Meraki

Aron33 · ‎Apr 24 2024

Hello there,

I just started to look into this whole "Cloud Monitoring for Catalyst" topic for my employer as we have some valuable usecases for some customers. As I swept through different forums I've already got to the conclusion, that the Onboarding App just won't work (conveniently) for our customer setup:

HTTPS proxies that perform TLS decryption are not currently supported
We have a dedicated, secured management environment with no connection to the internet or production / office VLANs
- Also Switch MGMT IPs are not reachable from production / office VLANs
Some other smaller hurdles

Q. Would it be possible to do the onboarding of a Catalyst Switch, without the Onboarding App e.g. automate all the steps (incl. prechecks) and configurations described in the documentation with AWX (Ansible)?

Many thanks, Aron

Minjie_Lin · ‎May 7 2024

We hope to launch app-less onboarding for switches by later this calendar year.

View solution in original post

Brash · ‎Apr 25 2024

There's no way to onboard without the application (unless Meraki engineering have another method which is not available to the public).

That said, I'm not sure I understand the issue as the requirements for internet connectivity and TLS decryption bypass also apply to the switches and are not only required for onboarding but are required for the solution as a whole.

Aron33 · ‎May 6 2024

That's what I thought. So I'll need a Meraki employee / engineer / supporter to answer the onboarding automation topic.

We could do TLS decryption bypass for the management networks where the switches reside and deploy the onboarding software on our management jumphost but it is, as already mentioned, not very convenient for some deployments imo (see points mentioned above).

thomasthomsen · ‎May 3 2024

Im pretty sure that there will be a way, like with the 9800 currently not using the onboard app, but NexTunnel like other Meraki devices.

If you have a 9K switch on 17.12.x you can actually see the same commands for this in the CLI 🙂 - And they do work, the switch tries to communitate this way with the dashboard, but, unfortunatly, the dashboards denies the device because its unknown.

But , it feels like this will be the way (at some point), also for switches, and that is just great 🙂

Aron33 · ‎May 6 2024

Interesting points you mentioned! Do you have some ressources I can look up? I will definitely look deeper into this 🙂

thomasthomsen · ‎May 6 2024

I do not think it is , ehhh, well documented, at this point.

But Im quite sure all Catalyst devices will utilize the way a 9800 WLC is using at the moment.

But that has "just" been released. You could look at how its done on the 9800.

(If you dont know, I can post the commands and a few screenshots here).

Jenn_G · ‎May 7 2024

Hey folks - we are looking forward to some action on the switching side this calendar year. Look for information on EFT (trial) this coming summer.

Minjie_Lin · ‎May 7 2024

We hope to launch app-less onboarding for switches by later this calendar year.

Meraki

Community

Q. Catalyst Cloud Monitoring without Onboarding App?

Q. Catalyst Cloud Monitoring without Onboarding App?