Buy or Renew
Buy or Renew
Cisco DNA Center is now Catalyst Center. New name, same great product. Learn more about Catalyst Center here.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
812
Views
0
Helpful
4
Replies

Advice for non SD-Access DNA Wireless design

DJW487
Level 1
Level 1

‎01-12-2023 08:48 PM

Hi all!

I would like some advice regarding DNA, 9800 WLC's, ISE and NPS.

We currently have an HA 9800-CL WLC pair in our data centers controlling AP's across multiple sites in flex-connect mode. All wireless networks are locally switched except a guest network which is centrally switched. We have a captive portal configured in ISE for guest authentication which links to NPS also. We have a network which uses 802.1x device certificates for authentication back to the NPS in the DC's.

The 9800s are linked to DNA for monitoring/assurance purposes only right now.

We want to start using DNA to configure and control our WLC's but at the same time we want to de-centralise the wireless controllers using 9800-CL VM's or perhaps the 9800 controller add-ons for 9300 switches at each of our sites. We will configure NPS locally for each site (for certificate access network), but retain the central ISE (for guest network portal). I believe turning all wireless networks into centrally switched to the local controller will also be of benefit.

Can anyone point me in the right direction for a design document/s to assist with this in the first place? I've been searching but most things come back with SD-Access config documents.

If not I'll start asking more specific questions

 

0 Helpful
4 Replies 4

balaji.bandi
Hall of Fame
Hall of Fame

‎01-12-2023 09:09 PM

here is good guide for WLC in SD-Access :

https://www.cisco.com/c/dam/en/us/td/docs/cloud-systems-management/network-automation-and-management/dna-center/deploy-guide/cisco-dna-center-sd-access-wl-dg.pdf

Good presentation from cisco Live :

https://www.ciscolive.com/c/dam/r/ciscolive/emea/docs/2020/pdf/BRKEWN-2020.pdf

SD-Access  best practices :

https://www.ciscolive.com/c/dam/r/ciscolive/global-event/docs/2022/pdf/BRKENS-2502a.pdf

be cautious if you have any anchoring with 3rd parties for roaming - DNAC has some bugs .

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

DJW487
Level 1
Level 1
In response to balaji.bandi

‎01-12-2023 09:11 PM

Thanks for a quick response. I am deploying it in a traditional network (not SD-Access) and those are the documents I keep finding. However I want to configure it for non SD-Access

0 Helpful

DJW487
Level 1
Level 1

‎02-14-2023 03:41 PM

I have recently been told that the embedded WLC on a Cat 9300 only supports SDA Wireless with DNA.

Can anyone confirm if they have been able to configure non-SDA wireless on an embedded WLC in a 9300 switch?

0 Helpful

jedolphi
Cisco Employee
Cisco Employee
In response to DJW487

‎02-14-2023 10:44 PM

Embedded WLC in Catalyst 9000 switch is only for SD-Access use cases, as per this URL -> https://www.cisco.com/c/en/us/products/collateral/wireless/catalyst-9800-series-wireless-controllers/guide-c07-744299.html
“Embedded Wireless on Catalyst 9000 Series Switch (non-SDA) using WebUI will be End of Support (Q3FY21) with no additional feature development or code changes”.
Please do not use it in non-SD-Access scenarios.
Regards, Jerome
0 Helpful
Customers Also Viewed These Support Documents