JWT and stream status,
timestamps for last success/failure, counters for attempts/ failures.
• show ap icap packets: counters for everything that is sent over gRPC, eg., partial
packet capture count, radio stats count… etc
• show ap icap subscription: configs that is pushed to gRPC server on AP, eg., Full-
packet-trace enable/ disable, Partial-packet-trace MAC filters… etc
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Sensor Troubleshooting Commands
• CLI Commands for troubleshooting. These are to be ran from the sensor AP console
(telnet/ssh)
#config dot11 sensor pnp ip [DNAC_IP Address] – Manually provision DNAC IP
Address to Sensor
#clear dot11 sensor – Reset Sensor config to default
#show dot11 sensor heartbeat status - A heartbeat between DNAC and the sensor
occurs every 60 seconds. Run this command to see the status and last success time of the
heartbeat – If fail confirm connectivity to DNAC
#show dot11 sensor test result -This shows the results of the test that the sensor has
ran. These results flow directly to the DNAC and do not go thru the WLC
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Sensor Troubleshooting Commands
#show dot11 sensor test config - This shows the configuration that the
Sensor has received from the DNAC thru the WLC.
#show dot11 sensor synthetic work list - This shows details for each tests
that the sensor will execute
#show dot11 sensor stats - Look for “Total Test Cases Ran”, “Successful Test
Cases” and “Failed Test Cases”. This gives in indication of how many tests the sensor
has performed and the overall status of those tests. Note this also includes radio stats
and does show you if DNAC connectivity is enabled
#show dot11 sensor scan list - This shows the AP’s that the sensor can hear
and at what signal level. Only AP’s with RSSI of -75 or higher are tested against
#debug wsa debug - Use ‘term mon’ to view the full debug output from the wsa
debug
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
CMX Integration
CMX-DNA Center integration
• DNA Center 1.2.x • CMX 10.4.1.15 and above
36
10.10.1.25
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public