Cloud Monitoring Catalyst 9800 Dashboard Provisioned Configurations
Cloud Monitoring for Catalyst Wireless is a Meraki Dashboard Early Access Feature. Before you can add your wireless controller to dashboard you have to Opt-in to Cloud Monitoring for Catalyst Wireless. Go to Organization > Early access to enable.
Dashboard Provisioned Configurations
When the C9800 wireless controller is added to a dashboard network, the dashboard will then provision the following configurations required to allow the dashboard to monitor the wireless controller.
AAA
aaa authentication login MERAKI local
aaa authorization exec MERAKI local
username meraki-user privilege 15 secret 9 <unique random password>
username meraki-tdluser privilege 1 secret 9 <unique random password>
yang-interfaces aaa authorization method-list MERAKI
The yang-interface aaa authorization method is only applied if netconf-yang is enabled by dashboard and the wireless controllers default authorization exec authorization list does not include 'local'
Access Control Lists
ip access-list standard MERAKI_MGMT_IP_IN
20 deny any
ip access-list extended MERAKI_MGMT_IP_OUT
20 deny tcp any any
ipv6 access-list MERAKI_MGMT_IPV6_IN
sequence 10 permit tcp FD0A:9B09:1F7:1::/64 FD0A:9B09:1F7:1::/64 eq 2222
sequence 30 deny tcp any any
ipv6 access-list MERAKI_MGMT_IPV6_OUT
sequence 20 deny tcp any any
HTTP Secure Server
ip http secure-server
VTY
login authentication MERAKI
authorization exec MERAKI
rotary 55
transport input ssh
access-class MERAKI_MGMT_IP_IN in
access-class MERAKI_MGMT_IP_OUT out
ipv6 access-class MERAKI_MGMT_IPV6_IN in
ipv6 access-class MERAKI_MGMT_IPV6_OUT out
Netconf
netconf-yang
SSH
ip ssh version 2
ip ssh server algorithm authentication publickey password keyboard
ip ssh port 2222 rotary 55
ip ssh pubkey-chain
username meraki-user
key-hash {KEY_HASH}
LLDP
lldp run
Telemetry Subscriptions
telemetry ietf subscription 10000
encoding encode-tdl
filter tdl-uri /services;serviceName=stkm_oper/stack_info
receiver-type pullmode
source-vrf Mgmt-vrf
stream native
update-policy periodic 6000
receiver name meraki_stack_info
telemetry ietf subscription 10001
encoding encode-tdl
filter tdl-uri /services;serviceName=ewlcevent/wsaclientevent
receiver-type pullmode
source-vrf Mgmt-vrf
stream native
update-policy periodic 4500
receiver name meraki_wsa_client_event
telemetry receiver pullmode meraki_stack_info
size 1000000
telemetry receiver pullmode meraki_wsa_client_event
size 196650000
Maintaining Cloud Monitoring Services
During normal operations, the dashboard will monitor devices at regular intervals for any changes to the required configurations for Cloud Monitoring operations. If required configurations are missing, or if the device configuration was changed, the Cloud Monitoring service will apply the appropriate configurations to ensure the device can be monitored properly within the dashboard.