06-08-2022 12:18 AM
Hi Dears,
we added some switches to our DNA center, after that we notice the DNA login to switches many time at a day. this process effect on our ISE system. therefore is there any method to limit the number of DNA center to login to switches even Resync Interval is configure to 1440 minutes
06-08-2022 01:13 AM
- Ref : https://www.cisco.com/c/en/us/td/docs/cloud-systems-management/network-automation-and-management/dna-center/hardening_guide/b_dnac_security_best_practices_guide.html#id_108831 , I acknowledge that this is kind of the reverse , but perhaps it could slow down DNA login-activity too.
M.
06-08-2022 02:30 AM
Dear @marce1000
Thanks for your reply, if i don't find any method i will try this may be it can limit the DNA.
06-08-2022 02:34 AM
Hi
If you are OK with the Resync interval of 1440, you can change the "Update Polling Interval. ".
"In the Polling Time field, enter the time interval (in minutes) between successive polling cycles. Valid values are from 25 to 1440 minutes (24 hours). "
06-08-2022 10:43 AM
i already set the Network Resync Interval to 1440 min. in DNA version 2.2.3 and above You can update the polling interval at the global level for all devices by choosing System > Settings > Network Resync Interval. Or, you can update the polling interval at the device level for a specific device by choosing Device Inventory. When you set the polling interval using the Network Resync Interval, that value takes precedence over the Device Inventory polling interval value.
09-28-2023 01:15 PM
We are facing the same problem.
There are several accesses via SSH from the DNA on the Switches in less than 1 minute and each access generates logs in the ISE.
We have Tacacs configured on the Switches and we can see authorization logs for commands such as "show logging" and others.
Is these multiple hits in less than 1 minute normal?
09-28-2023 01:26 PM
@danibqb01 Your Cisco DNA is probably responding to an SNMP trap to collect more information about a potential issue. Best way to stop the logins is to figure out what the switch is complaining about. Check for reported Issues in Cisco DNA Assurance for that specific switch and fix the root cause there.
09-28-2023 02:18 PM
@Preston Chilcote Perfect, I'll check and let you know! Thanks.
02-26-2024 01:04 PM
Hello danibqb01
Did you ever find a solution to the constant logging in from DNA?
We are experiencing same issue on latest version of DNA. We have double checked our switches and all look normal.
Thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide