Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Connect a Switch to Mist Cloud via a Proxy Server Using Cloudx

This document explains the procedure to connect an EX Series switch to the Mist cloud via a proxy server (on-prem) directly without using a Mist Edge.

Connect a Switch to Mist Cloud via a Dynamic Proxy Server

Before you connect the switch to the Mist cloud via a dynamic proxy server, ensure that the following prerequisites are met:

  • The switch is onboarded to the Mist cloud using the claim code or activation code.

  • The switch is running a CloudX-supported Junos version. For more information, see Juniper CloudX Overview.

  • The DHCP server is able to hand out the proxy server information (via Option 43) and other elements such as IP Address, DNS, and default route.

  • The switch can reach the HTTP proxy server over an IP network.

  • The HTTP proxy server can redirect traffic to the Mist cloud. This example shows how to configure the proxy server:

To connect a switch to Mist cloud via a dynamic proxy server:

  1. Power on the switch.
  2. Connect the switch to the uplink (via OOB or in-band port).

    The switch sends a DHCP Discover message and accepts the Offer message along with DHCP proxy server information sent via Option 43. The switch stores the proxy server information at /var/etc/phc_vendor_specific_info.xml. The switch reaches out to the proxy server during the ZTP boot-up process and connects to the Mist cloud via HTTP proxy server.

  3. Log in to the switch and verify the connectivity to the Mist cloud by using the following CLI command:

    show system connections | grep port used for connectivity between switch and proxy offered by DHCP

  4. In case the switch does not connect to the cloud, collect logs from the following files on the switch and create a support ticket:
    /var/log/mcd.log, /var/log/messages and RSI

Connect a Switch to Mist Cloud via a Static Proxy Server

If a switch cannot receive the proxy information via DHCP, you can configure it with a static proxy server through which the switch can connect to the Mist cloud. In this case, the DHCP server does not hand out the proxy server information via Option 43.

Before you connect the switch to the Mist cloud via a static proxy server, ensure that the following prerequisites are met:

  • The switch is onboarded to the Mist cloud using the claim code or activation code.

  • The switch has the configuration management option enabled in Mist. If not, you will need to use the switch CLI to configure the proxy server.

  • The switch is running the Junos version 21.4R3-S4, 22.4R2-S1, or above.

  • The local DHCP server is able to hand out IP address, DNS, default route, or statically defined route on the switch. This process involves staging the switch before establishing the cloud connectivity. If this prerequisite is met, the switch will be able to reach the HTTP proxy server over an IP network.

To connect a switch to Mist cloud via a static proxy server:

  1. Log in to the Mist portal (manage.mist.com).
  2. Click Organization > Site Configuration > site-name to navigate to the site where the switch is onboarded.
  3. On the Site Proxy tile of the site configuration page, configure the proxy information, as shown below:
  4. Before you connect the switch to the Mist cloud for the first time, edit the /var/etc/phc_vendor_specific_info.xml file as shown below:

    Editing the /var/etc/phc_vendor_specific_info.xml file is a one-time activity. You can skip this step if you can stage the switch in a non-proxy environment to connect to the cloud. If the switches are staged, they can gather the proxy information from the Mist cloud (which you configured in the previous step).

    When you complete the above steps, the switch will be able to reach the proxy server during the ZTP process.

  5. If the switch is not connecting to the proxy server during the ZTP process, flap the uplink port to force the switch to connect to the proxy server.
  6. Log in to the switch and verify the connectivity to Mist cloud by using the following CLI command:
    show system connections | grep port used for connectivity between switch and proxy
  7. In case the switch is not connecting to the cloud, collect logs from the following files on the switch and open a support case with Juniper support:
    /var/log/mcd.log, /var/log/messages and RSI