Cisco Community
English
Register
Great changes are coming to Cisco Community in July. LEARN MORE
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
961
Views
0
Helpful
5
Replies
Fidel Ernesto Gonzalez Baez
Beginner
Beginner
‎02-11-2020 09:59 AM
‎02-11-2020 09:59 AM

Host Onboarding Vlan ID Modification

Hi, 

 

I would like to know if it is possible to modify the vlan ID assigned dynamically  when host onboarding provisioning  is configured. 


if it is possible, i would like to know how i can do it.

 

Br, 

Fidel Gonzalez

Labels:
0 Helpful
1 ACCEPTED SOLUTION

Accepted Solutions
ldanny
Cisco Employee
Cisco Employee
‎02-17-2020 12:56 AM
‎02-17-2020 12:56 AM

Hi Fidel,

Please see following Guide on How to Onboard Endpoints with ISE in SD-Access.

How to SDA Host Onboarding with ISE

View solution in original post

0 Helpful
5 REPLIES 5
Mariusz Kazmierski
Cisco Employee
Cisco Employee
‎02-11-2020 11:26 AM
‎02-11-2020 11:26 AM

Hi, 

 

If you go with dot1x/mab/easy auth on host-onboarding, then VLAN ID can be assigned based on policy configured in ISE (VLAN ID should be still the one that was originally provisioned by DNA-Center when IP Pools were first added). 

 

Please refer to "Cisco DNA Center Fast Start Use Case: Software-Defined Access Guide" (section: Configure dynamic authentication with ISE):

https://www.cisco.com/c/en/us/solutions/collateral/enterprise-networks/software-defined-access/guide-c07-741859.html#_Toc2934408

 

Best regards,

Mariusz

0 Helpful
Mike.Cifelli
VIP Advisor VIP Advisor
VIP Advisor
‎02-12-2020 05:53 AM
‎02-12-2020 05:53 AM

@Mariusz Kazmierski is definitely right with the dynamic assignment via ISE.  Adding additional information:

You can utilize the DNAC template editor to modify default auth template configs.  For example, using the editor you can modify the DNAC critical auth vlan that gets used in the DefaultCriticalAuthVlan service-template.  You can also utilize the template editor to tweak other standard configs that get deployed from the out-of-box auth templates.  HTH!

0 Helpful
Fidel Ernesto Gonzalez Baez
Beginner
Beginner
In response to Mike.Cifelli
‎02-18-2020 06:58 AM
‎02-18-2020 06:58 AM

Hi Mike, 

 

This is really what i want,  i will try to do it.

 

 

is there  something specific that  i need to know? 

 

I am new in SDA.

 

Br, 

Fidel Gonzalez

0 Helpful
Fidel Ernesto Gonzalez Baez
Beginner
Beginner
In response to Mike.Cifelli
‎02-18-2020 07:12 AM
‎02-18-2020 07:12 AM

Hi Mike,

Can i modify the vlan ID when the host onboarding was already configured?

I have already configured the host onboarding, the problem is that I am using Virtual machines, I have a port channel (Trunk Mode) on the edge switch, and several servers and vlans ( that was assigned before the host onboarding) on the VMWare.

I have a mismatch between the vlans configured on the VMs and the vlans assigned by the host onboarding process, I would like to modify the vlan assigned by the host onboarding process.

is it possible?


0 Helpful
ldanny
Cisco Employee
Cisco Employee
‎02-17-2020 12:56 AM
‎02-17-2020 12:56 AM

Hi Fidel,

Please see following Guide on How to Onboard Endpoints with ISE in SD-Access.

How to SDA Host Onboarding with ISE

0 Helpful
Latest Contents
AppDynamics
Created by mclymer on 06-30-2022 09:46 AM
0
0
0
0
Cisco Champion Radio: S9|E25 SD-WAN and Ubiquitous Cloud Sec...
Created by Amilee San Juan on 06-29-2022 02:35 PM
1
5
1
5
Listen: https://smarturl.it/CCRS9E25 Follow us: twitter.com/ciscochampions With applications and users everywhere, the networks are now, more than ever, being tasked with delivering consistent protection while providing an exceptional user exper... view more
Cisco Champion Radio: S9|E24 Cisco Radio Aware Routing
Created by Amilee San Juan on 06-28-2022 01:30 PM
0
0
0
0
Listen: https://smarturl.it/CCRS9E24 Follow us: https://twitter.com/CiscoChampion  Cisco Radio Aware Routing addresses several of the challenges faced when merging IP routing and radio communications in mobile networks, especially those exhibiti... view more
Cisco Champion Radio: S9|E23 The Cisco Catalyst 9136 Wi-Fi 6...
Created by Amilee San Juan on 06-28-2022 01:21 PM
0
0
0
0
Listen: https://smarturl.it/CCRS9E23 Follow us: https://twitter.com/CiscoChampion The Wi-Fi 6E Catalyst 9136 access point takes advantage of the 6-GHz band to produce a network that is more reliable and secure, with higher throughput, more ... view more
DR and the Type-2 LSA in OSPFv3 versus OSPFv2
Created by Meddane on 06-24-2022 04:35 PM
0
0
0
0
When moving from OSPFv2 to OSPFv3, there are many changes in the format of the LSAs Type, but the most known changes are: IP prefix informations are no longer carried in Type-1 LSA and Type-2 LSA, new LSAs Type 8 and 9 are added to carry these prefixes. L... view more
Ask a Question
Create
+ Discussion
+ Blog
+ Document
+ Video
+ Project Story
Find more resources
Discussions
Blogs
Documents
Events
Videos
Project Gallery
New Community Member Guide
Related support document topics
Recognize Your Peers
Spotlight Award Nomination
Content for Community-Ad