Network Device
Location in GUI:
Administration » Network Resources » Network Devices
Diagram
Classes
network_resources (ise)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| network_devices | List | [network_devices] | No |
network_devices (ise.network_resources)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| name | String | Regex: ^[\w\d_\-\.]+$ | Yes | |
| description | String | No | ||
| ips | List | [ips] | No | |
| profile_name | String | No | Cisco | |
| model_name | String | No | ||
| software_version | String | No | ||
| network_device_groups | List | String | No | |
| authentication_network_protocol | Choice | RADIUS, TACACS_PLUS | No | |
| radius | Class | [radius] | No | |
| tacacs | Class | [tacacs] | No | |
| snmp | Class | [snmp] | No | |
| trust_sec | Class | [trust_sec] | No |
ips (ise.network_resources.network_devices)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| ip | String | Yes | ||
| ip_exclude | String | No | ||
| mask | Integer | min: 0, max: 128 | No | 32 |
radius (ise.network_resources.network_devices)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| shared_secret | String | No | ||
| second_shared_secret | String | No | ||
| coa_port | Integer | min: 1, max: 65535 | No | 1700 |
| dtls_required | Boolean | true, false | No | false |
| dtls_dns_name | String | No | ||
| enable_key_wrap | Boolean | true, false | No | false |
| encryption_key | String | No | ||
| encryption_key_format | Choice | ASCII, HEXADECIMAL | No | ASCII |
| message_authenticator_code_key | String | No |
tacacs (ise.network_resources.network_devices)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| connect_mode_options | Choice | OFF, ON_LEGACY, ON_DRAFT_COMPLIANT | No | OFF |
| shared_secret | String | No |
snmp (ise.network_resources.network_devices)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| link_trap_query | Boolean | true, false | No | true |
| mac_trap_query | Boolean | true, false | No | true |
| originating_policy_services_node | String | No | ||
| polling_interval | Integer | min: 600, max: 86400 | No | 28800 |
| ro_community | String | No | ||
| version | Choice | ONE, TWO_C, THREE | No |
trust_sec (ise.network_resources.network_devices)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| device_id | String | No | ||
| device_password | String | No | ||
| rest_api_username | String | No | ||
| rest_api_password | String | No | ||
| download_enviroment_data_every_x_seconds | Integer | min: 0 | No | 86400 |
| download_peer_authorization_policy_every_x_seconds | Integer | min: 0 | No | 86400 |
| re_authentication_every_x_seconds | Integer | min: 0 | No | 86400 |
| download_sgacl_lists_every_x_seconds | Integer | min: 0 | No | 86400 |
| other_sga_devices_to_trust_this_device | Boolean | true, false | No | true |
| send_configuration_to_device | Boolean | true, false | No | false |
| send_configuration_to_device_using | Choice | ENABLE_USING_COA, ENABLE_USING_CLI, DISABLE_ALL | No | DISABLE_ALL |
| coa_source_host | String | No | ||
| include_when_deploying_sgt_updates | Boolean | true, false | No | false |
| exec_mode_username | String | No | ||
| exec_mode_password | String | No | ||
| enable_mode_password | String | No |
Examples
Simple example:
ise:
network_resources:
network_devices:
- name: Router1
ips:
- ip: 10.1.2.3
radius:
shared_secret: Cisco123
Full example:
ise:
network_resources:
network_devices:
- name: Switch1
description: My first switch
ips:
- ip: 10.1.2.3
network_device_groups:
- Is IPSEC Device
- All Device Types
- All Locations
profile_name: Cisco
model_name: C9300-24UX
software_version: "17.10.1"
authentication_network_protocol: RADIUS
radius:
shared_secret: Cisco123
second_shared_secret: Cisco1234
coa_port: 1701
dtls_required: true
dtls_dns_name: cisco.com
enable_key_wrap: true
encryption_key: Cisco123Cisco123
encryption_key_format: ASCII
message_authenticator_code_key: Cisco123Cisco1231234
tacacs:
connect_mode_options: ON_LEGACY
shared_secret: Cisco123
snmp:
link_trap_query: false
mac_trap_query: false
polling_interval: 10000
originating_policy_services_node: ise1
ro_community: Cisco123
version: TWO_C
trust_sec:
device_id: Dev1
device_password: Cisco123
rest_api_username: dev1
rest_api_password: Cisco123
download_enviroment_data_every_x_seconds: 10000
download_peer_authorization_policy_every_x_seconds: 10000
re_authentication_every_x_seconds: 10000
download_sgacl_lists_every_x_seconds: 10000
other_sga_devices_to_trust_this_device: false
send_configuration_to_device: true
send_configuration_to_device_using: ENABLE_USING_COA
coa_source_host: ise1.cisco.com
include_when_deploying_sgt_updates: true
exec_mode_username: dev1
exec_mode_password: Cisco123
enable_mode_password: Cisco123