The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
The Discovery function scans the devices and hosts in your network and populates the Cisco APIC-EM database with the information that it retrieves. To do this, you need to tell the controller some information about your network so that the Discovery function can reach as many of the devices in your network as possible and gather as much information as it can.
The Discovery function uses the following protocols and methods to retrieve the information about your network:
Cisco Discovery Protocol (CDP)
Community-based Simple Network Management Protocol Version 2 (SNMPv2c)
Simple Network Management Protocol version 3 (SNMPv3)
Link Layer Discovery Protocol (LLDP)
IP Device Tracking (IPDT)—IPDT is enabled automatically for all devices by the controller. For this configuration, privileges must be given to the controller during discovery.
LLDP-MED—IP phones and possibly some servers are discovered using LLDP Media Endpoint Discovery
To access the Discovery function, from the Navigation pane, click Discovery. The Discovery window opens.
Numbered Callout |
Name |
Description |
---|---|---|
1 |
Discoveries pane |
Lists the names of the discovery scans that have been created, along with the method and IP addresses used for discovery. The list is divided between active and inactive discoveries. A successful scan (one with discovered and authenticated devices) has the number of discovered devices indicated in a box to the right of the discovery name. An unsuccessful scan shows no box or number of devices discovered. From the Discoveries pane, clicking on a discovery name displays the information in the Discovery Details and Device Details panes. |
2 |
Discovery Details pane |
Provides detailed information about the discovery parameters that were used to perform the discovery, the state of the discovery, and the number of devices that were discovered. The buttons on this pane allow you to Start, Stop, and Delete discoveries. |
3 |
In-tool guide |
Provides guidance about how to configure discovery. |
The Cisco APIC-EM discovers devices and hosts and populates the device and host inventory database with the results of the discovery.
To discover devices and hosts, you must configure SNMPv2c credentials or SNMPv3 credentials or both SNMPv2c and SNMPv3 credentials (depending on your network). For SNMPv2, only the SNMP read community credentials are mandatory.
CLI credentials are also mandatory. Configure CLI credentials to access to the configuration files on the devices.
These credentials can be configured in two different places in the Cisco APIC-EM GUI:
Settings > Discovery Credentials window—You configure SNMP and CLI credentials in this window when they are common to all or most of the devices in your network. These credentials are referred to as global credentials.
Discovery window—You configure SNMP and CLI credentials in this window when you want to discover devices on the fly or when you need to devices that do not have the typical SNMP and CLI credentials that the majority of the devices have in your network and that were configured in the Settings > Discovery Credentials window. These credentials are referred to as exception credentials.
Wireless LAN Controllers (WLCs) have additional setup requirements in order to be discovered. For more information, see Understanding Wireless LAN Controller Discovery.
The Cisco APIC-EM accepts SNMP traps from several Cisco Wireless LAN Controllers (WLCs). The SNMP traps are used to update the host inventory database. You need to configure the WLCs so that the Cisco APIC-EM is the trap receiver, and the WLCs send the enhanced traps to the Cisco APIC-EM.
The following WLCs require SNMP traps to be enabled:
Cisco Series 2504 Wireless LAN Controller
Cisco Series 5508 Wireless LAN Controller
Cisco Series 8510 Wireless LAN Controller
Cisco Wireless Service Module 2 (WiSM2)
The following table specifies the SNMP traps and object identifiers that must be set on the WLCs.
Trap Name |
OID |
---|---|
ciscoLwappDot11ClientAssocTrap |
1.3.6.1.4.1.9.9.599.0.9 |
ciscoLwappDot11ClientDeAuthenticatedTrap |
1.3.6.1.4.1.9.9.599.0.10 |
ciscoLwappDot11ClientMovedToRunStateNewTrap |
1.3.6.1.4.1.9.9.599.0.11 |
ciscoLwappDot11ClientMobilityTrap |
1.3.6.1.4.1.9.9.599.0.12 |
The following configurations must be set to enable the above SNMP traps:
config trapflags client enhanced-802.11-associate enable
config trapflags client enhanced-802.11-deauthenticate enable
config trapflags client enhanced-authentication enable
config trapflags client enhanced-802.11-stats enable
Note | When setting the SNMP traps on the WLCs, ensure you configure the IP address of the Cisco APIC-EM as the SNMP trap destination IP address. |
Using Discovery
You can perform a discovery using CDP.
Create a new discovery by clicking Add New from the Discoveries pane.
Stop an active discovery by selecting the discovery name in the Discoveries pane and clicking Stop in the Discovery Details pane.
Start an inactive discovery by selecting the discovery name in the Discoveries pane and clicking Stop in the Discovery Details pane.
Delete a discovery by selecting the discovery name in the Discoveries pane and clicking Delete in the Discovery Details pane.
You must have administrator permissions. For information about user permissions, see Managing Users and Roles.
CDP must be enabled on the devices in order for them to be discovered.
Create a new discovery by clicking Add New from the Discoveries pane.
Stop an active discovery by selecting the discovery name in the Discoveries pane and clicking Stop in the Discovery Details pane.
Start an inactive discovery by selecting the discovery name in the Discoveries pane and clicking Start in the Discovery Details pane.
Delete a discovery by selecting the discovery name in the Discoveries pane and clicking Delete in the Discovery Details pane.
You must have administrator permissions. For information about the user permissions, see Managing Users and Roles.
Step 1 | From the
Navigation pane, click
Discovery.
The Discovery window appears. | ||||||||||||||||||||||||||||||
Step 2 | (Optional)In the Discovery Name field, enter a unique name for this discovery. | ||||||||||||||||||||||||||||||
Step 3 | In the
IP
Ranges area, do the following:
| ||||||||||||||||||||||||||||||
Step 4 | In the
SNMP area, configure one or both of the SNMP
versions that are being used by the devices in your network.
| ||||||||||||||||||||||||||||||
Step 5 | In the
CLI
Credentials area, enter the
exception
username, password, and enable password for the devices that you want to
discover. You can add up to five CLI credentials.
| ||||||||||||||||||||||||||||||
Step 6 | (Optional) In the
Advanced area, configure the protocols that the
Cisco APIC-EM
uses to connect to devices.
By default, the Cisco APIC-EM attempts to connect to devices using the following protocols: To remove a protocol from the scan, click the protocol name. The checkmark next to the protocol disappears and the protocol fades from the view. To customize the order that protocols are used to connect, drag and drop a selected protocol to the top of the list. | ||||||||||||||||||||||||||||||
Step 7 | Click
Start
Discovery.
The Discoveries window displays the results of your scan. The Discovery Details pane shows the status (active or inactive) and the discovery configuration. The Discovery Devices pane displays the host names, IP addresses, and status of the discovered devices for the selected discovery. |
You must have administrator permissions. For information about the user permissions, see Managing Users and Roles.
You must have administrator permissions. For information about the user permissions, see Managing Users and Roles.
The Discovery window provides information about the selected scan. To access the Discovery window, from the Navigation pane, click Discovery. The Discovery Results window has three main panes.
Note | You must have created at least one discovery scan for the Discovery Results window to display. |
Callout Number |
Name |
Description |
---|---|---|
1 |
Discoveries pane |
Lists the names of the discovery scans that have been created, along with the method and IP addresses used for discovery. The list is divided between active and inactive discoveries. A successful scan (one with discovered and authenticated devices) has the number of discovered devices indicated in a box to the right of the discovery name. An unsuccessful scan shows no box or number of devices discovered. From the Discoveries pane, clicking on a discovery name displays the information in the Discovery Details and Device Details panes. |
2 |
Discovery Details pane |
Provides detailed information about the discovery parameters that were used to perform the discovery, the state of the discovery, and the number of devices that were discovered. The buttons on this pane allow you to Start, Stop, and Delete discoveries. |
3 |
Devices pane |
Displays the host name, IP address, and status of the devices found during the scan. |