Showing results for 
Search instead for 
Did you mean: 

Choose one of the topics below for Cisco DNA Center Resources to help you on your journey with Cisco DNA Center

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC!
We will not comment or assist with your TAC case in these forums.


Cisco DNA

give me a brief details of the prerequisitions to set up the DNA in my network of 1000 users?

Rising star

Re: Cisco DNA


We are working on an answer to your request and will have that information to you soon.

Thank you for your patience,

Kelli Glass

Moderator for Cisco Customer Communities

Re: Cisco DNA

I also have the question on the prereq's for setting up a network with DNA.


Cisco Employee

Re: Cisco DNA

DNA is not really an individual product but an over-arching End-End architecture that combines Virtualization, Automation and Assurance. I think what you really mean is the DNA-center which is the Automation and Assurance solution. From the network infrastructure point of view, your network switches, AP's/WLC's etc should have either of the DNA essentials or DNA advantage subscription licenses.  DNA-center 1.0 will be a Controlled Availability release this month that runs on an appliance DN1-HW-AP. This is essentially an SDN controller/Policy Orchestration engine and Assurance module within the single platform. In August, you will get Base Automation capabilities such as Network PNP, Inventory, Wireless profiles, Site Hierarchies, Image management etc with the DNA essentials licensing and Advanced Automation capabilities such as Software defined Access (SDA) with DNA Advantage. Assurance and other capabilities will be available in November with DNA-center 1.1.

Cisco Employee

Re: Cisco DNA

Checklist for DNA Center Installation

  • DNA Center Appliance (DN1-HW-APL) installation as a VM or custom UCS server is not supported.
  •  Review environmental requirements in Installation Guide and provision for 2 x PSUs.
  •  Network Patch Requirements for each DNAC Appliance (based on best practice recommendations)
  1. Appliance Management port – CIMC (recommended)
  2. 10Gbit port [enp9s0] - Enterprise Network
  3. 10Gbit port [enp10s0] - Intra Cluster Link
  4. 1Gbit port [enp1s0f0] - Management (optional *)
  5. 1Gbit port [enp1s0f1] - Cloud Update Connectivity (optional *)
  •  Additional Settings for Configuration Wizard
  1. DNS Server IP Address (1 required, 2+ recommended)
  2. NTP Server IP Address (1 required, 2+ recommended)
  3. Proxy Server IP Address (required if direct internet access is not available – http proxy only)
  4. Proxy server port if required
  5. Proxy server username / password if required

Note: * Required only if the Management network and/or the Cloud Update server is not reachable via the Enterprise Network.

  • DNA Center Cluster
  1. Cluster Virtual IP Address – Used to connect to the Enterprise Network
  2. This IP Address should be taken from the Enterprise Network subnet
  3. The Cluster Virtual IP must not be same as any of the node IP address (because it floats around the live nodes)
  4. Cluster subnet and Service subnet address pool - /21 subnet for each
  5. Used for internal cluster communications and should not conflict with any other IP in the Enterprise Network
  •  For each DNA-C Appliance
  1. CIMC – Management of the DNAC Appliance hardware (recommended)
  2. Enterprise Network – Interface that is connected to the Enterprise network
  3. All DNA appliances should be in the same subnet as the Cluster Virtual IP address (see above)
  4. Intra Cluster Link – isolated network used for communication between the DNA Center cluster nodes
  5. All DNA appliances should be in the same VLAN
  6. Management (Required*) – (Management port IP address) used to access the DNA Center GUI
  7. Cloud Update Connectivity (optional *) used to update the DNA Center software

Note: The Intra Cluster Link IP address and the Cluster/Service subnet address pools cannot be changed after installation.


Installation Best Practices

  • Always treat DNA-C as a cluster & plan for a “cluster”.
  1. Standalone box is a “single node cluster”.
  • Provision for separate intra-cluster link on day 1
  1. Changing the intra-cluster link from one interface to another is not supported.
  • Provision for Cluster Virtual IP on day 1.
  1. Network Devices will continue to see the same IP when more nodes are added
  • Use a complete private network for intra-cluster link (no other machines should be in this network).
  • Use isolated L2 domain (all clusters must be in the same L2 domain).
  • Ensure < 10ms latency (RTT) across the intra-cluster link.

Cloud Connectivity Requirements

The following URLs need to be accessible from the DNA Center for various operations


Use Case


DNA Center Update package downloads



Smart Account and SWIM Software Downloads


Rendering Geo-Maps on the DNA Center UI


Meraki Integration


IPAM Integration

URL for the IPAM-server

User feedback

Cluster Bring Up Best Practices

  • Bring up first node: complete the installation (along-with Virtual IP, intra-cluster link) and let the services come up
  • Bring up the second node: let the installation complete
  • Bring up the third node
    • Remember 2-node DNAC cluster cannot withstand a node failure (One node crash will lead to stall of the other node)
    • 2-node cluster is not a supported deployment model

Pre-Requisites for Assurance

  • What is required to add devices into DNAC?

Ensure the following ports are open in ACLs/Firewalls between DNAC and network devices:



snmp poll

snmp trap




ICMP echo and reply








    • CLI and SNMP details are required for DNAC to discover devices:
    • SSH/Telnet Login (Privileged / RW)
    • SNMP v2/v3 community (RO)
  • Syslog, SNMP Trap, and Netflow will be configured by DNAC in a later step (Telemetry settings) and do not need to be manually configured before adding the device into DNAC
CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards