Showing results for 
Search instead for 
Did you mean: 

Choose one of the topics below for Cisco DNA Center Resources to help you on your journey with Cisco DNA Center

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC!
We will not comment or assist with your TAC case in these forums.


Adding existing WLC to DNA Center

Is there any documentation available that could tell me the exact configuration that's pushed to a Cisco AireOS WLC during the discovery phase of adding it to DNA Center? From previous research, I've found two different answers: 1.) DNA Center learns the WLC's existing config and 2.) DNA Center pushes network settings to the WLC.


Can someone please clarify? I would also like to know the exact CLI config that's pushed (if any) from DNA Center to the WLC. Would it be better to just open a TAC case?

Everyone's tags (3)
Cisco Employee

Re: Adding existing WLC to DNA Center

Hi Wade


It depends on what you want to do with the DNAC and the WLC.


You can use a WLC for two roles on DNAC:


Monitor wireless client data using assurance, this is done via telemetry/Netconf and SNMP.  This is the case use of a production network which is already using a WLC with clients registered to it, and customers want to use the DNAC to monitor and create graphs and statistics of networks events on the wireless network.


- To get this functionality, DNAC can discover the WLC and will configure (while device-controlability is enabled), NETCONF required configuration, SNMP credentials if not previously created, HTTP configurations and of course, the required assurance configuration which includes DNAC certificates to enable the connection between DNAC and WLC.


Use the WLC as a part of an SDA Fabric network, to act as a LISP node/RLOC to register clients on SDA Fabric while enabling VXLAN tunnels on the joined APs.

- This feature implies several fabric wireless configuration, such as LISP overlay configuration and configurations for fabric functionality on APs


For the Discovery phase, if device-controllability is enabled, it will push the following:

  • SNMP credentials
  • NETCONF credentials
Subsequent to discovery, devices will be added to Inventory. The following device settings will be enabled when device is added to inventory as part of Device Controllability:
  • Cisco TrustSec (CTS) credentials
  • IPDT enablement
  • Controller certificates
  • Wireless network assurance

If Device Controllability is disabled, Cisco DNA Center does not configure any of the credentials or features mentioned above on devices during discovery or at runtime.


Re: Adding existing WLC to DNA Center

Thank you for the thorough response!


I have one question related to the fabric WLC...


Is it possible to add an existing production WLC for the assurance piece and only configure a certain AP group on that WLC for the fabric? The reason being is because we only want to add a subset of APs on the WLC to an existing SDA fabric. Building new WLCs is out of the question because we need to use "over-the-top" wireless for existing guest services.


The end result is one SSID will be fabric-enabled, while another SSID will still be going "over-the-top". All APs will be associated to an existing production WLC.

CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards