Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
835
Views
10
Helpful
5
Replies

LAN Automation - Have to AUTHORIZE via PNP page??

Go to solution
mattw
Level 1
Level 1

‎11-07-2022 10:00 AM

Hello,

I'm working on a new SDA deployment with a customer. They have a single DNAC running 2.3.3.5, ISE 3.1, borders are 2x 9500-48Y4C running 17.6.4 and Edge switches are WS-C3650-12X48FD running 16.12.3s.

When I LAN automate, in the LA section of DNAC, the status goes to In Progress, the new switch shows as claimed, interface and Loopback IPs are shown as reserved in the LA log. But it just sits there forever.

If I go to the PNP page in DNAC I see the new switch in the "Pending Authorization" state with the onboarding progress bar at 40%. Again, it sits here forever.

In the PNP section, I have to select the switch > actions > authorize for LAN automation to complete.

Is this normal behaviour nowadays or have a missed something somewhere? It's not the end of the world, I'm just surprised I have to do this for LA to work.

Any and all advice gratefully received.

Many thanks in advance,

Matt.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
PabMar
Cisco Employee
Cisco Employee

‎11-08-2022 01:55 AM - edited ‎11-08-2022 02:00 AM

Hi Mattw,

Please go to Systems > Settings > PnP Device Authorization and uncheck the box "Device Authorization" so you don't have to do it manually during the workflow.

PabMar_0-1667901327818.png

 

The idea is that with that checkbox, you have to manually authorize devices being onboarded.

If someone had a switch plugged in that is not supposed to be Lan Automated, DNAC would just go ahead and deploy it automatically without you approving of it. This adds a bit of extra protection to the LAN Auto workflow when it comes to unauthorized devices.

Regards,

Pablo.

View solution in original post

5 Replies 5

Go to solution
PabMar
Cisco Employee
Cisco Employee

‎11-08-2022 01:06 AM

 

Hi Mattw,

Here you have two LAN Automation guides:

Cisco DNA Center SD-Access LAN Automation Deployment Guide

LAN Automation: Step-by-step deployment guide and Troubleshooting

Remember that the LAN Automation is a two step workflow, where by you:

1. Start the LAN Automation

and then

2. Stop the LAN Automation (you have to go to the LAN Auto status page and click stop)

Let me know if that helps.

Regards,

Pablo.

0 Helpful

Go to solution
mattw
Level 1
Level 1
In response to PabMar

‎11-08-2022 01:21 AM

Hi Pablo,

Thank you for your note. I'm well aware that you have to start and then stop the LAN automation. I have no problem with that at all.

But why do I have to go into the PNP page, select the switch and then click AUTHORIZE for it to finish the first step?

0 Helpful

Go to solution
PabMar
Cisco Employee
Cisco Employee

‎11-08-2022 01:55 AM - edited ‎11-08-2022 02:00 AM

Hi Mattw,

Please go to Systems > Settings > PnP Device Authorization and uncheck the box "Device Authorization" so you don't have to do it manually during the workflow.

PabMar_0-1667901327818.png

 

The idea is that with that checkbox, you have to manually authorize devices being onboarded.

If someone had a switch plugged in that is not supposed to be Lan Automated, DNAC would just go ahead and deploy it automatically without you approving of it. This adds a bit of extra protection to the LAN Auto workflow when it comes to unauthorized devices.

Regards,

Pablo.

Go to solution
mattw
Level 1
Level 1
In response to PabMar

‎11-08-2022 02:39 AM

Thank you Pablo,

I have found the above setting and it was checked/enabled so I have unchecked/disabled the option and saved it. Let's see if this resolves the issue. If so, I will update this thread.

Many thanks!

0 Helpful

Go to solution
mattw
Level 1
Level 1
In response to PabMar

‎11-09-2022 12:24 PM

Sorry Pablo, forgot to update you yesterday but your solution worked perfectly. Thank you very much.

Customers Also Viewed These Support Documents