For host onboarding within a fabric, we have the option to configure the switchport using either 'Port Assignment' within DNA Center or by dynamically returning the IP pool VLAN ID/name from ISE. Is it also possible to configure the switchport manually if needed by logging into the fabric edge switch and configuring 'switchport access VLAN XXX' or via a DNA Center template?
You can configure it manually, but DNAC might overwritte it (considering that DNAC uses a "default" auth template on every port, even it its set to No Auth). Templates would be good.
If you need to do this, we recommend using Templates. Either way, you should test this in a lab or a non-critical area of the network before deploying network-wide.
Senior Technical Marketing Engineer
Enterprise Networking and Cloud Group
Hi, you can configure the port manually, just don't forget to save the conf on the switch and then do a resync on DNA, this will help to maintain the device in compliance. We had to tweak the authentication policy-maps and DNA didn't replace my config. However, I think, not fully sure, but if you reprovision the device DNA will replace your config. Despite that I personally do not recommend manual configuration, you won't run into any problem if you do it, but by leaving the vlan to be dynamically assigned you ensure that your access port configuration is consistent across all your network devices.
Just wanted to add here that starting from DNA Center Release you have the possibility to generate a configuration preview as described in the Cisco DNA Center User Guide https://www.cisco.com/c/en/us/td/docs/cloud-systems-management/network-automation-and-management/dna-center/2-1-2/user_guide/b_cisco_dna_center_ug_2_1_2/b_cisco_dna_center_ug_2_1_1_chapter_01101.html
So it will easier to track if some of your manual done configuration will be overwritten by DNA-C