DNA Center Fundamentals

Cisco ISE Integration

DNAC and ISE communicate via REST API. pxGrid must be enabled on CISCO ISE.

Devices Identified by DNA center during discovery will automatically be pushed to ISE.

When provisioned devices are updated in DNA center, those updates(mgmt IP, SNMP, creds) will be pushed and updated to ISE automatically.

When a device is deleted in DNAC it will also be deleted in ISE.

A pre-requisite for these types of automatically synched changes is that the devices must be associated with a site where ISE is the AAA server.

You must define ISE CLI and GUI accounts and the accounts and passwords must be the same for both access methods.

Configuring ISE integration

• From DNAC, specify the IP address of the ISE PAN

• Create a shared secret for Radius and TACACS authentication

• Select a Cisco ISE server

• enter username and password

• enter FQDN of ISE PAN node

• create a subscriber name for DNAX pxGrid client

DNAC Device Inventory

For Discovery to add devices to inventory, you must provide credential sets and IP ranges or a seed IP for CDP and LLDP discovery.

For LLDP and CDP you can set the maximum number of hops away from the seed device that you want to scan.