Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4437
Views
38
Helpful
22
Replies

Catalyst Center Onboarding - Ask Me Anything

Brooke Hammer
Community Manager
Community Manager

‎01-16-2025 02:45 PM - edited ‎01-16-2025 03:16 PM

Welcome to the Cisco Community Ask Me Anything conversation. Submit your questions from  Friday, January 17, 2025 through Friday, February 7, 2025. Our colleagues Alex Guckin, Bryan Fenlason, Jason Wiatr, Zuhair Bedwan, Daniel Angelini and Jignesh Shah will be waiting to assist you and resolve any questions that have not been clarified, or answer any new questions that you may have.

Need a little help getting started with Catalyst Center?

Whether you are preparing for your onboarding journey, ready to install your physical appliance, or deploying a virtual appliance, our Specialists are ready to help. In this Ask Me Anything hosted by our NX Customer Success Specialist team, our Specialists are ready to answer any questions you may have about the first phase of your Catalyst Center deployment.

The live discussion board will be open from January 17th-February 7th. During this time, you will have the opportunity to:

  • Ask onboarding specific questions and get direct answers from Cisco Specialists
  • Bookmark self-serve resources such as the Catalyst Center Resource Repository
  • Gain insights about features and capabilities of Catalyst Center
  • Network with other Catalyst Center users including Cisco Specialists, partners, and peers

How to participate:

  • Visit the Community Catalyst Center AMA discussion forum
  • Log in with your CCO ID
  • Start commenting with your Catalyst Center onboarding questions

 

Note: Please post your post as a comment below no later than February 6, 2025.

Post your question below by clicking "Reply"

(Answers will be processed depending on the availability of the experts)
Don't forget to thank the expert by giving it a helpful vote!

 

Our experts - CX Customer Success Specialists

 

BrookeHammer_2-1737066072876.png

Alex Guckin

 

BrookeHammer_3-1737066093829.png

Bryan Fenlason

 

BrookeHammer_4-1737066120045.png

Jason Wiatr

 

BrookeHammer_5-1737066138053.png

Zuhair Bedwan

 

BrookeHammer_6-1737066168144.png

Daniel Angelini

 

BrookeHammer_8-1737066215604.png

Jignesh Shah

 

1 person had this problem
Labels:
22 Replies 22

Jignesh Shah
Cisco Employee
Cisco Employee
In response to ramu-raja

‎01-31-2025 02:15 PM

Hello Ramu-Raja,

The C9300/C9500 smart licenses include both perpetual (Network Advantage) and subscription (DNA Advantage) licenses.
- If your DNA Advantage subscription expires, you will still be able to manage your switches using the Network Advantage perpetual license.
- However, you will lose access to the features and capabilities provided by the DNA Advantage subscription such as:
   - Advanced analytics
   - Automation
   - Security features

See the link to the Cisco Catalyst and Cisco DNA Software Subscription Matrix for Switching:
https://www.cisco.com/c/m/en_us/products/software/dna-subscription-switching/en-sw-sub-matrix-switching.html

- Jignesh S.

nsompura
Level 1
Level 1

‎01-29-2025 10:04 AM

Hello. I am having issues with provisioning a Catalyst 9300 switch and a 8200 router onto Catalyst Center. I have added the device to a site, enabled netconf and is working, but when I go to provision the device, it gives me an error message  "PKI Config push Failed - Unable to push configuration to device ip x.x.x.x. Device response - inconsistent value: Device refused one or more commands". I am able to add a 3850 switch. The Catalyst 9300 switch and 8200 router devices are running 17.9.4a, and Catalyst Center is running 2.3.7.7.

aguckin
Cisco Employee
Cisco Employee
In response to nsompura

‎01-29-2025 10:42 AM

Hello nsompura,

The Catalyst Center requires the highest level of CLI access for the devices that it discovers. For issues like these, please confirm that the account used for CLI access has priviledge level 15 by using the "show privilege" command while logged in with that user. If this is not 15 or if you are doing command authorization with ISE/AAA then you can run into issues like this.

Next, NETCONF is not strictly required for the 9300 series switches but it seems that this is a NETCONF related error. If you are using AAA authorization with a named method list you may need to configure yang to read from a specific named method list.  See the article Providing Privilege Access to NETCONF

If these are in place one final option is to disable NETCONF for the affected devices. To do this, select the device in Inventory and navigate to Actions > Inventory > Edit Device. Then scroll to the bottom of the Credentials tab and remove the NETCONF port.

If you do have the highest level of access for that account and NETCONF is enabled on the device then this may be a defect. Please open a TAC case for investigation.

Discovery Configuration Guidelines and Limitations

Providing Privilege Access to NETCONF


Alex G.

nsompura
Level 1
Level 1
In response to aguckin

‎01-29-2025 11:55 AM

Alex,

We are using ISE/AAA, and I have those commands in place. The device is authenticated at privilege level 15 when it logs in. I have also tried removing NETCONF and adding it back in, removing the device completely and adding it back with and without NETCONF, but nothing has worked.

If you have anything else that I can try, please let me know. I am already planning to contact TAC very soon for this issue.

aguckin
Cisco Employee
Cisco Employee
In response to nsompura

‎01-30-2025 10:10 AM

Hello nsompura,

The only other thing I would suggest is checking the license level for those devices. If you do not have either the DNA Essentials or DNA Advantage add-on licensing then some commands will fail to execute during CatC operations.  You can check this status in Catalyst Center through the license manager.  

Catalyst Center Licensing Manager

Cisco Catalyst and Cisco DNA Software Subscription Matrix for Switching 

Cisco DNA Software SD-WAN and Routing Matrices 

nsompura
Level 1
Level 1
In response to aguckin

‎01-31-2025 01:05 PM

I think I might've found more info about that (I was just trying to use Cisco's Licensing before). We use On-Prem CSSM for licensing. I was able to track down the host IP address. I wanted to ask what would I need to fill in for Client ID and Client Secret?

ossniper
Level 1
Level 1

‎01-30-2025 10:52 PM

Hello

I integrated Meraki Dashboard with Catalyst center - DNAC, only the Wireless are displayed and I can’t provision but the 9300 Meraki switches are not displaying. What could be the issue? 

Best regards.

shane.carnahan
Level 1
Level 1

‎02-06-2025 10:25 AM

Using Catalyst Center, 2.3.7.7, to manage wifi settings (non-SDA) on Cisco 9800 WLC. Is there an option to enable AAA server load balancing for the 802.1x radius requests? There is an option directly on the controller to do this but I can't seem to find it in Catalyst Center. I have SSIDs built and push fine. I've looked through feature templates and don't see anything there. Wondering if this is something that can't be done just yet in Catalyst Center.

Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card