Skip to main content
Cisco Meraki Documentation

Cloud Monitoring Catalyst 9800 Dashboard Provisioned Configurations

Cloud Monitoring for Catalyst Wireless is a Meraki Dashboard Early Access Feature. Before you can add your wireless controller to dashboard you have to Opt-in to Cloud Monitoring for Catalyst Wireless. Go to Organization > Early access to enable. 

Dashboard Provisioned Configurations

When the C9800 wireless controller is added to a dashboard Network, dashboard will then provision the following configurations required to allow the dashboard to monitor the wireless controller.

AAA

aaa authentication login MERAKI local

aaa authorization exec MERAKI local

username meraki-user privilege 15 secret 9 <unique random password>

username meraki-tdluser privilege 1 secret 9 <unique random password>

yang-interfaces aaa authorization method-list MERAKI

The yang-interface aaa authorization method is only applied if netconf-yang is enabled by dashboard and the wireless controllers default authorization exec authorization list does not include 'local'

Access Control Lists

ip access-list standard MERAKI_MGMT_IP_IN

    20 deny any

ip access-list extended MERAKI_MGMT_IP_OUT

    20 deny tcp any any

ipv6 access-list MERAKI_MGMT_IPV6_IN

    sequence 10 permit tcp FD0A:9B09:1F7:1::/64 FD0A:9B09:1F7:1::/64 eq 2222

    sequence 30 deny tcp any any

ipv6 access-list MERAKI_MGMT_IPV6_OUT

    sequence 20 deny tcp any any

HTTP Secure Server

ip http secure-server

VTY

login authentication MERAKI

authorization exec MERAKI

rotary 55

transport input ssh

access-class MERAKI_MGMT_IP_IN in

access-class MERAKI_MGMT_IP_OUT out

ipv6 access-class MERAKI_MGMT_IPV6_IN in

ipv6 access-class MERAKI_MGMT_IPV6_OUT out

Netconf

netconf-yang

SSH

ip ssh version 2

ip ssh server algorithm authentication publickey password keyboard

ip ssh port 2222 rotary 55

 ip ssh pubkey-chain

    username meraki-user

        key-hash {KEY_HASH}

LLDP

lldp run

Telemetry Subscriptions

telemetry ietf subscription 10000

 encoding encode-tdl

 filter tdl-uri /services;serviceName=stkm_oper/stack_info

 receiver-type pullmode

 source-vrf Mgmt-vrf

 stream native

 update-policy periodic 6000

 receiver name meraki_stack_info

 

telemetry ietf subscription 10001

 encoding encode-tdl

 filter tdl-uri /services;serviceName=ewlcevent/wsaclientevent

 receiver-type pullmode

 source-vrf Mgmt-vrf

 stream native

 update-policy periodic 4500

 receiver name meraki_wsa_client_event

 

telemetry receiver pullmode meraki_stack_info

 size 1000000

 

telemetry receiver pullmode meraki_wsa_client_event

 size 196650000

Maintaining Cloud Monitoring Services

During normal operations, Dashboard will monitor devices at regular intervals for any changes to the configurations that are required for Cloud Monitoring operations. When required configurations are missing or if the device configuration was changes, the Cloud Monitoring service will re-assess and apply the appropriate configurations to ensure the device can properly be monitored in Dashboard.

  • Was this article helpful?