Showing results for 
Search instead for 
Did you mean: 

Advice for non SD-Access DNA Wireless design

Level 1
Level 1

Hi all!

I would like some advice regarding DNA, 9800 WLC's, ISE and NPS.

We currently have an HA 9800-CL WLC pair in our data centers controlling AP's across multiple sites in flex-connect mode. All wireless networks are locally switched except a guest network which is centrally switched. We have a captive portal configured in ISE for guest authentication which links to NPS also. We have a network which uses 802.1x device certificates for authentication back to the NPS in the DC's.

The 9800s are linked to DNA for monitoring/assurance purposes only right now.

We want to start using DNA to configure and control our WLC's but at the same time we want to de-centralise the wireless controllers using 9800-CL VM's or perhaps the 9800 controller add-ons for 9300 switches at each of our sites. We will configure NPS locally for each site (for certificate access network), but retain the central ISE (for guest network portal). I believe turning all wireless networks into centrally switched to the local controller will also be of benefit.

Can anyone point me in the right direction for a design document/s to assist with this in the first place? I've been searching but most things come back with SD-Access config documents.

If not I'll start asking more specific questions


4 Replies 4

Hall of Fame
Hall of Fame

Thanks for a quick response. I am deploying it in a traditional network (not SD-Access) and those are the documents I keep finding. However I want to configure it for non SD-Access

Level 1
Level 1

I have recently been told that the embedded WLC on a Cat 9300 only supports SDA Wireless with DNA.

Can anyone confirm if they have been able to configure non-SDA wireless on an embedded WLC in a 9300 switch?

Embedded WLC in Catalyst 9000 switch is only for SD-Access use cases, as per this URL ->
“Embedded Wireless on Catalyst 9000 Series Switch (non-SDA) using WebUI will be End of Support (Q3FY21) with no additional feature development or code changes”.
Please do not use it in non-SD-Access scenarios.
Regards, Jerome