Skip to main content

 

Cisco Meraki Documentation

Enable Cloud Management for Catalyst Switches with Device Configuration

Warning: Before starting, verify that all prerequisites are fulfilled, such as supported hardware, the appropriate IOS XE version, and the necessary firewall rules. For more information, refer to Catalyst Cloud-Managed Switches Overview.

Here is a list of prerequisites when onboarding the Catalyst switch in device configuration Mode:

  • Connectivity must be via a front-panel port (not the management interface).
  • Only the default VRF is supported.
  • Ensure routes are in place to reach external addresses including a default route (use of ip default-gateway is not supported).
  • IP routing (ip routing) must be enabled on the switch.
  • AAA on the switch must be configured using aaa new-model.
  • aaa authentication login default local and aaa authorization exec default local must be configured.
  • The user account for onboarding must have privilege-15 level access on the switch.

Verify Meraki Tunnel Prerequisites on the Catalyst switch.

  • The Meraki Tunnel only supports the Global VRF.

  • Domain Name Lookup is required for hostname resolution to the Dashboard Registration and Meraki Tunnel services.

  • ip name-server {Domain server IP address}
  • ip domain lookup
  • The switch clock must reflect the correct current time in order to establish a mutual TLS tunnel with the Registration and Meraki Tunnel services by enabling NTP services.

  • ntp server {ntp server IP address}

Note: Prior to adding a switch in device configuration mode, ensure it is disconnected from its current cloud connection, such as Cloud Monitoring. Switches that are currently connected to the Dashboard via Cloud Monitoring have to be removed from their Dashboard network before they can be enabled for cloud management with device configuration. For detailed instructions, refer to Upgrading Cloud-Monitored Switches to Cloud Management with Device Configuration.

To begin, the switch-side service in IOS XE must be enabled to initiate communication with the cloud.

While in configuration mode on the switch, enter service meraki connect.

For example:

C9300-switch#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
C9300-switch(config)#service meraki connect
C9300-switch(config)#end

After enabling the service for the first time, the tunnel may take few minutes to connect.

To confirm the Catalyst 9000 switch has successfully registered and the Meraki Tunnel is connected, use the show meraki connect command.

The tunnel state should be Up.

If the tunnel is not up, make sure to verify the correct firewall rules are in place. Additional details on connection attempts are available in the syslog (show logging).

The output will provide the required Cloud ID to claim the switch to a Dashboard network.

For example, the output of a successful connection may appear similar to:

The output will provide the required Cloud ID to claim the switch to a Dashboard network.
 

The Cloud ID in the last section for Meraki Device Registration will be used to claim and register the switch in Dashboard.

Warning: 

  • When adding stacked switches, all members of the stack should be selected to add to network.
  • Organizations using per-device licensing must use the network-wide add devices page.
  1. To continue, log in to Dashboard and navigate to Organization > Inventory.

Only the new version of the Inventory page is supported. If you see the option to Try New Version, you must select this to continue.

  1. Click Claim Devices.

    This image is displayed to Claim the Devices.
     
  2. Click Claim Individual Devices.

    This image is displayed to select the Claim Individual Devices.

    Note: You can enter one or more Cloud IDs from your Catalyst switches. 

    This image is displayed to enter the Device Cloud ID.       
     
  3. After claiming the devices, on the Inventory page, select the checkbox next to the switches you would like to enable for cloud management.

    This image is displayed to enable in hybrid mode.

     
  4. In the Add devices to network window, choose the Dashboard Network for your switch and click Next.

    This image is displayed to Add devices to network.
     
  5. Select Device configuration and enter level-15 privilege credentials for the switch(es).


    Step 2 Device.png

 

Note: Credentials are used to connect to your switch and update the configuration for use with device configuration.

The configuration lines will be automatically applied to your switch are available here: Cloud Management with Device Configuration Required Modification.

After confirming the details and completing the process, the configuration will be automatically applied to your switch.

You can view your switch(es) in the Dashboard by navigating to Switching > Switches. If you have added your switches, an alert will appear for a few minutes while the setup finalizes. Allow up to 15 minutes for the process to complete and for the data to update in the Dashboard.

  • Was this article helpful?