Network Plug and Play Solution Guide for SMB

<!DOCTYPE html> <html xmlns:fb="//www.facebook.com/2008/fbml" xmlns:og="//opengraphprotocol.org/schema/" lang="en" xml:lang="en" class="no-touch no-js"> <head> <meta charset="utf-8"> <meta name="HandheldFriendly" content="True" /> <meta name="MobileOptimized" content="320" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <meta name="rei" content="3/2/2022 10.39am est" /> <script tyle="text/javascript" src="/content/dam/cdc/j/cdcrSwitch.js"></script> <script type="text/javascript"> if (typeof cdc === "undefined"){ cdc = {}; } cdc.localizedLang="en/us"; if (window.cdcext === undefined) { window.cdcext = {}; } cdcext.customEnvironment = "prod"; if (window.cdclocale === undefined) { window.cdclocale = {}; } cdclocale.locale = cdc.localizedLang=="en/us"?"en_us":cdc.localizedLang; </script> <script src="/c/dam/cdc/t/ctm-core.js"></script> <script> window['adrum-start-time'] = new Date().getTime(); window.environ = "prod" ; </script> <script> if (window.cpe === undefined) { window.cpe = {}; } cpe.accountName = "prod"; cpe.config = ["cinf","dsc","pps"]; cpe.hideMethod = "elements"; window.targetGlobalSettings = JSON.parse('{\x22timeout\x22:4000}'); window.targetPageParamsAll = () => JSON.parse('{\x22entity\x22:\x22{\\\x22id\\\x22:\\\x221564514024303809\\\x22,\\\x22categoryId\\\x22:\\\x22Products,Cloud and Systems Management,TSD Products Technical Reference\\\x22}\x22}'); const bullseyeLibrary = `/etc.clientlibs/cisco-cdc/clientlibs/clientlib-external/resources/external/bullseye.js`; import(bullseyeLibrary); </script> <script src="/etc.clientlibs/cisco-cdc/clientlibs/clientlib-external/resources/regional-mbox/regional-mbox.js"></script> <title>Network Plug and Play Solution Guide for SMB - Cisco</title> <meta name="format-detection" content="telephone=no"> <meta http-equiv="Content-type" content="text/html;charset=UTF-8" /> <meta name="description" content="Network Plug and Play Solution Guide for SMB" /> <meta name="title" content="Network Plug and Play Solution Guide for SMB" /> <meta name="documentId" content="1564514023545808" /> <meta name="templateName" content="eot" /> <meta property="fb:app_id" content="156494687694418" /> <meta name="ioContentSource" content="WEM" /> <meta name="concept" content="Cisco FindIT Network Management" /> <meta name="docType" content="TSD Products Technical Reference" /> <meta name="iaPath" content="cisco.com#Products#Cisco Products#Cloud and Systems Management#Network Automation and Management#Cisco FindIT Network Management" /> <meta name="contentType" content="cisco.com#US#postSales" /> <meta name="locale" content="US" /> <meta name="language" content="en" /> <meta name="country" content="US" /> <meta name="hub" content="Enterprise Networks" /> <meta name="CCID_Page" content="cc001777" /> <meta name="date" content="Tue Jul 30 12:12:45 PDT 2019" /> <meta name="accessLevel" content="Customer" /> <meta name="accessLevel" content="Guest" /> <meta name="accessLevel" content="Partner" /> <meta name="entitlementExpression" content="contains( "0,1,2,3,4,7" , $profileField[3] )" /> <meta property="og:site_name" content="Cisco" /> <meta property="og:type" content="website" /> <meta property="og:title" content="Network Plug and Play Solution Guide for SMB" /> <meta property="og:description" content="Network Plug and Play Solution Guide for SMB" /> <meta property="og:url" content="https://www.cisco.com/c/en/us/td/docs/cloud-systems-management/network-automation-and-management/cisco-findIT-network-management/technical_reference/PnP_Guide_02.html" /> <link rel="canonical" href="https://www.cisco.com/c/en/us/td/docs/cloud-systems-management/network-automation-and-management/cisco-findIT-network-management/technical_reference/PnP_Guide_02.html"/> <script src="/etc.clientlibs/clientlibs/granite/jquery.min.js"></script> <script src="/etc.clientlibs/clientlibs/granite/utils.min.js"></script> <script src="/etc.clientlibs/clientlibs/granite/jquery/granite.min.js"></script> <script src="/etc.clientlibs/foundation/clientlibs/jquery.min.js"></script> <script src="/etc.clientlibs/foundation/clientlibs/shared.min.js"></script> <script src="/etc.clientlibs/cq/personalization/clientlib/underscore.min.js"></script> <script src="/etc.clientlibs/cq/personalization/clientlib/personalization/kernel.min.js"></script> <script src="/etc.clientlibs/cq/personalization/clientlib/personalization/kernel.min.js"></script> <script type="text/javascript"> $CQ(function() { CQ_Analytics.SegmentMgr.loadSegments("\/etc\/segmentation"); CQ_Analytics.ClientContextUtils.init("\/c\/dnc\/etc\/clientcontext\/default", "\/content\/en\/us\/td\/docs\/cloud\u002Dsystems\u002Dmanagement\/network\u002Dautomation\u002Dand\u002Dmanagement\/cisco\u002DfindIT\u002Dnetwork\u002Dmanagement\/technical_reference\/PnP_Guide_02"); }); </script> <link rel="stylesheet" href="/etc/designs/cdc/clientlibs/responsive/css/cisco-sans.min.css" type="text/css"> <script src="/etc/designs/cdc/clientlibs/responsive/js/foundation.min.js"></script> <link rel="stylesheet" href="/etc/designs/cdc/fw/b/responsive/css/eot.min.css" type="text/css"> <script> sessionStorage.setItem("logOutIntermediateMessage", 'You are being logged out.'); </script>  <script type="application/ld+json"> [ { "@context": "http://www.schema.org", "@type": "WebPage", "name": "Network Plug and Play Solution Guide for SMB", "url": "https://www.cisco.com/c/en/us/td/docs/cloud-systems-management/network-automation-and-management/cisco-findIT-network-management/technical_reference/PnP_Guide_02.html", "description": "Network Plug and Play Solution Guide for SMB", "publisher": { "@type": "Corporation", "name": "Cisco" } }] </script>    <script>!function(e){var n="https://s.go-mpulse.net/boomerang/";if("False"=="True")e.BOOMR_config=e.BOOMR_config||{},e.BOOMR_config.PageParams=e.BOOMR_config.PageParams||{},e.BOOMR_config.PageParams.pci=!0,n="https://s2.go-mpulse.net/boomerang/";if(window.BOOMR_API_key="GKZXC-NS3SU-A7VFH-HKBHM-U7LKH",function(){function e(){if(!o){var e=document.createElement("script");e.id="boomr-scr-as",e.src=window.BOOMR.url,e.async=!0,i.parentNode.appendChild(e),o=!0}}function t(e){o=!0;var n,t,a,r,d=document,O=window;if(window.BOOMR.snippetMethod=e?"if":"i",t=function(e,n){var t=d.createElement("script");t.id=n||"boomr-if-as",t.src=window.BOOMR.url,BOOMR_lstart=(new Date).getTime(),e=e||d.body,e.appendChild(t)},!window.addEventListener&&window.attachEvent&&navigator.userAgent.match(/MSIE [67]\./))return window.BOOMR.snippetMethod="s",void t(i.parentNode,"boomr-async");a=document.createElement("IFRAME"),a.src="about:blank",a.title="",a.role="presentation",a.loading="eager",r=(a.frameElement||a).style,r.width=0,r.height=0,r.border=0,r.display="none",i.parentNode.appendChild(a);try{O=a.contentWindow,d=O.document.open()}catch(_){n=document.domain,a.src="javascript:var d=document.open();d.domain='"+n+"';void(0);",O=a.contentWindow,d=O.document.open()}if(n)d._boomrl=function(){this.domain=n,t()},d.write("<bo"+"dy onload='document._boomrl();'>");else if(O._boomrl=function(){t()},O.addEventListener)O.addEventListener("load",O._boomrl,!1);else if(O.attachEvent)O.attachEvent("onload",O._boomrl);d.close()}function a(e){window.BOOMR_onload=e&&e.timeStamp||(new Date).getTime()}if(!window.BOOMR||!window.BOOMR.version&&!window.BOOMR.snippetExecuted){window.BOOMR=window.BOOMR||{},window.BOOMR.snippetStart=(new Date).getTime(),window.BOOMR.snippetExecuted=!0,window.BOOMR.snippetVersion=12,window.BOOMR.url=n+"GKZXC-NS3SU-A7VFH-HKBHM-U7LKH";var i=document.currentScript||document.getElementsByTagName("script")[0],o=!1,r=document.createElement("link");if(r.relList&&"function"==typeof r.relList.supports&&r.relList.supports("preload")&&"as"in r)window.BOOMR.snippetMethod="p",r.href=window.BOOMR.url,r.rel="preload",r.as="script",r.addEventListener("load",e),r.addEventListener("error",function(){t(!0)}),setTimeout(function(){if(!o)t(!0)},3e3),BOOMR_lstart=(new Date).getTime(),i.parentNode.appendChild(r);else t(!1);if(window.addEventListener)window.addEventListener("load",a,!1);else if(window.attachEvent)window.attachEvent("onload",a)}}(),"".length>0)if(e&&"performance"in e&&e.performance&&"function"==typeof e.performance.setResourceTimingBufferSize)e.performance.setResourceTimingBufferSize();!function(){if(BOOMR=e.BOOMR||{},BOOMR.plugins=BOOMR.plugins||{},!BOOMR.plugins.AK){var n=""=="true"?1:0,t="",a="bdpnbeqxgy4r2z2qwaca-f-7fe99ef92-clientnsv4-s.akamaihd.net",i="false"=="true"?2:1,o={"ak.v":"39","ak.cp":"61004","ak.ai":parseInt("271834",10),"ak.ol":"0","ak.cr":3,"ak.ipv":4,"ak.proto":"http/1.1","ak.rid":"1a9b92","ak.r":37669,"ak.a2":n,"ak.m":"dsca","ak.n":"essl","ak.bpcip":"8.222.208.0","ak.cport":41952,"ak.gh":"23.53.33.212","ak.quicv":"","ak.tlsv":"tls1.2","ak.0rtt":"","ak.0rtt.ed":"","ak.csrc":"-","ak.acc":"reno","ak.t":"1733341188","ak.ak":"hOBiQwZUYzCg5VSAfCLimQ==nJWtAvICjoeGtnqcUTaF9p676tD+udhzWwsC/uZ4kORCW/p0qdmw+oz5COU0LhA/xMehL3uCHiExrav+2hFaUBOouJD1N94/acdQ3KO2H2qBKPJhHL7d10Eukt0zNh/86JiRQXh7OumeOqSOlULXCvfVgE+kwP9goAd+3uCktsBCzFQTrphfOFce8dPR5kDOPguiYW0DwhBRRQkhP2UNNAaCYa216HqBfqB/qEfveWjofSI5MiSrHAYCZCYpzH0Sn9SSxoYb4xwVjuzOGXldtdjT/NIuz3U+IpTyVZ50Sulo+o9UgtV0vLxZXfDYp7r/Df9e7cO1uLcrgwgG55zuaPPhPQxlMjQH9rIsENtDGEddPlwQluXKGnZfqwN+f78qaHuAkJuQDQX5prnsDHrtYtksAuZiUu0CFrETg8Xlifo=","ak.pv":"517","ak.dpoabenc":"","ak.tf":i};if(""!==t)o["ak.ruds"]=t;var r={i:!1,av:function(n){var t="http.initiator";if(n&&(!n[t]||"spa_hard"===n[t]))o["ak.feo"]=void 0!==e.aFeoApplied?1:0,BOOMR.addVar(o)},rv:function(){var e=["ak.bpcip","ak.cport","ak.cr","ak.csrc","ak.gh","ak.ipv","ak.m","ak.n","ak.ol","ak.proto","ak.quicv","ak.tlsv","ak.0rtt","ak.0rtt.ed","ak.r","ak.acc","ak.t","ak.tf"];BOOMR.removeVar(e)}};BOOMR.plugins.AK={akVars:o,akDNSPreFetchDomain:a,init:function(){if(!r.i){var e=BOOMR.subscribe;e("before_beacon",r.av,null,null),e("onbeacon",r.rv,null,null),r.i=!0}return this},is_complete:function(){return!0}}}}()}(window);</script></head> <body id="wcq" class="fw-res cdc-support cdc-eot cdc-high-density cdc-full-width cdc-transform "> <div id="fw-skiplinks"> <ul class="container"> <li><a id="skiplink-content" href="#fw-content">Skip to content</a></li> <li><a id="skiplink-search" href="#">Skip to search</a></li> <li><a id="skiplink-footer" href="#fw-footer-v2" class="last">Skip to footer</a></li> </ul> </div> <script type="module" src="/site/web-components/us/en/cdc-header.js"></script> <cdc-header></cdc-header> <nav class="fw-c-header__seo-links" aria-hidden="true" style="display:none"> <ul> <li><a tabindex="-1" href="https://www.cisco.com/site/us/en/index.html">Cisco.com Worldwide</a></li> <li><a tabindex="-1" href="/c/en/us/products/index.html">Products and Services</a></li> <li><a tabindex="-1" href="https://www.cisco.com/site/us/en/solutions/index.html">Solutions</a></li> <li><a tabindex="-1" href="/c/en/us/support/index.html">Support</a></li> <li><a tabindex="-1" href="/c/en/us/training-events.html">Learn</a></li> <li><a tabindex="-1" href="//www.cisco.com/c/en/us/about/sitemap.html">Explore Cisco</a></li> <li><a tabindex="-1" href="/c/en/us/buy.html">How to Buy</a></li> <li><a tabindex="-1" href="https://www.cisco.com/site/us/en/partners/index.html?dtid=odicdc001129">Partners Home</a></li> <li><a tabindex="-1" href="https://www.cisco.com/site/us/en/partners/cisco-partner-program/index.html?ccid=cc000864&dtid=odiprc001129">Partner Program</a></li> <li><a tabindex="-1" href="https://www.cisco.com/site/us/en/partners/support-help/index.html">Support</a></li> <li><a tabindex="-1" href="https://www.cisco.com/site/us/en/partners/tools/index.html?dtid=odiprc001129">Tools</a></li> <li><a tabindex="-1" href="https://locatr.cloudapps.cisco.com/WWChannels/LOCATR/pf/index.jsp#/">Find a Cisco Partner</a></li> <li><a tabindex="-1" href="https://www.cisco.com/site/us/en/partners/connect-with-a-partner/index.html?ccid=cc000864&dtid=odiprc001129">Meet our Partners</a></li> <li><a tabindex="-1" href="https://www.cisco.com/site/us/en/partners/index.html?dtid=odicdc001129">Become a Cisco Partner</a></li> </ul> </nav> <div id="fw-content" class="container grid"> <div class="row full blowout" data-owner="ID"> <div class="col full "> <nav id="fw-breadcrumb" class="data-based" aria-label="breadcrumbs" data-owner="ID"> <ul itemscope itemtype="//schema.org/BreadcrumbList"> <li aria-hidden="true"><a href='#' class="skip"><span></span></a></li> <li itemprop='itemListElement' itemscope itemtype='//schema.org/ListItem'><a itemprop='item' href='/c/en/us/support/index.html'><span itemprop='name'>Support</span><meta itemprop='position' content='1' /></a><span class='caret'></span></li><li itemprop='itemListElement' itemscope itemtype='//schema.org/ListItem'><a itemprop='item' href='/c/en/us/support/all-products.html'><span itemprop='name'>Product Support</span><meta itemprop='position' content='2' /></a><span class='caret'></span></li><li itemprop='itemListElement' itemscope itemtype='//schema.org/ListItem'><a itemprop='item' href='/c/en/us/support/cloud-systems-management/index.html'><span itemprop='name'>Cloud and Systems Management</span><meta itemprop='position' content='3' /></a><span class='caret'></span></li><li itemprop='itemListElement' itemscope itemtype='//schema.org/ListItem'><a itemprop='item' href='/c/en/us/support/cloud-systems-management/findit-network-management/series.html'><span itemprop='name'>Cisco FindIT Network Management</span><meta itemprop='position' content='4' /></a><span class='caret'></span></li><li itemprop='itemListElement' itemscope itemtype='//schema.org/ListItem'><a itemprop='item' href='/c/en/us/support/cloud-systems-management/findit-network-management/products-technical-reference-list.html'><span itemprop='name'>Technical References</span><meta itemprop='position' content='5' /></a><span class='caret'></span></li> </ul> </nav> <script> if (window.cdc === undefined) { window.cdc = {}; } if (cdc.breadcrumb === undefined) { cdc.breadcrumb = (function () { let clone = document.querySelector('#fw-breadcrumb').cloneNode(true); let appendClone = function () { let hasBreadcrumb = document.querySelector('#fw-breadcrumb') !== null, firstMarquee = document.querySelectorAll('.dmc-mq')[0]; if (!hasBreadcrumb && firstMarquee !== undefined) { firstMarquee.querySelector('.frame .inset').insertBefore(this.clone, firstMarquee.querySelector('.frame .inset').firstElementChild); } }; return { clone: clone, appendClone: appendClone } }()); } //DE380224 var anchorChild = document.getElementsByTagName("a"); for(var i=0; i<anchorChild.length; i++){ if(anchorChild[i].getAttribute("itemprop")=="item") { if ( anchorChild[i].href.includes("%3Clocale%3E") ){ let anchorChildHREF = anchorChild[i].href; let docLocale = document.querySelector('meta[name="locale"]').getAttribute('content'); let docLanguage = document.querySelector('meta[name="language"]').getAttribute('content'); var docSeparator; if ((docLocale.toLowerCase() == "us") && (docLanguage.toLowerCase() == "en")) { docSeparator="/"; } else { docSeparator="_"; } let anchorURLReplace = docLanguage.toLowerCase() + docSeparator + docLocale.toLowerCase(); anchorChildHREF = anchorChildHREF.replace("%3Clocale%3E", anchorURLReplace); anchorChild[i].setAttribute('href', anchorChildHREF); } } } </script> <h1 id="fw-pagetitle" class="" data-owner="ID">Network Plug and Play Solution Guide for SMB</h1> </div> </div>  <div class="row blowout wide-narrow-v2 visitedlinks"> <div class="col wide-v2"> <script> if (typeof(cdc) == "undefined") cdc={}; if (typeof(cdc.translations) == "undefined") cdc.translations={}; </script> <div class="docHeaderComponent base-blowout"> <div class="linksRow"> <div class='versionddcontainer'></div> <script type="text/html" class="versionstemp"> <div class="versionsdd"> <button class="versionbutton" aria-haspopup="true" aria-expanded="false" aria-labelledby="other versions" class="version"><label></label></button> <ul class="versionlist" aria-labelledby="other versions"> <% let pageUrl = window.location.pathname.replace("/content/","/c/").toLowerCase(); if (false) pageUrl = pageUrl.substring(0,pageUrl.lastIndexOf("/"))+".html"; for(let i=0; i< data.length; i++) { let item = data[i], myurl = item.linkUrl, urlm = myurl.replace("/content/","/c/");; mytitle = item.linkTitle; myclass= urlm.toLowerCase() == pageUrl ? "class=\"selected\"":""; %> <li><a href="${myurl}" ${myclass}>${mytitle}</a></li> <% } %> </ul> </div> </script> <div class="toolbar"> <div class="noprint" id="saveModule"> <script type="text/javascript"> cdc.util.ensureNamespace("cdc.rc.savedoc"); cdc.rc.savedoc.isLoggedIn = false; cdc.rc.savedoc.save = "Save"; cdc.rc.savedoc.saved = "Saved"; </script> <button class="save" aria-expanded="false"> <label>Save</label> </button> </div> <div class="saveDocumentMessage login cdc-expandPanel" role="region" aria-live="polite"> <a href="/c/login/index.html?referer=/c/en/us/td/docs/cloud-systems-management/network-automation-and-management/cisco-findIT-network-management/technical_reference/PnP_Guide_02.html">Log in</a> to Save Content </div>   <div class="noprint downloadDocument" ><button type="button" class="view-download-list-link anchor" aria-expanded="false"><div class="toolbarIcon downloadIcon"></div><label class="iconLabel">Download</label></button></div> <div class="noprint printDocument js-only"><button type="button" class="anchor printPage"><div class="toolbarIcon printIcon"></div><label class="iconLabel">Print</label></button></div> </div> </div>  <script language="javascript"> cdc.translations.map = "{en-us=https://www.cisco.com/c/en/us/td/docs/cloud-systems-management/network-automation-and-management/cisco-findIT-network-management/technical_reference/PnP_Guide_02.html, x-default=https://www.cisco.com/c/en/us/td/docs/cloud-systems-management/network-automation-and-management/cisco-findIT-network-management/technical_reference/PnP_Guide_02.html}";//storing the map for use in the JS cdc.translations.locale="en_us"; </script> <div class="availableLanguagesList"> <h3>Available Languages</h3> <ul id="translationsList"> </ul> </div> <div id="download-list-container" class="noprint panelRow" role="region" aria-live="polite"> <div class='download-list' aria-label="Download Options"> <h3>Download Options</h3> <ul> <li> <div class="fileText"> <a href="/c/en/us/td/docs/cloud-systems-management/network-automation-and-management/cisco-findIT-network-management/technical_reference/PnP_Guide_02.pdf" class="download-pdf"><div class="fileIcon pdfIcon"></div>PDF</a> <span class="docSize">(546.3 KB)</span> <br /> <span class="description">View with Adobe Reader on a variety of devices</span> </div> </li> </ul> </div> </div> <div class="infobarClearFix"> <div class="infobar"> <div class="updatedDate"><span>Updated:</span>July 30, 2019</div> </div> <div class="disclaimers techdocs"> <div class="disclaimerButtons"> <div class="aboutBias"> <button aria-expanded="false" >Bias-Free Language</button> </div> </div> <div class="biasfreeContent panel"> <h3>Bias-Free Language</h3> <p>The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. <a href="https://www.cisco.com/c/en/us/about/social-justice/inclusive-language-policy.html">Learn more</a> about how Cisco is using Inclusive Language.</p> </div> </div> </div> </div> <script> jQuery(document).ready(function(){ if(jQuery("body").hasClass("cdc-eot-toc") && jQuery(".cdc-eot-toc").find(".DocumentHistory").length > 0){ jQuery(".cdc-eot-toc .seeRevisions").show(); if(jQuery(window).width() >= 768){ jQuery(".cdc-eot-toc .updatedDate").nextAll(".bullet").show(); } }else{ jQuery(".cdc-eot-toc .infobar .bullet").hide(); jQuery(".cdc-eot-toc .seeRevisions"); jQuery(".cdc-eot-toc .updatedDate"); } }) </script> <script src="/etc/designs/cdc/fw/clientlibs/granite-utils.min.js"></script> <script> if (window.cdc === "undefined") window.cdc={}; if (typeof cdc.rc === "undefined") cdc.rc={}; // initialize dictionary for i18n cdc.util.ensureNamespace("cdc.rc"); cdc.rc.eotkeys = { showOnly5Products : "Show Only 5 Products", showAllRowsProducts : "Show All nRows Products", supportCommunityUrl : "https://community.cisco.com/t5/technology-and-support/ct-p/technology-support", supportCommunity : "Cisco Community", thankYou : "Thank You", viewersAlso : "Customers Also Viewed", show : "Show", more : "More", showOnly3Documents: "Show Only 3 Documents" }; </script> <div id="eot-doc-wrapper"> <html> <head> <script>!function(e){var n="https://s.go-mpulse.net/boomerang/";if("False"=="True")e.BOOMR_config=e.BOOMR_config||{},e.BOOMR_config.PageParams=e.BOOMR_config.PageParams||{},e.BOOMR_config.PageParams.pci=!0,n="https://s2.go-mpulse.net/boomerang/";if(window.BOOMR_API_key="GKZXC-NS3SU-A7VFH-HKBHM-U7LKH",function(){function e(){if(!o){var e=document.createElement("script");e.id="boomr-scr-as",e.src=window.BOOMR.url,e.async=!0,i.parentNode.appendChild(e),o=!0}}function t(e){o=!0;var n,t,a,r,d=document,O=window;if(window.BOOMR.snippetMethod=e?"if":"i",t=function(e,n){var t=d.createElement("script");t.id=n||"boomr-if-as",t.src=window.BOOMR.url,BOOMR_lstart=(new Date).getTime(),e=e||d.body,e.appendChild(t)},!window.addEventListener&&window.attachEvent&&navigator.userAgent.match(/MSIE [67]\./))return window.BOOMR.snippetMethod="s",void t(i.parentNode,"boomr-async");a=document.createElement("IFRAME"),a.src="about:blank",a.title="",a.role="presentation",a.loading="eager",r=(a.frameElement||a).style,r.width=0,r.height=0,r.border=0,r.display="none",i.parentNode.appendChild(a);try{O=a.contentWindow,d=O.document.open()}catch(_){n=document.domain,a.src="javascript:var d=document.open();d.domain='"+n+"';void(0);",O=a.contentWindow,d=O.document.open()}if(n)d._boomrl=function(){this.domain=n,t()},d.write("<bo"+"dy onload='document._boomrl();'>");else if(O._boomrl=function(){t()},O.addEventListener)O.addEventListener("load",O._boomrl,!1);else if(O.attachEvent)O.attachEvent("onload",O._boomrl);d.close()}function a(e){window.BOOMR_onload=e&&e.timeStamp||(new Date).getTime()}if(!window.BOOMR||!window.BOOMR.version&&!window.BOOMR.snippetExecuted){window.BOOMR=window.BOOMR||{},window.BOOMR.snippetStart=(new Date).getTime(),window.BOOMR.snippetExecuted=!0,window.BOOMR.snippetVersion=12,window.BOOMR.url=n+"GKZXC-NS3SU-A7VFH-HKBHM-U7LKH";var i=document.currentScript||document.getElementsByTagName("script")[0],o=!1,r=document.createElement("link");if(r.relList&&"function"==typeof r.relList.supports&&r.relList.supports("preload")&&"as"in r)window.BOOMR.snippetMethod="p",r.href=window.BOOMR.url,r.rel="preload",r.as="script",r.addEventListener("load",e),r.addEventListener("error",function(){t(!0)}),setTimeout(function(){if(!o)t(!0)},3e3),BOOMR_lstart=(new Date).getTime(),i.parentNode.appendChild(r);else t(!1);if(window.addEventListener)window.addEventListener("load",a,!1);else if(window.attachEvent)window.attachEvent("onload",a)}}(),"".length>0)if(e&&"performance"in e&&e.performance&&"function"==typeof e.performance.setResourceTimingBufferSize)e.performance.setResourceTimingBufferSize();!function(){if(BOOMR=e.BOOMR||{},BOOMR.plugins=BOOMR.plugins||{},!BOOMR.plugins.AK){var n=""=="true"?1:0,t="",a="bdpnbeqxgy4r2z2qwaca-f-7fe99ef92-clientnsv4-s.akamaihd.net",i="false"=="true"?2:1,o={"ak.v":"39","ak.cp":"61004","ak.ai":parseInt("271834",10),"ak.ol":"0","ak.cr":3,"ak.ipv":4,"ak.proto":"http/1.1","ak.rid":"1a9b92","ak.r":37669,"ak.a2":n,"ak.m":"dsca","ak.n":"essl","ak.bpcip":"8.222.208.0","ak.cport":41952,"ak.gh":"23.53.33.212","ak.quicv":"","ak.tlsv":"tls1.2","ak.0rtt":"","ak.0rtt.ed":"","ak.csrc":"-","ak.acc":"reno","ak.t":"1733341188","ak.ak":"hOBiQwZUYzCg5VSAfCLimQ==nJWtAvICjoeGtnqcUTaF9p676tD+udhzWwsC/uZ4kORCW/p0qdmw+oz5COU0LhA/xMehL3uCHiExrav+2hFaUBOouJD1N94/acdQ3KO2H2qBKPJhHL7d10Eukt0zNh/86JiRQXh7OumeOqSOlULXCvfVgE+kwP9goAd+3uCktsBCzFQTrphfOFce8dPR5kDOPguiYW0DwhBRRQkhP2UNNAaCYa216HqBfqB/qEfveWjofSI5MiSrHAYCZCYpzH0Sn9SSxoYb4xwVjuzOGXldtdjT/NIuz3U+IpTyVZ50Sulo+o9UgtV0vLxZXfDYp7r/Df9e7cO1uLcrgwgG55zuaPPhPQxlMjQH9rIsENtDGEddPlwQluXKGnZfqwN+f78qaHuAkJuQDQX5prnsDHrtYtksAuZiUu0CFrETg8Xlifo=","ak.pv":"517","ak.dpoabenc":"","ak.tf":i};if(""!==t)o["ak.ruds"]=t;var r={i:!1,av:function(n){var t="http.initiator";if(n&&(!n[t]||"spa_hard"===n[t]))o["ak.feo"]=void 0!==e.aFeoApplied?1:0,BOOMR.addVar(o)},rv:function(){var e=["ak.bpcip","ak.cport","ak.cr","ak.csrc","ak.gh","ak.ipv","ak.m","ak.n","ak.ol","ak.proto","ak.quicv","ak.tlsv","ak.0rtt","ak.0rtt.ed","ak.r","ak.acc","ak.t","ak.tf"];BOOMR.removeVar(e)}};BOOMR.plugins.AK={akVars:o,akDNSPreFetchDomain:a,init:function(){if(!r.i){var e=BOOMR.subscribe;e("before_beacon",r.av,null,null),e("onbeacon",r.rv,null,null),r.i=!0}return this},is_complete:function(){return!0}}}}()}(window);</script></head> <body> <code><script type="text/javascript"></script> <link rel="stylesheet" href="techdocs_85_11_word.css"/> <link rel="stylesheet" href="/etc/designs/cdc/transformation/techdocs_85_11_word.css"/></code> <div class="WordSection1"> <h1 class=" pCT_ChapTitle">Network Plug and Play Solution Guide for SMB</h1> <p class="DDDocumentDates"><span class="BBold">First </span><span class="BCBBoldCiscoBlue">Published</span><span class="BBold">:</span> June 3, 2019 </p> <p class="DDDocumentDates" style="margin-left:.5in"><b><span style="color:red;display:none;background:yellow">NOTE:</span></b><span style="color:red;display:none;background:yellow"> Works with document’s Advanced Properties “First Published” property. Click <b>File</b> | <b>Properties</b> | <b>Advanced Properties</b> | <b>Custom</b>.</span><span style="color:red;display:none"> </span></p> <p class="DDDocumentDates"><span class="BBold">Last Updated:</span> July 29, 2019</p> <p class="DDDocumentDates" style="margin-left:.5in"><b><span style="color:red;display:none;background:yellow">NOTE:</span></b><span style="color:red;display:none;background:yellow"> Works with document’s Advanced Properties “Last Updated” property. Click <b>File</b> | <b>Properties</b> | <b>Advanced Properties</b> | <b>Custom</b>.</span></p> <p class="MsoToc1"><span lang="EN-AU"><a href="#_Toc974487">Conventions<span style="color:windowtext;display:none;text-decoration:none">. </span><span style="color:windowtext;display:none;text-decoration:none">2</span></a></span></p> <p class="MsoToc1"><span lang="EN-AU"><a href="#_Toc974488">Solution Overview<span style="color:windowtext;display:none;text-decoration:none">.. </span><span style="color:windowtext;display:none;text-decoration:none">3</span></a></span></p> <p class="MsoToc2"><span lang="EN-AU"><a href="#_Toc974489">Solution Components<span style="color:windowtext;display:none;text-decoration:none">. </span><span style="color:windowtext;display:none;text-decoration:none">4</span></a></span></p> <p class="MsoToc2"><span lang="EN-AU"><a href="#_Toc974490">Solution Workflows<span style="color:windowtext;display:none;text-decoration:none">. </span><span style="color:windowtext;display:none;text-decoration:none">4</span></a></span></p> <p class="MsoToc3"><span lang="EN-AU"><a href="#_Toc974491">Planned Device Deployment in a Managed Network<span style="color:windowtext;display:none;text-decoration:none">. </span><span style="color:windowtext;display:none;text-decoration:none">5</span></a></span></p> <p class="MsoToc3"><span lang="EN-AU"><a href="#_Toc974492">Planned Device Deployment in an Unmanaged Network<span style="color:windowtext;display:none;text-decoration:none">. </span><span style="color:windowtext;display:none;text-decoration:none">5</span></a></span></p> <p class="MsoToc3"><span lang="EN-AU"><a href="#_Toc974493">Unplanned Device Deployment<span style="color:windowtext;display:none;text-decoration:none"> </span><span style="color:windowtext;display:none;text-decoration:none">6</span></a></span></p> <p class="MsoToc3"><span lang="EN-AU"><a href="#_Toc974494">Generic Device Deployment<span style="color:windowtext;display:none;text-decoration:none"> </span><span style="color:windowtext;display:none;text-decoration:none">7</span></a></span></p> <p class="MsoToc1"><span lang="EN-AU"><a href="#_Toc974495">Deploying the Cisco Network Plug and Play Solution for SMBs<span style="color:windowtext;display:none;text-decoration:none">. </span><span style="color:windowtext;display:none;text-decoration:none">7</span></a></span></p> <p class="MsoToc2"><span lang="EN-AU"><a href="#_Toc974496">Pre-requisites<span style="color:windowtext;display:none;text-decoration:none">. </span><span style="color:windowtext;display:none;text-decoration:none">7</span></a></span></p> <p class="MsoToc2"><span lang="EN-AU"><a href="#_Toc974497">Design Considerations<span style="color:windowtext;display:none;text-decoration:none">. </span><span style="color:windowtext;display:none;text-decoration:none">8</span></a></span></p> <p class="MsoToc3"><span lang="EN-AU"><a href="#_Toc974498">Plug and Play Server Discovery<span style="color:windowtext;display:none;text-decoration:none">. </span><span style="color:windowtext;display:none;text-decoration:none">8</span></a></span></p> <p class="MsoToc3"><span lang="EN-AU"><a href="#_Toc974499">Secure Connectivity<span style="color:windowtext;display:none;text-decoration:none">. </span><span style="color:windowtext;display:none;text-decoration:none">9</span></a></span></p> <p class="MsoToc3"><span lang="EN-AU"><a href="#_Toc974500">Device Deployment Considerations<span style="color:windowtext;display:none;text-decoration:none">. </span><span style="color:windowtext;display:none;text-decoration:none">9</span></a></span></p> <p class="MsoToc2"><span lang="EN-AU"><a href="#_Toc974501">Preparing FindIT Network Manager<span style="color:windowtext;display:none;text-decoration:none"> </span><span style="color:windowtext;display:none;text-decoration:none">10</span></a></span></p> <p class="MsoToc3"><span lang="EN-AU"><a href="#_Toc974502">Setting Up the Server Identity<span style="color:windowtext;display:none;text-decoration:none">. </span><span style="color:windowtext;display:none;text-decoration:none">10</span></a></span></p> <p class="MsoToc3"><span lang="EN-AU"><a href="#_Toc974503">Upload Images and Configurations<span style="color:windowtext;display:none;text-decoration:none">. </span><span style="color:windowtext;display:none;text-decoration:none">11</span></a></span></p> <p class="MsoToc3"><span lang="EN-AU"><a href="#_Toc974504">Create Provisioning Rules<span style="color:windowtext;display:none;text-decoration:none">. </span><span style="color:windowtext;display:none;text-decoration:none">11</span></a></span></p> <p class="MsoToc3"><span lang="EN-AU"><a href="#_Toc974505">Create Provisioning Rules for Unplanned Devices<span style="color:windowtext;display:none;text-decoration:none">. </span><span style="color:windowtext;display:none;text-decoration:none">11</span></a></span></p> <p class="MsoToc2"><span lang="EN-AU"><a href="#_Toc974506">Server Discovery<span style="color:windowtext;display:none;text-decoration:none">. </span><span style="color:windowtext;display:none;text-decoration:none">11</span></a></span></p> <p class="MsoToc3"><span lang="EN-AU"><a href="#_Toc974507">Configuring DHCP for PnP Server Auto-Discovery<span style="color:windowtext;display:none;text-decoration:none">. </span><span style="color:windowtext;display:none;text-decoration:none">12</span></a></span></p> <p class="MsoToc3"><span lang="EN-AU"><a href="#_Toc974508">Configuring DNS for PnP Server Auto-Discovery<span style="color:windowtext;display:none;text-decoration:none">. </span><span style="color:windowtext;display:none;text-decoration:none">12</span></a></span></p> <p class="MsoToc3"><span lang="EN-AU"><a href="#_Toc974509">Using PnP Connect for PnP Server Auto-Discovery<span style="color:windowtext;display:none;text-decoration:none">. </span><span style="color:windowtext;display:none;text-decoration:none">13</span></a></span></p> <p class="MsoToc1"><span lang="EN-AU"><a href="#_Toc974510">Troubleshooting<span style="color:windowtext;display:none;text-decoration:none">. </span><span style="color:windowtext;display:none;text-decoration:none">13</span></a></span></p> <p class="MsoToc2"><span lang="EN-AU"><a href="#_Toc974511">FindIT Network Manager PnP Server Troubleshooting<span style="color:windowtext;display:none;text-decoration:none">. </span><span style="color:windowtext;display:none;text-decoration:none">13</span></a></span></p> <p class="MsoToc3"><span lang="EN-AU"><a href="#_Toc974512">Verify the Service is Running<span style="color:windowtext;display:none;text-decoration:none">. </span><span style="color:windowtext;display:none;text-decoration:none">13</span></a></span></p> <p class="MsoToc3"><span lang="EN-AU"><a href="#_Toc974513">Verify the Server Certificate<span style="color:windowtext;display:none;text-decoration:none">. </span><span style="color:windowtext;display:none;text-decoration:none">14</span></a></span></p> <p class="MsoToc3"><span lang="EN-AU"><a href="#_Toc974514">View System Logs<span style="color:windowtext;display:none;text-decoration:none">. </span><span style="color:windowtext;display:none;text-decoration:none">14</span></a></span></p> <p class="MsoToc2"><span lang="EN-AU"><a href="#_Toc974515">PnP Device Troubleshooting<span style="color:windowtext;display:none;text-decoration:none">. </span><span style="color:windowtext;display:none;text-decoration:none">14</span></a></span></p> <p class="MsoToc3"><span lang="EN-AU"><a href="#_Toc974516">Verify Server Reachability<span style="color:windowtext;display:none;text-decoration:none">. </span><span style="color:windowtext;display:none;text-decoration:none">14</span></a></span></p> <p class="MsoToc3"><span lang="EN-AU"><a href="#_Toc974517">Verify System Clock Accuracy<span style="color:windowtext;display:none;text-decoration:none">. </span><span style="color:windowtext;display:none;text-decoration:none">14</span></a></span></p> <p class="MsoToc3"><span lang="EN-AU"><a href="#_Toc974518">Check Device Status in the Manager<span style="color:windowtext;display:none;text-decoration:none"> </span><span style="color:windowtext;display:none;text-decoration:none">15</span></a></span></p> <p class="MsoToc3"><span lang="EN-AU"><a href="#_Toc974519">Check Unclaimed Devices<span style="color:windowtext;display:none;text-decoration:none">. </span><span style="color:windowtext;display:none;text-decoration:none">15</span></a></span></p> <p class="MsoToc3"><span lang="EN-AU"><a href="#_Toc974520">View Device Logs<span style="color:windowtext;display:none;text-decoration:none">. </span><span style="color:windowtext;display:none;text-decoration:none">15</span></a></span></p> <p class="MsoToc2"><span lang="EN-AU"><a href="#_Toc974521">Logging a Support Case<span style="color:windowtext;display:none;text-decoration:none">. </span><span style="color:windowtext;display:none;text-decoration:none">15</span></a></span></p> <p class="MsoToc1"><span lang="EN-AU"><a href="#_Toc974522">Obtaining Documentation and Submitting a Service Request<span style="color:windowtext;display:none;text-decoration:none"> </span><span style="color:windowtext;display:none;text-decoration:none">15</span></a></span></p> <p class="MsoToc1"><span lang="EN-AU"><a href="#_Toc974523">Legal Information<span style="color:windowtext;display:none;text-decoration:none">. </span><span style="color:windowtext;display:none;text-decoration:none">16</span></a></span></p> <p class="MsoToc1"><span lang="EN-AU"><a href="#_Toc974524">Cisco Trademark<span style="color:windowtext;display:none;text-decoration:none">. </span><span style="color:windowtext;display:none;text-decoration:none">17</span></a></span></p> <p class="MsoToc1"><span lang="EN-AU"><a href="#_Toc974525">Cisco Copyright<span style="color:windowtext;display:none;text-decoration:none"> </span><span style="color:windowtext;display:none;text-decoration:none">17</span></a></span></p> <p class="DDDocumentDates" style="margin-left:.5in"><span style="display:none"> </span></p> <p class="DDDocumentDates"> </p> <p class="pB1_Body1"><b><span style="color:red;display:none;background:yellow">NOTE:</span></b><span style="color:red;display:none;background:yellow"> Available paragraph styles are listed in the <b>Quick Styles Gallery</b> in the <b>Styles</b> group on the <b>Home</b> tab. Alternatively, they can be accessed via the <b>Styles</b> window (press <b>Alt + Ctrl + Shift + S</b>).</span></p> <h2 class=" p_H_Head1"><a name="_Toc974487">Conventions</a></h2> <p class="pB1_Body1">This document uses the following conventions. </p> <div> <table border="1" cellpadding="6" cellspacing="0" width="100%" bordercolor="#ADADAD"> <thead> <tr valign="top" align="left"> <td> <p class="pCellBody">Convention</p> </td> <td> <p class="pCellBody">Indication</p> </td> </tr> </thead> <tbody> <tr valign="top" align="left"> <td> <p class="pCellBody"><span class="BBold">bold</span> font</p> </td> <td> <p class="pCellBody">Commands and keywords and user-entered text appear in <span class="BBold">bold</span> font.</p> </td> </tr> <tr valign="top" align="left"> <td> <p class="pCellBody"><span class="IItalic">italic</span> font</p> </td> <td> <p class="pCellBody">Document titles, new or emphasized terms, and arguments for which you supply values are in <span class="IItalic">italic</span> font.</p> </td> </tr> <tr valign="top" align="left"> <td> <p class="pCellBody">[   ]</p> </td> <td> <p class="pCellBody">Elements in square brackets are optional.</p> </td> </tr> <tr valign="top" align="left"> <td> <p class="pCellBody">{x | y | z }</p> </td> <td> <p class="pCellBody">Required alternative keywords are grouped in braces and separated by vertical bars.</p> </td> </tr> <tr valign="top" align="left"> <td> <p class="pCellBody">[ x | y | z ]</p> </td> <td> <p class="pCellBody">Optional alternative keywords are grouped in brackets and separated by vertical<span style="font-family:"Verdana","sans-serif""> </span>bars.</p> </td> </tr> <tr valign="top" align="left"> <td> <p class="pCellBody">string</p> </td> <td> <p class="pCellBody">A nonquoted set of characters. Do not use quotation marks around the string or the string will include the quotation marks.</p> </td> </tr> <tr valign="top" align="left"> <td> <p class="pCellBody"><span style="font-size:8.0pt;font-family:Courier">courier font</span></p> </td> <td> <p class="pCellBody">Terminal sessions and information the system displays appear in <span style="font-size:8.0pt;font-family:Courier">courier</span> font.</p> </td> </tr> <tr valign="top" align="left"> <td> <p class="pCellBody"><   ></p> </td> <td> <p class="pCellBody">Nonprinting characters such as passwords are in angle brackets.</p> </td> </tr> <tr valign="top" align="left"> <td> <p class="pCellBody">[   ]</p> </td> <td> <p class="pCellBody">Default responses to system prompts are in square brackets.</p> </td> </tr> <tr valign="top" align="left"> <td> <p class="pCellBody">!, #</p> </td> <td> <p class="pCellBody">An exclamation point (!) or a pound sign (#) at the beginning of a line of code indicates a comment line.</p> </td> </tr> </tbody> </table> </div> <p class="pB1_Body1"> </p> <p class="pN1_Note1"><span class="BCBBoldCiscoBlue">Note: </span>Means <span class="IItalic">reader take note</span>. Notes contain helpful suggestions or references to material not covered in the manual.</p> <p class="pN1_Note1"><span class="BCBBoldCiscoBlue">Caution: </span><span class="BBold">Means </span><span class="BIBoldItalic">reader be careful.</span><span class="BBold"> In this situation, you might perform an action that could result in equipment damage or loss of data.</span></p> <p class="pN1_Note1"><span class="BCBBoldCiscoBlue">Warning: </span><span class="BBold">IMPORTANT SAFETY INSTRUCTIONS<br /> <br /> Means danger. You are in a situation that could cause bodily injury. Before you work on any equipment, be aware of the hazards involved with electrical circuitry and be familiar with standard practices for preventing accidents. Use the statement number provided at the end of each warning to locate its translation in the translated safety warnings that accompanied this device.<br /> <br /> SAVE THESE INSTRUCTIONS</span></p> <p class="pN1_Note1"><span class="BCBBoldCiscoBlue">Regulatory: </span>Provided for additional information and to comply with regulatory and customer requirements. </p> <p class="MsoNormal"><span class="BCBBoldCiscoBlue"><span style="font-size:9.0pt;font-family:"CiscoSans","sans-serif""> </span></span></p> <h2 class=" p_H_Head1"><a name="_Toc974488">Solution Overview</a></h2> <p class="pB1_Body1">It is well recognized in the Information and Communications Technology industry that performing network deployments for enterprises and large campuses can be challenging, and often require skilled installers to pre-stage equipment or visit each site to perform the installation.  What is less well recognized is that these same challenges exist for small and medium businesses (SMBs) as well, along with the added constraints of extremely limited staff and budgets.  Just like large enterprises, SMBs are looking to simplify the deployment process for new networks and offices without compromising functionality or security.</p> <p class="pB1_Body1">The Cisco Network Plug and Play solution provides a simple, secure, unified, and integrated offering for businesses both large and small to ease new network rollouts or for provisioning updates to an existing network. The solution provides a unified approach to provision networks comprised of Cisco routers, switches, and wireless devices with a zero-touch or near zero-touch deployment experience.  An installer at the site can deploy a new device with minimal knowledge of the device being deployed, while the network administrator centrally manages the device configuration.</p> <p class="pB1_Body1">This guide will address the use of Network Plug and Play with the Cisco 100 to 500 series portfolio of routers, switches, and wireless access points.  This portfolio is optimized for SMB customers who do not require the same level of functionality as is offered by the Cisco enterprise or Meraki portfolios.  For more information on the use of Network Plug and Play in conjunction with the Cisco enterprise portfolio, consult the <a href="https://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Plug-and-Play/solution/guidexml/b_pnp-solution-guide.html"><i>Solution Guide for Network Plug and Play</i></a>. </p> <p class="pB1_Body1">Cisco Network Plug and Play used in conjunction with the Cisco 100 to 500 series portfolio offers these features:</p> <p class="pBu1_Bullet1" style="margin-left:.75in"><span style="font-family:"Times New Roman","serif";color:#38467E">■ <span style="font:7.0pt "Times New Roman"">       </span></span>Simplified and consistent deployment of network devices</p> <p class="pBu1_Bullet1" style="margin-left:.75in"><span style="font-family:"Times New Roman","serif";color:#38467E">■ <span style="font:7.0pt "Times New Roman"">       </span></span>Automated and centrally managed remote device deployment using Cisco FindIT Network Manager</p> <p class="pBu1_Bullet1" style="margin-left:.75in"><span style="font-family:"Times New Roman","serif";color:#38467E">■ <span style="font:7.0pt "Times New Roman"">       </span></span>Converged solution for Cisco routers, switches, and wireless access point devices</p> <p class="pBu1_Bullet1" style="margin-left:.75in"><span style="font-family:"Times New Roman","serif";color:#38467E">■ <span style="font:7.0pt "Times New Roman"">       </span></span>Devices can automatically discover FindIT Network Manager through DHCP, DNS, or the cloud using Plug and Play Connect, and predefined configurations and images can be pushed out as devices come online.</p> <p class="pBu1_Bullet1" style="margin-left:.75in"><span style="font-family:"Times New Roman","serif";color:#38467E">■ <span style="font:7.0pt "Times New Roman"">       </span></span>Secure download of software and configuration using encrypted connections authenticated with trusted certificates. For more details on security and how it is managed, see <span class="XrefColor">Secure Connectivity</span>.</p> <p class="pN1_Note1"><span class="BCBBoldCiscoBlue">Note: </span><span lang="EN-AU">PnP-enabled devices from the Cisco enterprise portfolio may be used with FindIT Network Manager as the PnP server, but such deployments are outside the scope of this document</span>.</p> <p class="pBu1_Bullet1"> </p> <p class="pTC_TableCap">Figure 1. Cisco Network Plug and Play Architecture</p> <p class="pB1_Body1"><img border="0" width="605" height="311" id="Picture 29" src="/c/dam/en/us/td/docs/cloud-systems-management/network-automation-and-management/cisco-findIT-network-management/technical_reference/PnP_Guide_02.docx/_jcr_content/renditions/PnP_Guide_02_0.png" alt="PnP_Guide_02_0.png"/></p> <h3 class=" p_H_Head2"><a name="_Toc974489">Solution Components</a></h3> <p class="pB1_Body1">The Cisco Network Plug and Play solution for SMBs includes the following components:</p> <p class="pBu1_Bullet1" style="margin-left:.75in"><span lang="EN-AU" style="font-family:"Times New Roman","serif";color:#38467E">■ <span style="font:7.0pt "Times New Roman"">       </span></span>Cisco FindIT Network Manager—Cisco FindIT Network Manager is a network management system <span lang="EN-AU">designed for Cisco 100 to 500 Series switches, routers, and wireless access points. As part of its functionality, FindIT Network Manager includes an embedded Network Plug and Play server.</span></p> <p class="pBu1_Bullet1" style="margin-left:.75in"><span style="font-family:"Times New Roman","serif";color:#38467E">■ <span style="font:7.0pt "Times New Roman"">       </span></span>Cisco Network Plug and Play server—This embedded application receives Network Plug and Play requests from Cisco devices and provisions devices based on predefined rules and criteria.</p> <p class="pBu1_Bullet1" style="margin-left:.75in"><span style="font-family:"Times New Roman","serif";color:#38467E">■ <span style="font:7.0pt "Times New Roman"">       </span></span>Cisco Plug and Play Agent—This agent is embedded in Cisco devices and communicates to the Cisco Network Plug and Play server using the Network Plug and Play protocol over HTTPS during device deployments.</p> <p class="pBu1_Bullet1" style="margin-left:.75in"><span style="font-family:"Times New Roman","serif";color:#38467E">■ <span style="font:7.0pt "Times New Roman"">       </span></span>Plug and Play Connect—Optional cloud component for automatic PNP server discovery if the DHCP or DNS methods are not available. The Cisco network device contacts the Cisco Plug and Play Connect cloud service at devicehelper.cisco.com to obtain the IP address of the appropriate PnP server that is defined for your organization.</p> <h3 class=" p_H_Head2"><a name="_Toc974490">Solution Workflows</a></h3> <p class="pB1_Body1">There are four main workflows for deploying devices in an SMB environment using Network Plug and Play:</p> <p class="pBu1_Bullet1" style="margin-left:.75in"><span style="font-family:"Times New Roman","serif";color:#38467E">■ <span style="font:7.0pt "Times New Roman"">       </span></span>Planned Device Deployment in a Managed Network</p> <p class="pBu1_Bullet1" style="margin-left:.75in"><span style="font-family:"Times New Roman","serif";color:#38467E">■ <span style="font:7.0pt "Times New Roman"">       </span></span>Planned Device Deployment in an Unmanaged Network</p> <p class="pBu1_Bullet1" style="margin-left:.75in"><span style="font-family:"Times New Roman","serif";color:#38467E">■ <span style="font:7.0pt "Times New Roman"">       </span></span>Unplanned Device Deployment</p> <p class="pBu1_Bullet1" style="margin-left:.75in"><span style="font-family:"Times New Roman","serif";color:#38467E">■ <span style="font:7.0pt "Times New Roman"">       </span></span>Generic Device Deployment</p> <p class="pB1_Body1">The following sections describe each of the common workflows listed above and describes the steps that should be followed for each.</p> <h4 class=" p_H_Head3"><a name="_Toc974491">Planned Device Deployment in a Managed Network</a></h4> <p class="pB1_Body1">A planned device deployment occurs when the network is prepared for the device prior to the physical installation of that device occurring.  A managed network is one where the network services such as DHCP or DNS are controlled by the administrator and can be used by the newly installed device to locate the PnP server.  To deploy a device in a managed network, use the following procedure:</p> <div> <table border="1" cellpadding="6" cellspacing="0" width="100%" bordercolor="#ADADAD"> <tbody> <tr valign="top" align="left"> <td> <p class="pB1_Body1"><b><span lang="EN-AU">Step 1</span></b></p> </td> <td> <p class="pB1_Body1"><span lang="EN-AU">The network administrator sets up a DHCP server in the network to respond to client discover requests with DHCP option 43, which contains information necessary to contact FindIT Network Manager.</span></p> <p class="pB1_Body1"><span lang="EN-AU">Alternatively, DNS can be used to locate the Manager. For DHCP and DNS configuration details, see </span><span class="XrefColor">Server Discovery</span><span lang="EN-AU">.</span></p> </td> </tr> <tr valign="top" align="left"> <td> <p class="pB1_Body1"><b><span lang="EN-AU">Step 2</span></b></p> </td> <td> <p class="pB1_Body1"><span lang="EN-AU">The network administrator creates a Network Plug and Play enabled device in FindIT Network Manager.</span></p> <p class="pB1_Body1"><span lang="EN-AU">This includes entering device information and specifying a configuration and/or image for each device to be installed. Prior to creating devices, it may also be necessary to create a new Project (FindIT Network Manager version 1.x), or a new Network and Device Group (FindIT Network Manager version 2.0 and above) to represent the network the device is to be installed in.  For details on configuring Cisco Network Plug and Play in FindIT Network Manager, see the <i>Cisco FindIT Network Manager Administration Guide</i>.</span></p> </td> </tr> <tr valign="top" align="left"> <td> <p class="pB1_Body1"><b><span lang="EN-AU">Step 3</span></b></p> </td> <td> <p class="pB1_Body1"><span lang="EN-AU">The device installer installs and powers up the Cisco network device.</span></p> </td> </tr> <tr valign="top" align="left"> <td> <p class="pB1_Body1"><b><span lang="EN-AU">Step 4</span></b></p> </td> <td> <p class="pB1_Body1"><span lang="EN-AU">The device auto-discovers FindIT Network Manager using DHCP or DNS, identifies itself by serial number and product ID (PID) to the Cisco Network Plug and Play application, and downloads any software image and/or configuration file that were pre-provisioned by the network administrator.  The device will reboot after each download.</span></p> </td> </tr> </tbody> </table> </div> <h4 class=" p_H_Head3"><a name="_Toc974492">Planned Device Deployment in an Unmanaged Network</a></h4> <p class="pB1_Body1">A planned device deployment occurs when the network is prepared for the device prior to the physical installation of that device occurring.  An unmanaged network is one where the network services such as DHCP or DNS are not controlled by the administrator and so cannot be used by the newly installed device to locate the PnP server.  In an unmanaged network of this kind, it is typically necessary to use the PnP Connect service to locate the PnP server.  This scenario is commonly encountered when deploying a new office or site, and the edge router is to be provisioned using PnP.</p> <p class="pB1_Body1">To deploy a device in an unmanaged network using PnP Connect, use the following procedure:</p> <div> <table border="1" cellpadding="6" cellspacing="0" width="100%" bordercolor="#ADADAD"> <tbody> <tr valign="top" align="left"> <td> <p class="pB1_Body1"><b><span lang="EN-AU">Step 1</span></b></p> </td> <td> <p class="pB1_Body1"><span lang="EN-AU">The network administrator uses the Plug and Play Connect web portal to create a controller profile in Plug and Play Connect for the FindIT Network Manager system to be used.  A Cisco Smart Account is required to use Plug and Play Connect.  For more details on creating a controller profile, see </span><span class="XrefColor">Using PnP Connect for PnP Server Auto-Discovery</span><span lang="EN-AU">.</span></p> <p class="pB1_Body1"><span lang="EN-AU">Typically, the creation of a controller profile is only required once.</span></p> </td> </tr> <tr valign="top" align="left"> <td> <p class="pB1_Body1"><b><span lang="EN-AU">Step 2</span></b></p> </td> <td> <p class="pB1_Body1"><span lang="EN-AU">In certain circumstances, Plug and Play-capable devices purchased directly from Cisco will be automatically added to Plug and Play Connect at the time of purchase.  However, for the majority of SMB products and customers, the network administrator must manually add devices.</span></p> <p class="pB1_Body1"><span lang="EN-AU">When manually adding a device in the Plug and Play Connect web portal, the network administrator will need to provide the serial number and product ID (PID) for the device and select the appropriate controller profile to use.  Multiple devices may be added in bulk by importing a CSV file.</span></p> </td> </tr> <tr valign="top" align="left"> <td> <p class="pB1_Body1"><b><span lang="EN-AU">Step 3</span></b></p> </td> <td> <p class="pB1_Body1"><span lang="EN-AU">The network administrator creates a Network Plug and Play enabled device in FindIT Network Manager.</span></p> <p class="pB1_Body1"><span lang="EN-AU">This includes entering device information and specifying a configuration and/or image for each device to be installed. Prior to creating devices, it may also be necessary to create a new Project (FindIT Network Manager version 1.x), or a new Network and Device Group (FindIT Network Manager version 2.0 and above) to represent the network the device is to be installed in.  For details on configuring Cisco Network Plug and Play in FindIT Network Manager, see the <i>Cisco FindIT Network Manager Administration Guide</i>.</span></p> </td> </tr> <tr valign="top" align="left"> <td> <p class="pB1_Body1"><b><span lang="EN-AU">Step 4</span></b></p> </td> <td> <p class="pB1_Body1"><span lang="EN-AU">The device installer installs and powers up the Cisco network device.</span></p> </td> </tr> <tr valign="top" align="left"> <td> <p class="pB1_Body1"><b><span lang="EN-AU">Step 5</span></b></p> </td> <td> <p class="pB1_Body1"><span lang="EN-AU">The device contacts the Plug and Play Connect service and identifies itself by serial number and product ID (PID).  The Plug and Play Connect service downloads the certificate bundle for FindIT Network Manager to the device, and then redirects the device to the Manager.  The certificate bundle is supplied to the Plug and Play Connect service when creating the controller profile.</span></p> </td> </tr> <tr valign="top" align="left"> <td> <p class="pB1_Body1"><b><span lang="EN-AU">Step 6</span></b></p> </td> <td> <p class="pB1_Body1"><span lang="EN-AU">The device contacts FindIT Network Manager, identifies itself by serial number and product ID (PID) to the Cisco Network Plug and Play application, and downloads any software image and/or configuration file that were pre-provisioned by the network administrator.  The device will reboot after each download.</span></p> </td> </tr> </tbody> </table> </div> <p class="pN1_Note1"><span class="BCBBoldCiscoBlue">Note: </span><span lang="EN-AU">The device will fail to contact Plug and Play Connect if the device cannot synchronize with the predefined NTP servers <b>time-pnp.cisco.com</b> or <b>pool.ntp.org</b>. To resolve this problem, unblock NTP traffic to these two host names</span>.</p> <h4 class=" p_H_Head3"><a name="_Toc974493">Unplanned Device Deployment</a></h4> <p class="pB1_Body1">In an unplanned deployment, a device is physically installed before a Network Plug and Play enabled device is created in FindIT Network Manager.  In this case, the device will not be automatically provisioned with the correct image and configuration.  However, this problem is easily resolved by following the Unplanned Device Deployment procedure.</p> <div> <table border="1" cellpadding="6" cellspacing="0" width="100%" bordercolor="#ADADAD"> <tbody> <tr valign="top" align="left"> <td> <p class="pB1_Body1"><b><span lang="EN-AU">Step 1</span></b></p> </td> <td> <p class="pB1_Body1"><span lang="EN-AU">The network administrator sets up a DHCP server in the network to respond to client discover requests with DHCP option 43, which contains information necessary to contact FindIT Network Manager.</span></p> <p class="pB1_Body1"><span lang="EN-AU">Alternatively, DNS can be used to locate the Manager. For DHCP and DNS configuration details, see </span><span class="XrefColor">Server Discovery</span><span lang="EN-AU">.</span></p> </td> </tr> <tr valign="top" align="left"> <td> <p class="pB1_Body1"><b><span lang="EN-AU">Step 2</span></b></p> </td> <td> <p class="pB1_Body1"><span lang="EN-AU">The device installer installs and powers up the Cisco network device.</span></p> </td> </tr> <tr valign="top" align="left"> <td> <p class="pB1_Body1"><b><span lang="EN-AU">Step 3</span></b></p> </td> <td> <p class="pB1_Body1"><span lang="EN-AU">The device auto-discovers FindIT Network Manager using DHCP or DNS.</span></p> <p class="pB1_Body1"><span lang="EN-AU">The device is listed as an Unclaimed device in FindIT Network Manager, identified by Product ID, Serial Number and IP address.</span></p> </td> </tr> <tr valign="top" align="left"> <td> <p class="pB1_Body1"><b><span lang="EN-AU">Step 4</span></b></p> </td> <td> <p class="pB1_Body1"><span lang="EN-AU">The network administrator uses FindIT Network Manager to claim the device and provide it with a new configuration and/or image.</span></p> <p class="pB1_Body1"><span lang="EN-AU">For more details on claiming devices in FindIT Network Manager, see the <i>Cisco FindIT Network Manager Administration Guide</i>.</span></p> </td> </tr> </tbody> </table> </div> <h4 class=" p_H_Head3"><a name="_Toc974494">Generic Device Deployment</a></h4> <p class="pB1_Body1">In some networks, unique configurations are not required for each device of a particular model and it is possible to define a single, generic configuration to be used for all devices of a particular type or family.  In these cases, it is often better to define generic provisioning rules for all devices of a particular model or type.  To deploy devices using these generic rules, use the following procedure:</p> <div> <table border="1" cellpadding="6" cellspacing="0" width="100%" bordercolor="#ADADAD"> <tbody> <tr valign="top" align="left"> <td> <p class="pB1_Body1"><b><span lang="EN-AU">Step 1</span></b></p> </td> <td> <p class="pB1_Body1"><span lang="EN-AU">The network administrator sets up a DHCP server in the network to respond to client discover requests with DHCP option 43, which contains information necessary to contact FindIT Network Manager.</span></p> <p class="pB1_Body1"><span lang="EN-AU">Alternatively, DNS can be used to locate the Manager. For DHCP and DNS configuration details, see </span><span class="XrefColor">Server Discovery</span><span lang="EN-AU">.</span></p> </td> </tr> <tr valign="top" align="left"> <td> <p class="pB1_Body1"><b><span lang="EN-AU">Step 2</span></b></p> </td> <td> <p class="pB1_Body1"><span lang="EN-AU">The network administrator creates an Auto Claim rule in FindIT Network Manager for the Product ID of the devices.</span></p> <p class="pB1_Body1"><span lang="EN-AU">In addition to specifying the Product ID, the network administrator selects an appropriate configuration and/or image for devices matching this product ID.  For more details on configuring Auto Claim in FindIT Network Manager, see the <i>Cisco FindIT Network Manager Administration Guide</i>.</span></p> </td> </tr> <tr valign="top" align="left"> <td> <p class="pB1_Body1"><b><span lang="EN-AU">Step 3</span></b></p> </td> <td> <p class="pB1_Body1"><span lang="EN-AU">The device installer installs and powers up the Cisco network device.</span></p> </td> </tr> <tr valign="top" align="left"> <td> <p class="pB1_Body1"><b><span lang="EN-AU">Step 4</span></b></p> </td> <td> <p class="pB1_Body1"><span lang="EN-AU">The device auto-discovers FindIT Network Manager using DHCP or DNS, identifies itself by serial number and product ID (PID) to the Cisco Network Plug and Play application, and downloads the software image and/or configuration file that were specified in the Auto Claim rule.  The device will reboot after each download.</span></p> </td> </tr> </tbody> </table> </div> <h2 class=" p_H_Head1"><a name="_Toc974495">Deploying the Cisco Network Plug and Play Solution for SMBs</a></h2> <p class="pB1_Body1"><span lang="EN-AU">This section discusses deploying the Cisco Network Plug and Play solution in Small and Medium Business (SMB) networks built using the Cisco 100 to 500 series product portfolio.</span></p> <h3 class=" p_H_Head2"><a name="_Toc974496">Pre-requisites</a></h3> <p class="pB1_Body1"><span lang="EN-AU">The following are prerequisites for using the Cisco Network Plug and Play solution in SMB networks:</span></p> <p class="pBu1_Bullet1" style="margin-left:.75in"><span style="font-family:"Times New Roman","serif";color:#38467E">■ <span style="font:7.0pt "Times New Roman"">       </span></span>FindIT Network Manager is deployed and operational. For details, see <span lang="EN-AU">the </span><a href="https://www.cisco.com/c/en/us/support/cloud-systems-management/findit-network-management/products-installation-guides-list.html"><i><span lang="EN-AU">Cisco FindIT Network Manager Quick Start Guide Guide</span></i></a><span lang="EN-AU">.</span></p> <p class="pBu1_Bullet1" style="margin-left:.75in"><span style="font-family:"Times New Roman","serif";color:#38467E">■ <span style="font:7.0pt "Times New Roman"">       </span></span>The Cisco network devices to be deployed are running software releases that support the Cisco Network Plug and Play Agent.  For supported platforms and software releases, see the <a href="https://www.cisco.com/c/en/us/support/cloud-systems-management/findit-network-management/products-technical-reference-list.html"><i>Cisco FindIT Network Manager - Device Support List</i></a>.</p> <p class="pBu1_Bullet1" style="margin-left:.75in"><span style="font-family:"Times New Roman","serif";color:#38467E">■ <span style="font:7.0pt "Times New Roman"">       </span></span>If you are using Cisco Plug and Play Connect, the identity of the FindIT Network Manager installation is defined in the Plug and Play Connect web portal in your Cisco Smart Account, and network devices are using a supported software release. For details on device and software release support, see the <a href="https://www.cisco.com/c/en/us/support/cloud-systems-management/findit-network-management/products-technical-reference-list.html"><i>Cisco FindIT Network Manager - Device Support List</i></a>.</p> <h3 class=" p_H_Head2"><a name="_Toc974497">Design Considerations</a></h3> <p class="pB1_Body1">When deploying support for Network Plug and Play, there are a number of design considerations that should be taken in to account prior to beginning deployment.  These are detailed in the following sections.</p> <h4 class=" p_H_Head3"><a name="_Toc974498">Plug and Play Server Discovery</a></h4> <p class="pB1_Body1"><span lang="EN-AU">A Network Plug and Play device will automatically find the address of the Network Plug and Play server using one of the following methods. Each method will be attempted in turn until an address is found or all methods have failed. The methods used are, in order: </span></p> <p class="pBu1_Bullet1" style="margin-left:.75in"><span lang="EN-AU" style="font-family:"Times New Roman","serif";color:#38467E">■ <span style="font:7.0pt "Times New Roman"">       </span></span><b>Manual configuration</b>—A Network Plug and Play enabled device may be manually configured with the address of the server through the administration interface.  Explicit configuration always takes precedence over other discovery methods.</p> <p class="pBu1_Bullet1" style="margin-left:.75in"><span lang="EN-AU" style="font-family:"Times New Roman","serif";color:#38467E">■ <span style="font:7.0pt "Times New Roman"">       </span></span><b><span lang="EN-AU">DHCP</span></b><span lang="EN-AU">—The address of the server may be supplied to the device in the Vendor-specific Information option (option 43)</span></p> <p class="pBu1_Bullet1" style="margin-left:.75in"><span lang="EN-AU" style="font-family:"Times New Roman","serif";color:#38467E">■ <span style="font:7.0pt "Times New Roman"">       </span></span><b><span lang="EN-AU">DNS</span></b><span lang="EN-AU">—If the DHCP Vendor-specific Information option has not been provided, then the device will perform discovery using DNS lookups of well-known hostnames</span></p> <p class="pBu1_Bullet1" style="margin-left:.75in"><span lang="EN-AU" style="font-family:"Times New Roman","serif";color:#38467E">■ <span style="font:7.0pt "Times New Roman"">       </span></span><b><span lang="EN-AU">Plug and Play Connect Service</span></b><span lang="EN-AU">—Finally, if no other method has been successful, the device will attempt to contact the Plug and Play Connect service. This service will then redirect the device to the correct server</span></p> <p class="pB1_Body1"><span lang="EN-AU">Once the device has identified the server, it will contact the server and update firmware and configuration as specified by the server.</span></p> <p class="pB1_Body1"><span lang="EN-AU">Selecting the right discovery method to use depends on the level of control that exists over the broader network infrastructure.  The use of the DHCP or DNS methods require the administration to have some level of control over the DHCP servers in the network and the domain name infrastructure.  The Plug and Play Connect service requires little more than Internet access to be effective but will generally require more effort to maintain.</span></p> <p class="pB1_Body1"><span lang="EN-AU">In most cases, the DHCP method offers the most flexibility and should be used if possible, especially if DHCP services are managed centrally and can be easily updated.  DNS discovery can be more easily established in networks with many DHCP servers that are managed separately, as DNS discovery frequently only requires updates be made to one or two DNS servers.  If no access is available to DHCP or DNS servers, then PnP Connect should be used.</span></p> <p class="pB1_Body1"><span lang="EN-AU">Multiple discovery methods may also be used in combination.  Setting up both DHCP and DNS discovery in the same network provides the combination of flexibility from DHCP discovery with a level of confidence that comes from having DNS discovery for devices where the DHCP server has been overlooked.  A common approach is to use PnP Connect to provide discovery services for edge router deployment where DHCP and DNS are operated by the ISP and so unavailable for use, but then use DHCP for devices in the rest of the network that receive DHCP services from the router just deployed.</span></p> <p class="pB1_Body1"><span lang="EN-AU">The manual configuration option, although reliable and flexible, is generally only used during testing of a newly deployed Manager.  However, it can be used as a discovery method in environments where some pre-staging of equipment is performed.</span></p> <p class="pB1_Body1"><span lang="EN-AU">For more details on setting up the different discovery methods, see </span><span class="XrefColor">Server Discovery</span><span lang="EN-AU"> below.</span></p> <h4 class=" p_H_Head3"><a name="_Toc974499"></a><a name="SecureConnectivity">Secure Connectivity</a></h4> <p class="pB1_Body1"><span lang="EN-AU">The Cisco Network Plug and Play solution uses HTTPS connections between network devices and the Network Plug and Play server. This secure connectivity is implemented in one of two ways, depending on the type of transport you specify in the DHCP option or PnP Connect controller profile.  DNS discovery will always attempt to use HTTPS as the transport protocol.  For details on configuring DHCP discovery or PnP Connect, see </span><span class="XrefColor">Server Discovery</span><span lang="EN-AU">.</span></p> <p class="pB1_Body1"><span lang="EN-AU">Depending on the transport protocol used, secure connectivity is implemented in the following ways:</span></p> <p class="pBu1_Bullet1" style="margin-left:.75in"><span style="font-family:"Times New Roman","serif";color:#38467E">■ <span style="font:7.0pt "Times New Roman"">       </span></span>When HTTP is specified as the transport protocol (default), secure connectivity is based on trustpoint.</p> <p class="pB1_Body1" style="margin-left:.75in">Trustpoint based secure connectivity relies on the self-signed certificate that is installed by default on FindIT Network Manager. This self-signed certificate is used to create a default trustpoint on network devices, which allows devices to connect securely over HTTPS to the Manager. HTTPS is used for communications with the Manager, despite the fact that HTTP is specified as the transport protocol.  Before beginning the provisioning process, the Manager installs the certificate on the device, and then redirects the device to use HTTPS.  Configuration and firmware updates are then performed through HTTPS.</p> <p class="pBu1_Bullet1" style="margin-left:.75in"><span style="font-family:"Times New Roman","serif";color:#38467E">■ <span style="font:7.0pt "Times New Roman"">       </span></span>When HTTPS is specified as the transport protocol, secure connectivity is based on trustpool.</p> <p class="pB1_Body1" style="margin-left:.75in"><span lang="EN-AU">Trustpool based secure connectivity additionally requires that you replace the self-signed certification on FindIT Network Manager with your own CA signed certificate. A trustpool is a special store of certificates signed by trusted certificate authorities and published by Cisco InfoSec.  The trustpool bundle is itself signed by Cisco, allowing it to be trusted even if downloaded using an insecure transport such as HTTP or TFTP.  Prior to connecting to the PnP service, the device imports the trustpool bundle into its CA store and this allows it to validate the Manager certificate, enabling secure communications over HTTPS.</span></p> <p class="pB1_Body1" style="margin-left:.75in"><span lang="EN-AU">You can choose to host the trustpool bundle in a different location in your network, which you can specify in the T parameter to DHCP option 43 or using the pnptrustpool DNS name with DNS discovery. In this case, network devices would obtain your trustpool bundle instead of the default one that is installed in the Manager.</span></p> <h4 class=" p_H_Head3"><a name="_Toc974500">Device Deployment Considerations</a></h4> <p class="pB1_Body1">There are some additional considerations that need to be taken in to account at the time devices are deployed.  The considerations are about the process of deploying the devices rather than the design of the network.</p> <h5 class=" p_H_Head4">Network Reachability</h5> <p class="pB1_Body1"><span lang="EN-AU">While it may be obvious that the devices being deployed need to be able to contact the PnP server to complete deployment, it is less obvious that there are other services that must also be reachable.  Exactly which services are required will depend on the design choices made.</span></p> <p class="pB1_Body1"><span lang="EN-AU">In an SMB environment, the most common requirement for network reachability is Internet access.  Internet access is clearly required if using the PnP Connect service for discovery, but frequently Internet access will be required to access NTP services as well.  It is common to rely on the default NTP service pool.ntp.org for clock synchronization, and accurate time is a pre-requisite for establishing a secure connection to the PnP server.  If an accurate time source is not available, then the deployment process will fail.</span></p> <h5 class=" p_H_Head4">Order of Deployment</h5> <p class="pB1_Body1"><span lang="EN-AU">When deploying multiple devices in a greenfields network, part of ensuring that network reachability is available is bring the network up in the correct order.  In general, routing and upstream devices should be brought up first to provide access to the broader network. Once the router and all upstream devices are up and provisioned, switches and downstream devices can be brought up.  Due consideration should also be given to the restarts performed during the provisioning process.  It is wise to verify that key devices such as routers or core switches have completed provisioning and are stable before bringing up second and third tier devices.  Otherwise there is a possibility for a device to lose connectivity or even power part way through an image upgrade, potentially requiring a manual recovery to be performed.</span></p> <h3 class=" p_H_Head2"><a name="_Toc974501">Preparing FindIT Network Manager</a></h3> <p class="pB1_Body1">There is a small amount of preparation necessary to ensure FindIT Network Manager is ready to support Network Plug and Play in a given network.  First, and most importantly, it is necessary to establish the server identity so that it matches what the clients will expect.  If this is not done, then the security of the process cannot be assured, and the process may fail for reasons that are not obvious to the user.  Establishing the server identity is usually only done once and should generally be done at the same time as performing the initial deployment of the Manager.  </p> <p class="pB1_Body1">Once the server identity has been correctly established, firmware and configuration files need to be uploaded and Network Plug and Play enabled devices must be created for the devices to be deployed.  This is an ongoing operation, with new devices being created as the network expands, while configurations and firmware versions will be updated as network requirements change over time.</p> <h4 class=" p_H_Head3"><a name="_Toc974502">Setting Up the Server Identity</a></h4> <p class="pB1_Body1">When establishing a connection to a Network Plug and Play server, the client checks to ensure the certificate presented by the server is valid and can be trusted. For the certificate to be acceptable and the connection to proceed, the certificate must meet the following conditions:</p> <p class="pBu1_Bullet1" style="margin-left:.75in"><span style="font-family:"Times New Roman","serif";color:#38467E">■ <span style="font:7.0pt "Times New Roman"">       </span></span>The certificate must be signed by a trusted Certificate Authority (CA), or the certificate itself must be trusted by the client. A certificate downloaded from the TrustpoolBundleURL learned from DHCP, or from the Plug and Play Connect service is trusted by the client.</p> <p class="pBu1_Bullet1" style="margin-left:.75in"><span style="font-family:"Times New Roman","serif";color:#38467E">■ <span style="font:7.0pt "Times New Roman"">       </span></span>If the server identity is discovered using manual configuration, DHCP or Plug and Play Connect, and is an IP address, then the Subject-Alt-Name field must contain that IP address.  If the server will be reached through a NAT service, then the Subject-Alt-Name field must contain the public IP address – the same IP address the client is connecting to.</p> <p class="pBu1_Bullet1" style="margin-left:.75in"><span style="font-family:"Times New Roman","serif";color:#38467E">■ <span style="font:7.0pt "Times New Roman"">       </span></span>If the server identity is discovered using manual configuration, DHCP or Plug and Play Connect, and is a hostname, then the Subject-Alt-Name field must contain that hostname</p> <p class="pBu1_Bullet1" style="margin-left:.75in"><span style="font-family:"Times New Roman","serif";color:#38467E">■ <span style="font:7.0pt "Times New Roman"">       </span></span>If the server identity is discovered using DNS discovery, then the Subject-Alt-Name field must contain the well-known hostname pnpserver.<local domain></p> <p class="pN1_Note1"><span class="BCBBoldCiscoBlue">Note:</span> The Cisco 100 to 500 Series switch platforms do not currently check the Common Name or Server-Alt-Name fields</p> <p class="pN1_Note1"><span class="BCBBoldCiscoBlue">Note: </span>When using DNS discovery, some older implementations of the PnP client <span lang="EN-AU">require the Subject-Alt-Name field to contain the IP address corresponding to the well-known hostname pnpserver.<local domain>.</span></p> <p class="pB1_Body1">In release 1.1.4, FindIT Network Manager implements a number of mechanisms when generating certificates to ensure these requirements are met.  In particular, when generating a Certificate Signing Request (CSR) or re-generating the self-signed certificate, the Manager automatically includes the following information in the Subject-Alt-Name field:</p> <p class="pBu1_Bullet1" style="margin-left:1.0in"><span style="font-family:"Times New Roman","serif";color:#38467E">■ <span style="font:7.0pt "Times New Roman"">       </span></span>The contents of the Common Name field</p> <p class="pBu1_Bullet1" style="margin-left:1.0in"><span style="font-family:"Times New Roman","serif";color:#38467E">■ <span style="font:7.0pt "Times New Roman"">       </span></span>The current IP address(es).  If the Manager is deployed in AWS, the external, public IP address of the Manager is used.</p> <p class="pBu1_Bullet1" style="margin-left:1.0in"><span style="font-family:"Times New Roman","serif";color:#38467E">■ <span style="font:7.0pt "Times New Roman"">       </span></span><span lang="EN-AU">The hostname that was used in the web browser to connect to the administration GUI when generating the certificate or CSR</span></p> <p class="pN1_Note1"><span class="BCBBoldCiscoBlue">Note: </span>When using DNS discovery, you can ensure the<span lang="EN-AU"> pnpserver.<local domain> name is included by either inserting it in the Common Name field, or by using pnpserver.<localdomain> in your web browser when generating the certificate or CSR</span></p> <p class="pB1_Body1">From release 2.0, the Subject-Alt-Name field should be specified directly along with the other parameters required when generating the certificate or CSR.</p> <h4 class=" p_H_Head3"><a name="_Toc974503">Upload Images and Configurations</a></h4> <p class="pB1_Body1">Configuration and image files for the devices to be deployed must be uploaded to the Manager prior to deployment.  Each file may be used for multiple devices or may be specific to a single device.  Multiple files may also be uploaded for devices of the same type.</p> <p class="pB1_Body1">Image files may be designated as the default image for one or more product IDs.  This can be used to ensure that all devices run a common software version.</p> <p class="pB1_Body1">See the <i>FindIT Network Manager Administration Guide</i> for detailed instructions on uploading files to the Manager.</p> <h4 class=" p_H_Head3"><a name="_Toc974504">Create </a>Network Plug and Play Enabled Devices for Planned Devices</h4> <p class="pB1_Body1">Network Plug and Play enabled devices are used to map individual devices to the desired image and configuration file.  Devices are identified by the combination of product ID (PID) and serial number.  A PnP-enabled device record should be created for each device to be deployed.  When a device connects to the Manager, the PnP-enabled device records are searched, and, if a match is found, the image and configuration files specified will be pushed out to the device.  The device may reboot multiple times during this process.</p> <p class="pB1_Body1">See the <i>FindIT Network Manager Administration Guide</i> for detailed instructions on creating provisioning rules.</p> <h4 class=" p_H_Head3"><a name="_Toc974505">Create Network Plug and Play Enabled Devices for Unplanned Devices</a></h4> <p class="pB1_Body1">In some networks, it may be possible to define common configurations for all or most devices of a given type.  Alternatively, there may be a requirement to ensure that any device of a particular type that is connected to the network meets a certain baseline configuration.  In these cases, provisioning rules for unplanned devices – also known as Auto Claim rules – should be created.</p> <p class="pB1_Body1">Auto Claim rules are similar to PnP-enabled device records, but they do not match on the device serial number – only on the product ID (PID).  As a result, any device with the specified PID will match this rule when connecting to the Manager so long as there is no existing device record that matches the serial number and PID of the device.  When a device matches an Auto Claim rule, the image and configuration files specified in that rule will be pushed out to the device.  The device may reboot multiple times during this process.</p> <p class="pB1_Body1">See the <i>FindIT Network Manager Administration Guide</i> for detailed instructions on creating Auto Claim rules.</p> <p class="pN1_Note1"><span class="BCBBoldCiscoBlue">Note:</span> In FindIT Network Manager version 2.0, devices that have previously been discovered by the Manager and are already present in the inventory are effectively PnP-enabled devices without any firmware or configuration specified.  They will not be visible in the PnP Enabled Device page unless and until they have connected to the Manager using PnP, but once the device connects to the Manager using PnP, they will appear on the PnP Enabled Devices page ready for configuration.  This means that Auto Claim rules do not take effect for devices that are already known to the Manager at the time of initial connection.</p> <h3 class=" p_H_Head2"><a name="_Toc974506"></a><a name="ServerDiscovery">Server Discovery</a></h3> <p class="pB1_Body1">Multiple methods exist for a Network Plug and Play client to identify a Network Plug and Play server.  The following sections describe each in detail.</p> <h4 class=" p_H_Head3"><a name="_Toc974507"></a><a name="DHCPDiscovery">Configuring DHCP for PnP Server Auto-Discovery</a></h4> <p class="pB1_Body1">To discover the server address using DHCP, the device will send a DHCP discover message with option 60 that contains the string “ciscopnp”. The DHCP server must send a response containing the Vendor-specific Information option (option 43). The device extracts the server address from this option and uses this address to contact the server. An example of an option 43 string containing the address of a Network Plug and Play server is “5A1N;B2;K4;I172.19.45.222;J80”.</p> <p class="pB1_Body1">The option 43 string has the following components, delimited by semicolons:</p> <p class="pBu1_Bullet1" style="margin-left:.75in"><span style="font-family:"Times New Roman","serif";color:#38467E">■ <span style="font:7.0pt "Times New Roman"">       </span></span>5A1N—Specifies the DHCP sub-option for Plug and Play, active operation, version 1, no debug information. It is not necessary to change this part of the string.</p> <p class="pBu1_Bullet1" style="margin-left:.75in"><span style="font-family:"Times New Roman","serif";color:#38467E">■ <span style="font:7.0pt "Times New Roman"">       </span></span>Bx—Server address type:</p> <p class="pBu1_Bullet1" style="margin-left:1.25in"><span style="font-family:"Courier New"">o<span style="font:7.0pt "Times New Roman"">    </span></span>B1 = hostname</p> <p class="pBu1_Bullet1" style="margin-left:1.25in"><span style="font-family:"Courier New"">o<span style="font:7.0pt "Times New Roman"">    </span></span>B2 = IPv4</p> <p class="pBu1_Bullet1" style="margin-left:.75in"><span style="font-family:"Times New Roman","serif";color:#38467E">■ <span style="font:7.0pt "Times New Roman"">       </span></span>Ixxx.xxx.xxx.xxx—IP address or hostname of the server (following a capital letter i). In the example, the IP address is 172.19.45.222.</p> <p class="pBu1_Bullet1" style="margin-left:.75in"><span style="font-family:"Times New Roman","serif";color:#38467E">■ <span style="font:7.0pt "Times New Roman"">       </span></span>Jxxxx—Port number to use to connect to the server. In the example, the port number is 80. The default is port 80 for HTTP and port 443 for HTTPS.</p> <p class="pBu1_Bullet1" style="margin-left:.75in"><span style="font-family:"Times New Roman","serif";color:#38467E">■ <span style="font:7.0pt "Times New Roman"">       </span></span>Kx—Transport protocol to be used between the Cisco Plug and Play IOS Agent and the server:</p> <p class="pBu1_Bullet1" style="margin-left:1.25in"><span style="font-family:"Courier New"">o<span style="font:7.0pt "Times New Roman"">    </span></span>K4 = HTTP (default)</p> <p class="pBu1_Bullet1" style="margin-left:1.25in"><span style="font-family:"Courier New"">o<span style="font:7.0pt "Times New Roman"">    </span></span>K5 = HTTPS</p> <p class="pBu1_Bullet1" style="margin-left:.75in"><span style="font-family:"Times New Roman","serif";color:#38467E">■ <span style="font:7.0pt "Times New Roman"">       </span></span>TtrustpoolBundleURL—Optional parameter that specifies the external URL of the trustpool bundle if it is to be retrieved from a different location than the server. For example, to download the bundle from a TFTP server at 10.30.30.10, you would specify the parameter like this: Ttftp://10.30.30.10/ca.p7b</p> <p class="pBu1_Bullet1" style="margin-left:.75in"><span style="font-family:"Times New Roman","serif";color:#38467E">■ <span style="font:7.0pt "Times New Roman"">       </span></span>If you are using trustpool security and you do not specify the T parameter, the device retrieves the trustpool bundle from the server.</p> <p class="pBu1_Bullet1" style="margin-left:.75in"><span style="font-family:"Times New Roman","serif";color:#38467E">■ <span style="font:7.0pt "Times New Roman"">       </span></span>Zxxx.xxx.xxx.xxx;—IP address of the NTP server. This parameter is mandatory when using trustpool security to ensure that all devices are synchronized.</p> <p class="pB1_Body1">Consult the documentation for your DHCP server for details on how to configure DHCP options.</p> <h4 class=" p_H_Head3"><a name="_Toc974508">Configuring DNS for PnP Server Auto-Discovery</a></h4> <p class="pB1_Body1">If DHCP discovery fails to get the IP address of the server, the device falls back to a DNS lookup method.  Based on the network domain name returned by the DHCP server, the device constructs a fully qualified domain name (FQDN) for the server, using the preset hostname “pnpserver”.  For example, if the DHCP server returns the domain name “example.com”, the device constructs the FQDN “pnpserver.example.com”.  It then uses the local name server to resolve the IP address for this FQDN.</p> <p class="pB1_Body1">Depending on the client type and software version, up to three names will be queried:</p> <p class="pTC_TableCap">Table 1 Hostnames used for DNS Discovery</p> <div> <table border="1" cellpadding="6" cellspacing="0" width="100%" bordercolor="#ADADAD"> <tbody> <tr valign="top" align="left"> <td> <p class="pB1_Body1" style="margin-left:0in">Name</p> </td> <td> <p class="pB1_Body1" style="margin-left:0in">Description</p> </td> </tr> <tr valign="top" align="left"> <td> <p class="pB1_Body1" style="margin-left:0in">pnpserver</p> </td> <td> <p class="pB1_Body1" style="margin-left:0in">The PnP server to be used</p> </td> </tr> <tr valign="top" align="left"> <td> <p class="pB1_Body1" style="margin-left:0in">pnptrustpool</p> </td> <td> <p class="pB1_Body1" style="margin-left:0in">A separate server for downloading a trustpool bundle.  If this name does not exist, then the PnP server is used.</p> </td> </tr> <tr valign="top" align="left"> <td> <p class="pB1_Body1" style="margin-left:0in">pnpntpserver</p> </td> <td> <p class="pB1_Body1" style="margin-left:0in">The server to use for clock synchronization through NTP.  If this name does not exist, then the well-known service pool.ntp.org is used.</p> </td> </tr> </tbody> </table> </div> <p class="pB1_Body1"> </p> <h4 class=" p_H_Head3"><a name="_Toc974509"></a><a name="PnPConnectDiscovery">Using PnP Connect for PnP Server Auto-Discovery</a></h4> <p class="pB1_Body1">Plug and Play Connect is a Cisco-provided service that is the last resort used by a Network Plug and Play-enabled device to discover the server. To use Plug and Play Connect for server discovery, you must first create a Controller Profile representing the Manager, and then register each of your devices with the Plug and <span lang="EN-AU">Play Connect Service.  </span>Certain products purchased directly from Cisco may be associated with your Cisco Smart Account at the time of order, and these will automatically be added to Plug and Play Connect. However, the majority of Cisco <span lang="EN-AU">100 to 500 series Plug and Play-enabled products will need to be registered manually.</span></p> <p class="pB1_Body1">See the <i>FindIT Network Manager Administration Guide</i> for detailed instructions on using PnP Connect with FindIT Network Manager.</p> <h2 class=" p_H_Head1"><a name="_Toc974510">Troubleshooting</a></h2> <p class="pB1_Body1">There are many components in a working Network Plug and Play solution, and the failure or misconfiguration of any one can cause a device deployment to fail.  The first step in troubleshooting is to determine whether the problem is impacting one device or many, and whether this is the first use of the Manager as a PnP server or whether it has been seen to work successfully previously.  Based on the answer to these questions, the troubleshooting process can focus on the Manager if the problem is widespread or this is the first use of the Manager as a PnP server, or the focus can shift to the device if there is a particular device being impacted.</p> <p class="pB1_Body1">The following sections describe troubleshooting techniques that focus on the Manager and the device in turn.  If the problem cannot be resolved using the techniques described here, then the last section details the information that should be gathered prior to logging a support case.</p> <h3 class=" p_H_Head2"><a name="_Toc974511">FindIT Network Manager PnP Server Troubleshooting</a></h3> <p class="pB1_Body1">This section provides some tips and techniques for troubleshooting the PnP server on the Manager.</p> <h4 class=" p_H_Head3"><a name="_Toc974512">Verify the Service is Running</a></h4> <p class="pB1_Body1">To quickly verify that the Network Plug and Play service is operable on the Manager, enter the URL <span class="MsoHyperlink">http://<server_name_or_IP>/pnp/hello</span> in to a web browser.  If the service is operating correctly, you will receive a simple response similar to the following:</p> <div class=" pEx1_Example1"> <span class="CNCmdName"><span style="font-weight:normal">Hello from PnP Server, d108ee3 committed at Mon Jan 07 01:49:55 UTC 2019, 2.0.0-SNAPSHOT built at Mon Feb 11 22:33:06 UTC 2019</span></span> </div> <div class=" pEx1_Example1">   </div> <p class="pB1_Body1">The test should be repeated using HTTPS, and the server name or address used should match that being used for server discovery.  This indirectly verifies that necessary infrastructure such as the DNS and routing infrastructure is operating correctly.</p> <h4 class=" p_H_Head3"><a name="_Toc974513">Verify the Server Certificate</a></h4> <p class="pB1_Body1">You may view the certificate in use either through the Manager GUI, or by inspecting the certificate presented by the Manager web service using the web browser tools.  However, viewing the certificate through the web browser will also show whether the certificate has been correctly signed by a public Certificate Authority (CA) and that it is otherwise a valid certificate.</p> <p class="pB1_Body1">Regardless of how the certificate is viewed, the Subject Alternative Name field – also known as Subject-Alt-Name or SAN – should be inspected to verify that it contains the following information:</p> <p class="pBu1_Bullet1" style="margin-left:.75in"><span style="font-family:"Times New Roman","serif";color:#38467E">■ <span style="font:7.0pt "Times New Roman"">       </span></span>The server name specified in the DHCP option or PnP Connect controller profile if the server is identified by name</p> <p class="pBu1_Bullet1" style="margin-left:.75in"><span style="font-family:"Times New Roman","serif";color:#38467E">■ <span style="font:7.0pt "Times New Roman"">       </span></span>The IP address specified in the DHCP option or PnP Connect controller profile if the server is identified by IP address</p> <p class="pBu1_Bullet1" style="margin-left:.75in"><span style="font-family:"Times New Roman","serif";color:#38467E">■ <span style="font:7.0pt "Times New Roman"">       </span></span>The name pnpserver.<domain> if DNS discovery is being used</p> <p class="pBu1_Bullet1">The validity start and end dates should also be inspected to verify that the certificate is currently valid.</p> <h4 class=" p_H_Head3"><a name="_Toc974514">View System Logs</a></h4> <p class="pB1_Body1">If the PnP service is not running, it may be necessary to check the PnP logs for errors.  The PnP logs are also useful for verifying that PnP requests are being received from network devices.  Logs for the PnP service may be found at the following location in the file system of the Manager:</p> <div class=" pEx1_Example1"> /var/log/findit/manager/nm-pnp-server.log </div> <div class=" pEx1_Example1">   </div> <p class="pN1_Note1"><span class="BCBBoldCiscoBlue">Note: </span>The log files for the FindIT Network Manager application are owned by the findit user and are not world readable.  To access the logs, it will be necessary to use the sudo command to gain escalated privileges.</p> <p class="pN1_Note1"><span class="BCBBoldCiscoBlue">Note: </span>If the Manager version is 2.0 or later, the log level for the PnP service should be set to Debug.  To change log levels, navigate to System > Logging in the Manager user interface.  In version 2.0, log files may be directly downloaded from the System > Logging page.</p> <h3 class=" p_H_Head2"><a name="_Toc974515">PnP Device Troubleshooting</a></h3> <p class="pB1_Body1">This section provides some tips and techniques for troubleshooting the PnP client on a network device.</p> <h4 class=" p_H_Head3"><a name="_Toc974516">Verify Server Reachability</a></h4> <p class="pB1_Body1">Ensuring that the Manager is reachable by the device is an obvious troubleshooting step, but in many cases, the server identity used by the PnP client is not the commonly used server identity for the Manager.  For example, if DNS discovery is being used, then the Manager needs to be reachable using the name pnpserver.<domain>.  The built-in diagnostic tools in the network device should be used to ensure that the Manager is reachable using the same IP or name learned through the PnP server discovery process.  The majority of network devices provide at least basic ping, traceroute and name lookup tools, and these will usually be sufficient to verify reachability.</p> <h4 class=" p_H_Head3"><a name="_Toc974517">Verify System Clock Accuracy</a></h4> <p class="pB1_Body1">A network device must have a reasonably accurate knowledge of the current time in order to check the validity of the certificate presented by the server.  If the clock is not set correctly, the device may incorrectly identify a valid certificate as being invalid based on the start and end validity dates.  Because of this, a PnP client will not validate a certificate unless it has the Network Time Protocol (NTP) enabled and it has successfully synchronized the clock with one or more NTP servers.  Certain PnP clients further require that the NTP servers must be learned through the PnP discovery mechanism or be from a well know default such as pool.ntp.org.  Consult the network device documentation for more information.</p> <p class="pB1_Body1">You can visually inspect the current clock setting for the device through the user interface.</p> <h4 class=" p_H_Head3"><a name="_Toc974518">Check Device Status in the Manager</a></h4> <p class="pB1_Body1">If the Manager is reachable and the clock is accurate, then it is likely that a successful connection to the PnP server will be made.  If device provisioning is not proceeding correctly, then checking the PnP provisioning status can help identify a problem.  Consult the <span class="IItalic">FindIT Network Manager Administration Guide</span> for details of how to view the provisioning status and the meaning of each of the possible values.</p> <h4 class=" p_H_Head3"><a name="_Toc974519">Check Unclaimed Devices</a></h4> <p class="pB1_Body1">If the provisioning status for the device registration in the Manager remains in the Pending state, then the Unclaimed Devices page should be checked.  An error in the product ID (PID) or serial number is a common reason for a device to fail to provision and in this case, the device will be listed in the Unclaimed Device table.</p> <h4 class=" p_H_Head3"><a name="_Toc974520">View Device Logs</a></h4> <p class="pB1_Body1">The majority of network devices will generate detailed logs for the PnP client, although in some cases, logging may need to be explicitly enabled for each module.  Many devices also allow the display of logs to be restricted to specific modules which may help when reviewing the logs.  Consult the network device documentations for more details on configuring logging and the selection of appropriate modules to diagnose PnP.</p> <h3 class=" p_H_Head2"><a name="_Toc974521">Logging a Support Case</a></h3> <p class="pB1_Body1">If the above tips and techniques do not provide a resolution to the problem under investigation, a support case should be opened with the Small Business Support Center.  For contact details, consult <a href="https://www.cisco.com/go/sbsc">https://www.cisco.com/go/sbsc</a> and call the local access number listed.</p> <p class="pB1_Body1">Before opening a case, the following information should be gathered:</p> <p class="pBu1_Bullet1" style="margin-left:.75in"><span style="font-family:"Times New Roman","serif";color:#38467E">■ <span style="font:7.0pt "Times New Roman"">       </span></span>Details of the PnP configuration for the device in the Manager</p> <p class="pBu1_Bullet1" style="margin-left:.75in"><span style="font-family:"Times New Roman","serif";color:#38467E">■ <span style="font:7.0pt "Times New Roman"">       </span></span>The product ID and serial number of the device captured from the device user interface.  Typically, this information will be found on the Status and Statistics pages in the web UI.</p> <p class="pBu1_Bullet1" style="margin-left:.75in"><span style="font-family:"Times New Roman","serif";color:#38467E">■ <span style="font:7.0pt "Times New Roman"">       </span></span>Details of the DHCP offer presented to device if DHCP is in use.  Ideally this should be a packet capture of the transaction, but a copy of the DHCP pool configuration from the DHCP server is generally sufficient.</p> <p class="pBu1_Bullet1" style="margin-left:.75in"><span style="font-family:"Times New Roman","serif";color:#38467E">■ <span style="font:7.0pt "Times New Roman"">       </span></span>PnP service logs from the Manager</p> <p class="pBu1_Bullet1" style="margin-left:.75in"><span style="font-family:"Times New Roman","serif";color:#38467E">■ <span style="font:7.0pt "Times New Roman"">       </span></span>PnP logs from the device</p> <p class="pB1_Body1">This information should be provided to the engineer who provides support for this case.</p> <h2 class=" p_H_Head1"><a name="_Toc974522"></a><a name="RTF37343536353a20314850725f">Obtaining Documentation and Submitting a Service Request</a></h2> <p class="pB1_Body1">For information on obtaining documentation, using the Cisco Bug Search Tool (BST), submitting a service request, and gathering additional information, see <a href="//www.cisco.com/c/en/us/td/docs/general/whatsnew/whatsnew.html"><i>What’s New in Cisco Product Documentation</i></a>.</p> <p class="pB1_Body1">To receive new and revised Cisco technical content directly to your desktop, you can subscribe to the <a href="//www.cisco.com/assets/cdc_content_elements/rss/whats_new/whatsnew_rss_feed.xml">What’s New in Cisco Product Documentation RSS feed</a>. The RSS feeds are a free service.</p> <span style="font-size:16.0pt;font-family:"CiscoSans Light","sans-serif";color:#38467E"><br clear="all" style="page-break-before:always" /> </span> <h2 class=" p_H_Head1"> <a name="_Toc974523">Legal Information</a></h2> <p class="pB1_Body1">THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.</p> <p class="pB1_Body1">THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.</p> <p class="pB1_Body1">The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California. </p> <p class="pB1_Body1">NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE.</p> <p class="pB1_Body1">IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.</p> <p class="pB1_Body1">Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.</p> <p class="pB1_Body1">All printed copies and duplicate soft copies are considered un-Controlled copies and the original on-line version should be referred to for latest version.</p> <p class="pB1_Body1">Cisco has more than 200 offices worldwide. Addresses, phone numbers, and fax numbers are listed on the Cisco website at <a href="//www.cisco.com/go/offices">www.cisco.com/go/offices</a>.</p> <span style="font-size:16.0pt;font-family:"CiscoSans Light","sans-serif";color:#38467E"><br clear="all" style="page-break-before:always" /> </span> <h2 class=" p_H_Head1"><a name="_Toc974524">Cisco Trademark</a></h2> <p class="pB1_Body1">Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL:<span class="XrefColor"> </span><a href="//www.cisco.com/go/trademarks">www.cisco.com/go/trademarks</a>. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)</p> <p class="pB1_Body1"> </p> <h2 class=" p_H_Head1"><a name="_Toc974525">Cisco Copyright</a></h2> <p class="pB1_Body1">© 2019 Cisco Systems, Inc. All rights reserved.</p> <p class="pB1_Body1"> </p> <p class="pB1_Body1"> </p> <p class="pB1_Body1"> </p> <p class="pB1_Body1"> </p> <p class="pB1_Body1"> </p> <p class="pB1_Body1"> </p> <p class="pB1_Body1"> </p> <p class="pB1_Body1"> </p> <p class="pB1_Body1"> </p> <p class="pB1_Body1"> </p> <p class="pB1_Body1"> </p> <p class="pB1_Body1"> </p> <p class="pB1_Body1"> </p> <p class="pB1_Body1"> </p> <p class="pB1_Body1"> </p> <p class="pB1_Body1"> </p> <p class="pB1_Body1"> </p> <p class="pB1_Body1"> </p> <p class="pB1_Body1"> </p> <p class="pB1_Body1"> </p> <p class="pB1_Body1"> </p> <p class="pB1_Body1"> </p> <p class="pB1_Body1"> </p> <p class="pB1_Body1"> </p> <p class="pB1_Body1"> </p> <p class="pB1_Body1"> </p> <p class="pB1_Body1"> </p> <p class="pB1_Body1"> </p> <p class="pB1_Body1"> </p> <p class="pB1_Body1"> </p> </div> </body> </html> <cdc:do action="com.cisco.wem.framework.service.command.eotcontent.EOTResponsiveContent@7bb62d44" returnTypedAs="eotResponsiveContainerVo" id="eotResponsiveContainerVo" /> <div class="row full visitedlinks" style="padding: 0px; margin:0px"> <div class="col full" > </div> </div> </div> <script> if (window.cdc === undefined) { cdc = {}; } if (cdc.eot === undefined) { cdc.eot = {}; } cdc.eot.isEot = true; cdc.eot.isToc = false; jQuery(document).ready(function () { if (jQuery('.unpublished').length > 0) { let lastRel = "1.0"; if (jQuery('.published').length > 0) { lastRel = Number(jQuery('.published td')[0].innerText) + 1 + ".0"; } jQuery('.preview_revision').text(lastRel); } const linkItemsLen = jQuery("#eot-doc-wrapper link[rel='stylesheet']").length; function addNewTocStyleSheet() { const fileName = "/etc/designs/cdc/transformation/wemdcmt_responsive.css", linkElement = `<link rel="stylesheet" href="" type="text/css" />`; document.head.append(linkElement); } if (cdc.eot.isToc && !linkItemsLen) { addNewTocStyleSheet(); } else if (cdc.eot.isEot) { jQuery("#eot-doc-wrapper link[rel='stylesheet']").each(function () { const linkTag = jQuery(this), hrefVal = jQuery(linkTag).attr("href"); if (hrefVal != undefined && hrefVal.indexOf("support-responsive.css") == -1 && hrefVal.indexOf("_responsive.css") == -1) { let fileName = hrefVal.substr(hrefVal.lastIndexOf("/") + 1, hrefVal.length).split(".css")[0]; const filePath = "/etc/designs/cdc/transformation/"; if (fileName == "ccimr") { fileName = "techdocs_responsive"; } else if (fileName == "support-docs") { fileName = "support-responsive"; } else if (fileName == "framework") { fileName = "responsiveframework"; } else if (fileName == "dcmt") { fileName = "wemdcmt_responsive"; } else if (fileName == "techdocs_85_11_word") { fileName = "techdocs_85_11_word"; if (cdc.eot.isToc) { addNewTocStyleSheet(); } } else { fileName += "_responsive"; } jQuery(linkTag).attr("href", filePath + fileName + ".css"); } if (hrefVal.indexOf("support-responsive.css") > -1) { jQuery(linkTag).attr("href", "/etc/designs/cdc/transformation/support-responsive.css"); } }); jQuery("#eot-doc-wrapper > table").wrap("<div></div>"); jQuery("#eot-doc-wrapper table:not('.olh_note')").parent().css({ overflowX: "auto" }); } }); </script> </div> <div class="col narrow-v2"> <div class="rightRailComponent base-blowout"> <div class="eotPersonalization"> <section id="eotTDCampaign"></section> </div>   <div> <div class="tac-image"> <script type="text/javascript"> document.getElementsByClassName('tac-image')[0].parentElement.style.display="none"; </script> </div> </div> <div class="hideComponent"> <div class="eot-authors"> <ul> </ul> </div> </div>  <div class="eot-feedback-container"> <div class="eot-feedback"> <h3>Was this Document Helpful?</h3> <span class="eot-feedback-btnwrap"> <button class="eot-feedback-btn eot-feedback-btn-yes" aria-label="Was this Document Helpful?? Yes">Yes</button> <button class="eot-feedback-btn eot-feedback-btn-no" aria-label="Was this Document Helpful?? No">No</button> </span> <span lang="en" class="eot-feedback-olwrap"> <a href="javascript: void(0);" class="eot-feedback-ol" onclick="window.open('https://ciscocx.qualtrics.com/jfe/form/SV_be0fHnqDoKM7sto?Ref=' + location.href + '&resize=false', 'feedback', 'width=650, height=460, scrollbars=1, menubar=1, resizable=1'); return false;"> <img id="feedback_img" border="0" style="cursor: pointer;" title="Feedback" src="//www.cisco.com/c/dam/cdc/i/Feedback_OceanBlue.png" alt="Feedback">Feedback</a> </span> </div> </div> <div class="showComponent"> <div class="eot-vav"> <ul> </ul> </div> </div> <div class="showComponent"> <div class="eotLetUsHelp"> <h3>Contact Cisco</h3> <ul> <li><a id="eotLetUsHelpProdDocUrl" href="https://mycase.cloudapps.cisco.com/start?prodDocUrl=">Open a Support Case</a><img src="/etc/designs/cdc/fw/i/icon_lock_small.png" alt="login required"/></li> <li>(Requires a <a href="//www.cisco.com/c/en/us/services/order-services.html">Cisco Service Contract</a>)</li> </ul> </div> <script> jQuery(document).ready(function() { var getURL=jQuery("#eotLetUsHelpProdDocUrl").attr("href"), domInd = location.href.indexOf('cisco.com') ; if ( domInd > -1 && domInd < location.href.search(/\w\/\w/) ) { getURL += encodeURI(location.href); } jQuery("#eotLetUsHelpProdDocUrl").attr("href",getURL); }); </script> </div>  <div id="eotRightRailMBox">  <div> <div class="mboxDefault"></div> <script type="text/javascript"> var test=""; if(test!=undefined && test.trim().length>0){ mboxCreate('en-us_dg_support_eot','type=default',''); }else{ mboxCreate('en-us_dg_support_eot','type=default'); } </script> </div> </div> <div class="showComponent"> <div class="eot-tdatp"> <h3>This Document Applies to These Products</h3> <ul class="eot-tdatp-list"> <li><a href="/c/en/us/support/cloud-systems-management/findit-network-management/series.html">FindIT Network Management</a></li> </ul> </div> </div> <div class="showClass"> </div> </div> </div> </div>   </div> <script type="module" src="/site/web-components/us/en/cdc-footer.js"></script> <cdc-footer></cdc-footer> <script type="text/javascript"> if(document.querySelector('#privacy-manager')!=null){ document.querySelector('#privacy-manager').href='#cookies'; } </script> <div id="fw-overlay"></div> <script src="/etc/designs/cdc/fw/b/responsive/js/eot.min.js"></script> <script src="/c/dam/cdc/t/ctm.js" type="text/javascript"></script>  <noscript><img src="//cisco.112.2o7.net/b/ss/cisco-mobile/5/12345" width="2" height="2" border="0" alt=""/></noscript> </body> </html>

CINXE.COM

Network Plug and Play Solution Guide for SMB - Cisco