Cisco Services: Cisco Plug and Play Feature Guide
Cisco Services: Cisco Plug and Play Feature Guide
Cisco Services: Cisco Plug and Play Feature Guide
Cisco Plug and Play Feature Guide| © 2014-2015 Cisco and/or its affiliates. All rights
reserved.
Cisco Plug and Play Feature Guide
Cisco Plug and Play Deployment Scenarios .............................. 9 Configuring Cisco Plug and Play Agent Tag ................................................................. 35
Plug and Play Discovery through DHCP Server ........................................................... 9 Troubleshooting ........................................................................ 37
Plug and Play Discovery through DHCP Snooping ..................................................... 10 Viewing Debug information .......................................................................................... 38
Plug and Play Discovery through DNS Lookup ........................................................... 11
Resources and Support Information ......................................... 39
Plug and Play Proxy Server for Layer 3 and Layer 2 Devices .................................... 12
Cisco Plug and Play Feature Guide| © 2014-2015 Cisco and/or its affiliates. All rights
reserved.
`
Introduction
The Cisco® Plug and Play solution is a converged solution This simplified deployment process automates the following
that provides a highly secure, scalable, seamless, and deployment-related operational steps, on Cisco devices:
unified zero-touch deployment experience. • Establishing initial network connectivity for the device
Enterprises incur major operating costs to install and • Delivering device configuration
deploy networking devices as part of campus and branch
• Delivering software and firmware images
deployments. Typically, every device has to be pre-staged,
• Delivering licenses
which involves repetitively copying Cisco IOS® Software
images and applying configurations manually through a • Delivering deployment script files
console connection. Once pre-staged, these devices are • Provisioning local credentials
then shipped to the final site for installation. The end-site • Notifying other management systems about deployment
installation may require a skilled installer for related events
troubleshooting, bootstrapping, or modifying the •
configuration. The entire process can be costly, time- Plug-n-Play Agent
consuming, and prone to errors. At the same time, The Cisco Plug and Play (PnP) agent is an embedded software
customers would like to increase the speed and reduce component that is present in all Cisco network devices that
complexity of the deployment without compromising support simplified deployment architecture. The PnP agent
security. understands and interacts only with a PnP server. The PnP agent,
using DHCP, DNS or other such methods, tries to acquire the IP
Cisco Plug and Play Components address of the PnP server with which it wants to communicate.
The Cisco Plug and Play (PnP) deployment includes a PnP After a server is found and a connection has been established,
agent, a PnP server, and other components. the agent communicates with the PnP server to perform
deployment-related activities.
Cisco Plug and Play Feature Guide| © 2014-2015 Cisco and/or its affiliates. All rights
reserved.
`
It also notifies the server of all interesting deployment- • Deployment and management of devices behind the firewall
related events like out-of-band configuration changes and a and Network Address Translation (NAT)
new device connection on an interface. • Support for one-to-one and one-to-many communication
• Support for policy based deployment (product ID or location
Key Benefits
of the device)
The Cisco Plug and Play (PnP) agent provides you the
• Deployment based on unique ID (Unique Device Identifier
following benefits:
[UDI] or MAC)
• Day 0 bootstrapping—Configuration, image, licenses,
• Unified solution across Cisco platforms (including IOS classic)
and other files
• Support for various deployment scenarios and use cases
• Day 2 management—Configuration and image upgrades
and on-going monitoring of Simple Network • Zero-touch when possible, low-touch when needed
Management Protocol (SNMP) and syslog messages
Plug and Play Server
• Open communication protocol—Enables customers and
The Cisco Plug and Play (PnP) server is a central server that
partners to write applications
encodes the logic of managing and distributing deployment
• XML based payload over HTTP and Extensible
information (images, configurations, files, and licenses) for the
Messaging and Presence Protocol (XMPP) between the
devices being deployed. The server communicates with the
server and the agent
agent that is installed on the device that supports the simplified
• Security—Authentication and an encrypted deployment process, using a specific deployment protocol.
communication channel between the management app
and the agent
Cisco Plug and Play Feature Guide| © 2014-2015 Cisco and/or its affiliates. All rights
reserved.
`
Figure 1: Simplified Deployment Server deployment. After that, the PnP server redirects the device to
the customer’s deployment server.
In addition to communicating with the devices, the server
interfaces with a variety of external systems like Authentication,
Authorizing, and Accounting (AAA) systems, provisioning
systems, and other management applications.
The PnP server also communicates with proxy servers like
deployment applications on smart phones and PCs, or
other PnP agents acting as Neighbor Assisted Provisioning
Protocol (NAPP) servers, and other types of proxy
deployment servers like VPN gateways.
Cisco PnP supports redirection. For example, a PnP server
can redirect a device to communicate with it directly after
sending the bootstrap configuration through a NAPP
server. If the PnP server is hosted by an enterprise
leveraging a cloud-based deployment service provided by
Cisco, the device discovers and communicates with the
Cisco cloud-based deployment service for initial
Cisco Plug and Play Feature Guide| © 2014-2015 Cisco and/or its affiliates. All rights
reserved.
`
How Cisco Plug and Play Works on Cisco Devices Figure 2: Network Topology of Cisco Plug-n-Play Deployment
Cisco Plug and Play Feature Guide| © 2014-2015 Cisco and/or its affiliates. All rights
reserved.
`
Cisco Plug and Play Feature Guide| © 2014-2015 Cisco and/or its affiliates. All rights
reserved.
`
• The PnP agent enforces the PnP server to send user command on an adjacent upstream device, the VLAN
credentials for every request. Cisco recommends the membership does not change on that device. However, all the
usage of HTTP secure (HTTPS) protocol. active interfaces on the upcoming Plug and Play device are
changed to the specified VLAN. This guideline applies to both
Limitations and Guidelines routers and switches.
• Cisco Plug-n-Play (PnP) agent facilitates HTTP, Note
Extensible Messaging and Presence Protocol (XMPP) When you use the non-VLAN 1 feature, ensure that all the
and HTTP secure (HTTPS) transport based neighboring switch devices are running Cisco IOS XE Release
communication with the PnP server. 3.6.3 and not the 3.6.0, 3.6.1, or 3.6.2 releases. For more
• HTTPS cannot be used on platforms where crypto- information about related caveat CSCut25533 that exists in
enabled images are not supported. not use Secure these previous releases, see the Caveats section in the Release
Sockets Layer [SSL] or Transport Layer Security [TLS] Notes for Cisco Network Plug and Play.
protocols if crypto-enabled images are used).
• You cannot create VLANs using PnP configuration push
with default VTP mode as server. Use EEM applet to
push the configuration with vtp mode transport
command as part of the configuration.
• Cisco Network Plug and Play supports devices using
VLAN 1 by default. To use a VLAN other than VLAN 1,
adjacent upstream devices must use supported releases
and configure the global pnp startup vlan x command
on the upstream device, to apply this configuration to
the Plug and Play device:. When you execute this
Cisco Plug and Play Feature Guide| © 2014-2015 Cisco and/or its affiliates. All rights
reserved.
`
Cisco Plug and Play Deployment Scenarios When the DHCP response is received by the device, the PnP
agent extracts the option 43 from the response to get the IP
When the device boots, the absence of any startup address or the hostname of the PnP server. PnP agent then uses
configuration on the NVRAM triggers the PnP discovery this IP address or hostname to communicate with the PnP server.
agent to acquire the IP address of the PnP server. In order
Figure 5: DHCP Discovery Process for PnP s
to acquire the IP address of the PnP server, the PnP agent
goes through one of the following discovery mechanisms:
• PnP discovery through DHCP server
• PnP discovery through DHCP snooping
• PnP discovery through DNS lookup
• PnP proxy for layer 2 and layer 3 devices
• PnP deployment application
Plug and Play Discovery through DHCP Server
Device with no startup configuration in the NVRAM
triggers the Cisco Plug and Play (PnP) agent to initiate a
DHCP discovery process which requests an IP address from
DHCP server required for the device. The DHCP server can
be configured to insert additional information using the
vendor-specific option 43 upon receiving option 60 from
the device with the string ‘cisco pnp’. This is to pass on the
IP address or hostname of the PnP server to the requesting
device.
Cisco Plug and Play Feature Guide| © 2014-2015 Cisco and/or its affiliates. All rights
reserved.
`
Cisco Plug and Play Feature Guide| © 2014-2015 Cisco and/or its affiliates. All rights
reserved.
`
Cisco Plug and Play Feature Guide| © 2014-2015 Cisco and/or its affiliates. All rights
reserved.
`
Figure 8: DNS Looup for Layer 3 and Layer 2 Dev
Plug and Play Proxy Server for Layer 3 and Layer 2 Devices
In the absence of DHCP or Domain Name System (DNS)
servers, an existing up and running Cisco Plug and Play
(PnP) enabled device in the neighborhood network can be
configured to act as a PnP Neighbor Assisted Provisioning
Protocol (NAPP) server.
The NAPP server is part of PnP discovery phase. This server
is invoked when the PnP autonomic networking based
discovery, DHCP, DNS, Cisco cloud service discovery
mechanisms fail to connect to the PnP server.
This device listens to a specific port for any incoming PnP
messages. The Cisco device which is trying to come up as a
PnP device sends a UDP broadcast message to its network
every 30 min for ten times. Hence, if the device does not
receive a response, the broadcasts stop after 300 min.
Cisco Plug and Play Feature Guide| © 2014-2015 Cisco and/or its affiliates. All rights
reserved.
`
When the device hosting the proxy server process receives Plug-n-Play Agent Deployment using a Deployment Application
the incoming broadcasts, it verifies the version field in the Alternatively, your network administrator can manually configure
request and forwards the request to the PnP server if your device using a deployment application running on their
version validation is successful. The proxy server process computer or on a smart phone. The computer or the smart
also caches the unique device identifier (UDI) of the phone can be connected to the device via USB or an Ethernet
requesting client coming in via incoming datagram before cable.
forwarding the request to PnP server. Figure 9: Manually Configured PnP Agent
Upon receiving the configlet datagram from PnP server, the
proxy server validates UDI in the incoming datagram with
the entries in the UDI cache. If validation is successful,
proxy server process broadcasts the datagram to a specific
port number reserved for the proxy client processes to
receive datagrams.
Upon receiving the datagrams, devices running proxy client
processes, parse the incoming datagram for the target UDI.
If the target UDI in the datagram matches the UDI of the
device, proxy client process proceeds with framing, error
control and configuring the configlet.
If the target UDI in the datagram fails to match UDI of the
device, the packet is dropped.
Cisco Plug and Play Feature Guide| © 2014-2015 Cisco and/or its affiliates. All rights
reserved.
`
Step 3 pnp profile profile-name Creates a PnP agent profile and enters the PnP profile initialization
mode.
Example: • String of alphanumeric characters that specify a name for
the PnP agent profile. Profile names cannot be duplicated.
Device(config)# pnp profile
test-profile-1
Cisco Plug and Play Feature Guide| © 2014-2015 Cisco and/or its affiliates. All rights
reserved.
`
Step 4 end Exits the PnP profile initialization mode and returns to privileged
EXEC mode.
Example:
Device(config-pnp-init)# end
Cisco Plug and Play Feature Guide| © 2014-2015 Cisco and/or its affiliates. All rights
reserved.
`
Step 3 pnp profile profile-name Creates a PnP agent profile and enters the PnP profile initialization
mode.
Example: • String of alphanumeric characters that specify a name for the
PnP agent profile. Profile names cannot be duplicated.
Device(config)# pnp profile
test-profile-1
Cisco Plug and Play Feature Guide| © 2014-2015 Cisco and/or its affiliates. All rights
reserved.
`
Step 4 device {username username } {password {0 Configures the PnP agent on the device.
| 7} password} • Establishes a username and password based authentication
system.
Example: • username—User ID
• password—Password that a user enters
Device(config-pnp-init)# device username
sjohn password 0 Tan123 • 0—Specifies that an unencrypted password or secret (depending
on the configuration) follows.
• 7—Specifies that an encrypted (hidden) password follows.
Step 5 end Exits the PnP profile initialization mode and returns to privileged
EXEC mode.
Example:
Device(config-pnp-init)# end
Cisco Plug and Play Feature Guide| © 2014-2015 Cisco and/or its affiliates. All rights
reserved.
`
Configuring Plug and Play Reconnect Factors
Perform the following steps to configure the time to wait before attempting to reconnect a session in either fixed-interval-backoff,
exponential-backoff, or random-exponential-backoff mode:
Command or Action Purpose
Step 1 enable Enables privileged EXEC mode.
• Enter your password if prompted.
Example:
Device> enable
Step 3 pnp profile profile-name Creates a PnP agent profile and enters the PnP profile initialization
mode.
Example: String of alphanumeric characters that specify a name for the PnP agent
profile. Profile names cannot be duplicated.
Device(config)# pnp profile test-
profile-1
Step 4 reconnect [pause-time Specifies the time for the PnP agent initiator profile to wait before
attempting to reconnect a session.
[exponential-backoff-factor [random] ] ]
• The pause-time value is the time to wait, in seconds, before
Example: attempting to reconnect after a connection is lost. The range is
from 1 to 2000000. The default is 60.
Device(config-pnp-init)# reconnect 100 Exponential backoff factor value is the value that triggers the
2 random reconnect attempt exponentially. The range is from 2 to 9.
Cisco Plug and Play Feature Guide| © 2014-2015 Cisco and/or its affiliates. All rights
reserved.
`
Step 5 end Exits the PnP profile initialization mode and returns to privileged EXEC
mode.
Example:
Device(config-pnp-init)# end
Configuring Cisco Plug and Play HTTP Transport Profiles
Perform the following steps to create a HTTP transport profile of the Plug-n-Play (PnP) agent manually on a device.
Both IPv4 and IPv6 addresses can be used for PnP server IP configuration. Alternately, a hostname can also be used in the configuration to
connect to the PnP server. Every profile can have one primary server and a backup server configuration. The PnP agent attempts to initiate a
connection with the primary server first and if it fails, it will try the backup server. If the backup server fails, the PnP agent will attempt to
connect to the primary server again. This will continue until a connection is established with one of the servers.
Command or Action Purpose
Step 1 enable Enables privileged EXEC mode.
• Enter your password if prompted.
Example:
Device> enable
Cisco Plug and Play Feature Guide| © 2014-2015 Cisco and/or its affiliates. All rights
reserved.
`
Step 3 pnp profile profile-name Creates a PnP agent profile and enters the PnP profile
initialization mode.
Example: String of alphanumeric characters that specify a name for the
PnP agent profile. Profile names cannot be duplicated.
Device(config)# pnp profile test-profile-1
Step 4 transport http host host-name [port port-number ] Creates a HTTP transport configuration for the PnP agent profile
[source interface-type] based on the hostname of the server on which the PnP agent is
deployed.
Example: • The value of the host specifies the host name, port, and
source of the server.
Device(config-pnp-init)# transport http host
Step 5 transport
hostname-1 port 1 source gigabitEthernet • The
http ipv4 ipv4-address [port port-number Creates a HTTP transport
value of configuration
the port-number for the
specifies thePnP
portagent
that isprofile
used.
] [source interface-type]
0/0/0 based on the
The value IPv4
of the address of the
interface-type server on
specifies thewhich the on
interface PnPwhich
agent
is
thedeployed.
agent is connected to the server.
Example:
Step 6 Device(config-pnp-init)#
transport http ipv6 ipv6-addresstransport http ipv4
[port port-number Creates a HTTP transport configuration for the PnP agent profile
10.0.1.0 port 221 source gigabitEthernet
] [source interface-type interface-number ]
0/0/0 based on the IPv6 address of the server on which the PnP agent
is deployed.
Example:
Step 7 Device(config-pnp-init)#
end transport http ipv6 Exits the PnP profile initialization mode and returns to privileged
2001:DB8:1::1 port 331 source gigabitEthernet
0/0/1
EXEC mode.
Example:
Device(config-pnp-init)# end
Configuring Cisco Plug and Play HTTPS Transport Profiles
Perform the following steps to create a HTTP Secure (HTTPS) transport profile of the Cisco Plug and Play (PnP) agent manually on a device.
Cisco Plug and Play Feature Guide| © 2014-2015 Cisco and/or its affiliates. All rights
reserved.
`
Command or Action Purpose
Step 1 enable Enables privileged EXEC mode.
• Enter your password if prompted.
Example:
Device> enable
Step 3 pnp profile profile-name Creates a PnP agent profile and enters the PnP profile
initialization mode.
Example: • String of alphanumeric characters that specify a name
for the PnP agent profile. Profile names cannot be
Device(config)# pnp profile test-profile-1 duplicated.
Step 4 transport https host host-name [port port-number Creates a HTTPS transport configuration for the PnP agent
][source interface-type ][localcert trustpoint-name
profile based on the hostname of the server on which the PnP
][remotecert trustpoint-name ] agent is deployed.
• The value of localcert specifies the trustpoint used for
Example: client-side authentication during the transport layer
security (TLS) handshake.
Device(config-pnp-init)# transport https host • The value of remotecert specifies the trustpoint used for
example.com port 231 source gigabitEthernet 0/0/0 server certificate validation.
localcert abc remotecert xyz
Note Configure the trustpoint-name using the crypto pki
trustpoint command.
Cisco Plug and Play Feature Guide| © 2014-2015 Cisco and/or its affiliates. All rights
reserved.
`
Step 5 transport https ipv4 ipv4-address [port port-number Creates a HTTPS transport configuration for the PnP agent
][source interface-type ][localcert trustpoint-name profile based on the IPv4 address of the server on which the
][remotecert trustpoint-name ] PnP agent is deployed.
Example:
Device(config-pnp-init)# transport https ipv4
10.0.1.0 port 221 source gigabitEthernet 0/0/0
localcert abc remotecert xyz
Step 6 transport https ipv6 ipv6-address [port port-number Creates a HTTPS transport configuration for the PnP agent
][source interface-type interface-number ][localcert profile based on the IPv6 address of the server on which the
trustpoint-name ][remotecert trustpoint-name ] PnP agent is deployed.
Example:
Device(config-pnp-init)# transport https ipv6
2001:DB8:1::1 port 331 source gigabitEthernet
0/0/1 localcert abc remotecert xyz
Step 7 end Exits the PnP profile initialization mode and returns to
privileged EXEC mode.
Example:
Device(config-pnp-init)# end
Cisco Plug and Play Feature Guide| © 2014-2015 Cisco and/or its affiliates. All rights
reserved.
`
Configuring Cisco Plug and Play XMPP Transport Profiles
Perform the following steps to create a Extensible Messaging and Presence Protocol (XMPP) transport profile of the Cisco Plug and Play (PnP)
agent manually on a device.
Command or Action Purpose
Step 1 enable Enables privileged EXEC mode.
• Enter your password if prompted.
Example:
Device> enable
Step 3 pnp profile profile-name Creates a PnP agent profile and enters the PnP profile
initialization mode.
Example: • String of alphanumeric characters that specify a
name for the PnP agent profile. Profile names cannot
Device(config)# pnp profile test-profile-1 be duplicated.
Cisco Plug and Play Feature Guide| © 2014-2015 Cisco and/or its affiliates. All rights
reserved.
`
Step 4 transport xmpp socket {host host-name | ipv4 ipv4-address| Creates an XMPP transport configuration for the PnP
ipv6 ipv6-address} {port port-number } {source interface-type agent profile based on the hostname of the server on which
interface-number } {sasl plain server-jid xmpp-jabber-id} the PnP agent is deployed.
Example:
Device(config-pnp-init)# transport xmpp socket host
example.com port 231 sasl plain server-jid cisco123
Step 5 transport xmpp starttls {host host-name | ipv4 ipv4-address| Creates an XMPP transport configuration for the PnP
ipv6 ipv6-address} {port port-number } {source interface-type agent profile based on the IPv4 address of the server on
interface-number } {localcert trustpoint-name } {remotecert which the PnP agent is deployed.
trustpoint-name } {sasl plain server-jid xmpp-jabber-id} • The value of localcert specifies the trustpoint used
for client-side authentication during the transport
Example:
layer security (TLS) handshake.
Device(config-pnp-init)# transport xmpp starttls • The value of remotecert specifies the trustpoint
ipv4 10.0.1.0 port 221 source gigabitEthernet 0/0/0 used for server certificate validation.
localcert abc remotecert xyz
Step 6 transport xmpp tls {host host-name | ipv4 ipv4-address| ipv6 Creates an XMPP transport configuration for the PnP
ipv6-address} {port port-number } {source interface-type agent profile based on the IPv6 address of the server on
interface-number } {localcert trustpoint-name } {remotecert which the PnP agent is deployed.
trustpoint-name } {sasl plain server-jid xmpp-jabber-id}
Example:
Device(config-pnp-init)# transport xmpp tls ipv6
2001:DB8:1::1 port 221 source gigabitEthernet 0/0/0
localcert abc remotecert xyz
Cisco Plug and Play Feature Guide| © 2014-2015 Cisco and/or its affiliates. All rights
reserved.
`
Step 7 end Exits the PnP profile initialization mode and returns to
privileged EXEC mode.
Example:
Device(config-pnp-init)# end
Cisco Plug and Play Feature Guide| © 2014-2015 Cisco and/or its affiliates. All rights
reserved.
`
Step 3 pnp profile profile-name Creates a PnP agent profile and enters the PnP profile initialization
mode.
Example: • String of alphanumeric characters that specify a name for the
PnP agent profile. Profile names cannot be duplicated.
Device(config)# pnp profile
test-profile-1
Cisco Plug and Play Feature Guide| © 2014-2015 Cisco and/or its affiliates. All rights
reserved.
`
Step 4 backup device {username username } Configures the PnP agent backup profile on the device.
{password {0 | 7} password} • Establishes a username and password based authentication
system.
Example: • username-User ID
Device(config-pnp-init)# backup device • password-Password that a user enters
username sjohn password 0 Tan123
• 0—Specifies that an unencrypted password or secret (depending
on the configuration) follows.
• 7—Specifies that a hidden password follows.
Step 5 end Exits the PnP profile initialization mode and returns to privileged
EXEC mode.
Example:
Device(config-pnp-init)# end
Configuring Backup Cisco Plug and Play Reconnect Factors
Perform the following steps to configure backup reconnection of the Cisco Plug and Play (PnP) agent to the server in either fixed-interval-
backoff, exponential-backoff, or random-exponential-backoff manner :
Command or Action Purpose
Step 1 enable Enables privileged EXEC mode.
• Enter your password if prompted.
Example:
Device> enable
Cisco Plug and Play Feature Guide| © 2014-2015 Cisco and/or its affiliates. All rights
reserved.
`
Step 3 pnp profile profile-name Creates a PnP agent profile and enters the PnP profile
initialization mode.
Example: • String of alphanumeric characters that specify a name for the
PnP agent profile. Profile names cannot be duplicated.
Device(config)# pnp profile
test-profile-1
Step 4 backup reconnect [pause-time Specifies the time for the PnP agent initiator profile to wait
[exponential-backoff-factor [random] ] ] before attempting to reconnect a session.
• The pause-time value is the time to wait, in seconds, before
Example: attempting to reconnect after a connection is lost. The range
Device(config-pnp-init)# backup is from 1 to 2000000. The default is 60.
reconnect 100 2 random • Exponential backoff factor value is the value that triggers
the reconnect attempt exponentially. The range is from 2 to
9.
Step 5 end Exits the PnP profile initialization mode and returns to privileged
EXEC mode.
Example:
Device(config-pnp-init)# end
Configuring Backup Cisco Plug and Play HTTP Transport Profile
Perform the following steps to create a backup HTTP transport profile of the Cisco Plug and Play (PnP) agent manually on a device.
Cisco Plug and Play Feature Guide| © 2014-2015 Cisco and/or its affiliates. All rights
reserved.
`
Step 3 pnp profile profile-name Creates a PnP agent profile and enters the PnP profile
initialization mode.
Example: • String of alphanumeric characters that specify a name for
the PnP agent profile. Profile names cannot be duplicated.
Device(config)# pnp profile test-profile-1
Step 4 backup transport http host host-name [port Creates a backup HTTP transport configuration for the PnP agent
port-number ] [source interface-type] profile based on the hostname of the server on which the PnP
agent is deployed.
Example: • The value of the host specifies the host name, port, and
source of the server.
Device(config-pnp-init)# backup transport http
host hostname-1 port 1 source gigabitEthernet • The value of the port-number specifies the port that is used.
0/0/0 • The value of the interface-type specifies the interface on
which the agent is connected to the server.
Cisco Plug and Play Feature Guide| © 2014-2015 Cisco and/or its affiliates. All rights
reserved.
`
Step 5 backup transport http ipv4 ipv4-address [port Creates a backup HTTP transport configuration for the PnP agent
port-number ] [source interface-type] profile based on the IPv4 address of the server on which the PnP
agent is deployed.
Example:
Device(config-pnp-init)# backup transport http
ipv4 10.0.1.0 port 221 source gigabitEthernet
0/0/0
Step 6 backup transport http ipv6 ipv6-address [port Creates a backup HTTP transport configuration for the PnP agent
port-number ] [source interface-type interface-number profile based on the IPv6 address of the server on which the PnP
] agent is deployed.
Example:
Device(config-pnp-init)# backup transport http
ipv6 2001:DB8:1::1 port 331 source
gigabitEthernet 0/0/1
Step 7 end Exits the PnP profile initialization mode and returns to privileged
EXEC mode.
Example:
Device(config-pnp-init)# end
Configuring Backup Cisco Plug and Play HTTPS Transport Profile
Perform the following steps to create a backup HTTPS transport profile of the Cisco Plug and Play (PnP) agent manually on a device.
Command or Action Purpose
Cisco Plug and Play Feature Guide| © 2014-2015 Cisco and/or its affiliates. All rights
reserved.
`
Step 3 pnp profile profile-name Creates a PnP agent profile and enters the PnP profile
initialization mode.
Example: • String of alphanumeric characters that specify a name
for the PnP agent profile. Profile names cannot be
Device(config)# pnp profile test-profile-1 duplicated.
Step 4 backup transport https host host-name [port port-number Creates a HTTPS backup transport configuration for the PnP
][source interface-type ][localcert trustpoint-name agent profile based on the hostname of the server on which
][remotecert trustpoint-name ] the PnP agent is deployed.
• The value of localcert specifies the trustpoint used for
Example: client-side authentication during the transport layer
security (TLS) handshake.
Device(config-pnp-init)# backup transport https • The value of remotecert specifies the trustpoint used
host example.com port 231 source gigabitEthernet
0/0/0 localcert abc remotecert xyz
for server certificate validation.
Cisco Plug and Play Feature Guide| © 2014-2015 Cisco and/or its affiliates. All rights
reserved.
`
Step 5 backup transport https ipv4 ipv4-address [port Creates a HTTPS backup transport configuration for the PnP
port-number ][source interface-type ][localcert agent profile based on the IPv4 address of the server on
trustpoint-name ][remotecert trustpoint-name ] which the PnP agent is deployed.
Example:
Device(config-pnp-init)# backup transport https
ipv4 10.0.1.0 port 221 source gigabitEthernet
0/0/0 localcert abc remotecert xyz
Step 6 backup transport https ipv6 ipv6-address [port Creates a HTTPS backup transport configuration for the PnP
port-number ][source interface-type interface-number agent profile based on the IPv6 address of the server on
][localcert trustpoint-name ][remotecert trustpoint-name which the PnP agent is deployed.
]
Example:
Device(config-pnp-init)# backup transport https
ipv6 2001:DB8:1::1 port 331 source gigabitEthernet
0/0/1 localcert abc remotecert xyz
Step 7 end Exits the PnP profile initialization mode and returns to
privileged EXEC mode.
Example:
Device(config-pnp-init)# end
Cisco Plug and Play Feature Guide| © 2014-2015 Cisco and/or its affiliates. All rights
reserved.
`
Example:
Device# configure terminal
Step 3 pnp profile profile-name Creates a PnP agent profile and enters the PnP profile
initialization mode.
Example: • String of alphanumeric characters that specify a
name for the PnP agent profile. Profile names
Device(config)# pnp profile test-profile-1 cannot be duplicated.
Cisco Plug and Play Feature Guide| © 2014-2015 Cisco and/or its affiliates. All rights
reserved.
`
Step 4 backup transport xmpp socket {host host-name | ipv4 Creates an XMPP transport configuration for the PnP
ipv4-address| ipv6 ipv6-address} {port port-number } {source agent profile based on the hostname of the server on
interface-type interface-number } {sasl plain server-jid which the PnP agent is deployed.
xmpp-jabber-id}
Example:
Device(config-pnp-init)# backup transport xmpp socket
host example.com port 231 sasl plain server-jid
cisco123
Step 5 backup transport xmpp starttls {host host-name | ipv4 Creates an XMPP transport configuration for the PnP
ipv4-address| ipv6 ipv6-address} {port port-number } {source agent profile based on the IPv4 address of the server on
interface-type interface-number } {localcert trustpoint-name which the PnP agent is deployed.
} {remotecert trustpoint-name } {sasl plain server-jid • The value of localcert specifies the trustpoint used
xmpp-jabber-id} for client-side authentication during the transport
layer security (TLS) handshake.
Example: • The value of remotecert specifies the trustpoint used
for server certificate validation.
Device(config-pnp-init)# backup transport xmpp
starttls ipv4 10.0.1.0 port 221 source
gigabitEthernet 0/0/0 localcert abc remotecert xyz
Step 6 backup transport xmpp tls {host host-name | ipv4 Creates an XMPP transport configuration for the PnP
ipv4-address| ipv6 ipv6-address} {port port-number } {source agent profile based on the IPv6 address of the server on
interface-type interface-number } {localcert trustpoint-name which the PnP agent is deployed.
} {remotecert trustpoint-name } {sasl plain server-jid
xmpp-jabber-id}
Example:
Device(config-pnp-init)# backup transport xmpp tls
ipv6 2001:DB8:1::1 port 221 source gigabitEthernet
0/0/0 localcert abc remotecert xyz
Cisco Plug and Play Feature Guide| © 2014-2015 Cisco and/or its affiliates. All rights
reserved.
`
Step 7 end Exits the PnP profile initialization mode and returns to
privileged EXEC mode.
Example:
Device(config-pnp-init)# end
Configuring Cisco Plug and Play Agent Tag
Perform the following step to create Cisco Plug and Play (PnP) agent tag information:
Command or Action Purpose
Step 1 enable Enables privileged EXEC mode.
• Enter your password if prompted.
Example:
Device> enable
Step 3 pnp tag tag-name Use the pnp tag command to configure the tag for the device. The
neighboring Cisco devices will receive this tag information through Cisco
Example: Discovery Protocol (CDP).
Device(config)# pnp tag xyz Note If there is an existing tag for the device, the tag name can be only
changed when the xml schema is sent by the PnP server to change
the tag name. The tag name cannot be overwritten.
• String of alphanumeric characters that specify a name for the PnP
agent tag.
Cisco Plug and Play Feature Guide| © 2014-2015 Cisco and/or its affiliates. All rights
reserved.
`
Step 4 end Exits the global configuration mode and returns to privileged EXEC mode.
Example:
Device(config)# end
Cisco Plug and Play Feature Guide| © 2014-2015 Cisco and/or its affiliates. All rights
reserved.
`
Troubleshooting
The show pnp tech-support command can be used to verify the existing configuration. The sample output is as given below:
------------------ show pnp summary ------------------
Best UDI:[PID:WS-C3650-48PD,VID:V01,SN:FDO1732Q00R]
Good UDI:[PID:WS-C3650-48PD,VID:A0,SN:FDO1732Q00R]
Incomplete UDI:[-]
UDI by Master Registry:[PID:WS-C3650-48PD,VID:A0,SN:FDO1732Q00R]
UDI by Entity MIBS:[PID:WS-C3650-48PD,VID:V01,SN:FDO1732Q00R]
UDI by Platform Registry:[PID:WS-C3650-48PD,VID:,SN:FDO1732Q00R]
In the above output, show pnp config tracking can be used to verify if any non pnp feature is changing the configuration in the background.
Cisco Plug and Play Feature Guide| © 2014-2015 Cisco and/or its affiliates. All rights
reserved.
`
Cisco Plug and Play Feature Guide| © 2014-2015 Cisco and/or its affiliates. All rights
reserved.
`
Cisco Plug and Play Feature Guide| © 2014-2015 Cisco and/or its affiliates. All rights
reserved.