Buy or Renew
Buy or Renew
Cisco DNA Center is now Catalyst Center. New name, same great product. Learn more about Catalyst Center here.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1268
Views
1
Helpful
8
Replies

Limit the number of DNA center for access to network devices

Munther
Level 1
Level 1

‎06-08-2022 12:18 AM

Hi Dears,

we added some switches to our DNA center, after that we notice the DNA login to switches many time at a day. this process effect on our ISE system. therefore is there any method to limit the number of DNA center to login to switches even Resync Interval is configure to 1440 minutes

 

0 Helpful
8 Replies 8

marce1000
VIP
VIP

‎06-08-2022 01:13 AM

 

 - Ref : https://www.cisco.com/c/en/us/td/docs/cloud-systems-management/network-automation-and-management/dna-center/hardening_guide/b_dnac_security_best_practices_guide.html#id_108831 , I acknowledge that this is kind of the reverse , but perhaps it could slow down DNA login-activity too.

  M.



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !
0 Helpful

Munther
Level 1
Level 1
In response to marce1000

‎06-08-2022 02:30 AM

Dear @marce1000 

Thanks for your reply, if i don't find any method i will try this may be it can limit the DNA.

0 Helpful

Flavio Miranda
VIP
VIP

‎06-08-2022 02:34 AM

Hi

 If you are OK with the Resync interval of 1440, you can change the "Update Polling Interval. ".

"In the Polling Time field, enter the time interval (in minutes) between successive polling cycles. Valid values are from 25 to 1440 minutes (24 hours). "

 

 

 

0 Helpful

Munther
Level 1
Level 1
In response to Flavio Miranda

‎06-08-2022 10:43 AM

@Flavio Miranda 

i already set the Network Resync Interval to 1440 min. in DNA version 2.2.3 and above You can update the polling interval at the global level for all devices by choosing System > Settings > Network Resync Interval. Or, you can update the polling interval at the device level for a specific device by choosing Device Inventory. When you set the polling interval using the Network Resync Interval, that value takes precedence over the Device Inventory polling interval value.

0 Helpful

danibqb01
Level 1
Level 1

‎09-28-2023 01:15 PM

We are facing the same problem.

There are several accesses via SSH from the DNA on the Switches in less than 1 minute and each access generates logs in the ISE.

We have Tacacs configured on the Switches and we can see authorization logs for commands such as "show logging" and others.

Is these multiple hits in less than 1 minute normal?

0 Helpful

Preston Chilcote
Cisco Employee
Cisco Employee

‎09-28-2023 01:26 PM

@danibqb01 Your Cisco DNA is probably responding to an SNMP trap to collect more information about a potential issue.  Best way to stop the logins is to figure out what the switch is complaining about.  Check for reported Issues in Cisco DNA Assurance for that specific switch and fix the root cause there. 

danibqb01
Level 1
Level 1
In response to Preston Chilcote

‎09-28-2023 02:18 PM

@Preston Chilcote  Perfect, I'll check and let you know! Thanks.

0 Helpful

EPRI
Level 1
Level 1
In response to danibqb01

‎02-26-2024 01:04 PM

Hello danibqb01
Did you ever find a solution to the constant logging in from DNA? 
We are experiencing same issue on latest version of DNA. We have double checked our switches and all look normal. 

Thanks

 

0 Helpful
Customers Also Viewed These Support Documents