Allowed Protocols
Location in GUI: Work Centers
» Network Access
» Policy Elements
» Results
» Allowed Protocols
Diagram
Classes
policy_elements (ise.network_access)
Name | Type | Constraint | Mandatory | Default Value |
---|---|---|---|---|
allowed_protocols | List | [allowed_protocols] | No |
allowed_protocols (ise.network_access.policy_elements)
Name | Type | Constraint | Mandatory | Default Value |
---|---|---|---|---|
name | String | Regex: ^[\w\d_ ]+$ | Yes | |
description | String | No | ||
process_host_lookup | Boolean | true , false | No | true |
allow_pap_ascii | Boolean | true , false | No | true |
allow_chap | Boolean | true , false | No | false |
allow_ms_chap_v1 | Boolean | true , false | No | false |
allow_ms_chap_v2 | Boolean | true , false | No | false |
allow_eap_md5 | Boolean | true , false | No | true |
allow_leap | Boolean | true , false | No | false |
allow_eap_tls | Boolean | true , false | No | true |
allow_eap_ttls | Boolean | true , false | No | true |
allow_eap_fast | Boolean | true , false | No | true |
allow_peap | Boolean | true , false | No | true |
allow_teap | Boolean | true , false | No | true |
allow_preferred_eap_protocol | Boolean | true , false | No | false |
preferred_eap_protocol | Choice | EAP_FAST , PEAP , LEAP , EAP_MD5 , EAP_TLS , EAP_TTLS , TEAP | No | |
eap_tls_l_bit | Boolean | true , false | No | false |
allow_weak_ciphers_for_eap | Boolean | true , false | No | false |
require_message_auth | Boolean | true , false | No | false |
five_g | Boolean | true , false | No | false |
teap | Class | [teap] | No | |
eap_ttls | Class | [eap_ttls] | No | |
eap_tls | Class | [eap_tls] | No | |
eap_fast | Class | [eap_fast] | No | |
peap | Class | [peap] | No |
teap (ise.network_access.policy_elements.allowed_protocols)
Name | Type | Constraint | Mandatory | Default Value |
---|---|---|---|---|
eap_ms_chap_v2 | Boolean | true , false | No | true |
eap_ms_chap_v2_pwd_change | Boolean | true , false | No | true |
eap_ms_chap_v2_pwd_change_retries | Integer | min: 0 , max: 3 | No | 3 |
eap_tls | Boolean | true , false | No | true |
eap_tls_auth_of_expired_certs | Boolean | true , false | No | false |
accept_client_cert_during_tunnel_est | Boolean | true , false | No | true |
enable_eap_chaining | Boolean | true , false | No | false |
allow_downgrade_msk | Boolean | true , false | No | true |
request_basic_pwd_auth | Boolean | true , false | No | false |
eap_ttls (ise.network_access.policy_elements.allowed_protocols)
Name | Type | Constraint | Mandatory | Default Value |
---|---|---|---|---|
pap_ascii | Boolean | true , false | No | true |
chap | Boolean | true , false | No | true |
ms_chap_v1 | Boolean | true , false | No | true |
ms_chap_v2 | Boolean | true , false | No | true |
eap_md5 | Boolean | true , false | No | true |
eap_ms_chap_v2 | Boolean | true , false | No | true |
eap_ms_chap_v2_pwd_change | Boolean | true , false | No | true |
eap_ms_chap_v2_pwd_change_retries | Integer | min: 0 , max: 3 | No | 1 |
eap_tls (ise.network_access.policy_elements.allowed_protocols)
Name | Type | Constraint | Mandatory | Default Value |
---|---|---|---|---|
auth_of_expired_certs | Boolean | true , false | No | false |
enable_stateless_session_resume | Boolean | true , false | No | false |
session_ticket_ttl | Integer | min: 1 | No | |
session_ticket_ttl_unit | Choice | SECONDSMINUTES , HOURS , DAYS , WEEKS | No | |
session_ticket_percentage | Integer | min: 1 , max: 100 | No |
eap_fast (ise.network_access.policy_elements.allowed_protocols)
Name | Type | Constraint | Mandatory | Default Value |
---|---|---|---|---|
eap_ms_chap_v2 | Boolean | true , false | No | true |
eap_ms_chap_v2_pwd_change | Boolean | true , false | No | true |
eap_ms_chap_v2_pwd_change_retries | Integer | min: 0 , max: 3 | No | 1 |
eap_gtc | Boolean | true , false | No | true |
eap_gtc_pwd_change | Boolean | true , false | No | true |
eap_gtc_pwd_change_retries | Integer | min: 0 , max: 3 | No | 1 |
eap_tls | Boolean | true , false | No | true |
eap_tls_auth_of_expired_certs | Boolean | true , false | No | false |
use_pacs | Boolean | true , false | No | true |
use_pacs_tunnel_pac_ttl | Integer | min: 1 , max: 10000 | No | 90 |
use_pacs_tunnel_pac_ttl_units | Choice | SECONDSMINUTES , HOURS , DAYS , WEEKS | No | DAYS |
use_pacs_use_proactive_pac_update_precentage | Integer | min: 1 , max: 100 | No | 10 |
use_pacs_allow_anonym_provisioning | Boolean | true , false | No | false |
use_pacs_allow_authen_provisioning | Boolean | true , false | No | false |
use_pacs_accept_client_cert | Boolean | true , false | No | false |
use_pacs_server_returns | Boolean | true , false | No | false |
use_pacs_allow_machine_authentication | Boolean | true , false | No | false |
use_pacs_machine_pac_ttl | Integer | min: 1 , max: 10000 | No | 1 |
use_pacs_machine_pac_ttl_units | Choice | SECONDSMINUTES , HOURS , DAYS , WEEKS | No | WEEKS |
use_pacs_stateless_session_resume | Boolean | true , false | No | false |
enable_eap_chaining | Boolean | true , false | No | false |
peap (ise.network_access.policy_elements.allowed_protocols)
Name | Type | Constraint | Mandatory | Default Value |
---|---|---|---|---|
eap_ms_chap_v2 | Boolean | true , false | No | true |
eap_ms_chap_v2_pwd_change | Boolean | true , false | No | true |
eap_ms_chap_v2_pwd_change_retries | Integer | min: 0 , max: 3 | No | 1 |
eap_gtc | Boolean | true , false | No | false |
eap_gtc_pwd_change | Boolean | true , false | No | false |
eap_gtc_pwd_change_retries | Integer | min: 0 , max: 3 | No | 1 |
eap_tls | Boolean | true , false | No | true |
eap_tls_auth_of_expired_certs | Boolean | true , false | No | false |
require_cryptobinding | Boolean | true , false | No | false |
peap_v0 | Boolean | true , false | No | false |
Examples
ise: network_access: policy_elements: allowed_protocols: - name: Global Protocols description: Allowed protocols eap_tls: auth_of_expired_certs: false enable_stateless_session_resume: true session_ticket_ttl: 5 session_ticket_ttl_unit: DAYS session_ticket_percentage: 5 eap_fast: eap_ms_chap_v2: true eap_ms_chap_v2_pwd_change: true eap_ms_chap_v2_pwd_change_retries: 3 eap_gtc: true eap_gtc_pwd_change: true eap_gtc_pwd_change_retries: 3 eap_tls: true eap_tls_auth_of_expired_certs: false use_pacs: true use_pacs_tunnel_pac_ttl: 90 use_pacs_tunnel_pac_ttl_units: DAYS use_pacs_use_proactive_pac_update_precentage: 90 use_pacs_allow_anonym_provisioning: true use_pacs_allow_authen_provisioning: true use_pacs_accept_client_cert: true use_pacs_server_returns: true use_pacs_allow_machine_authentication: true use_pacs_machine_pac_ttl: 1 use_pacs_machine_pac_ttl_units: WEEKS use_pacs_stateless_session_resume: false enable_eap_chaining: false eap_ttls: pap_ascii: true chap: true ms_chap_v1: true ms_chap_v2: true eap_md5: true eap_ms_chap_v2: true eap_ms_chap_v2_pwd_change: true eap_ms_chap_v2_pwd_change_retries: 1 teap: eap_ms_chap_v2: true eap_ms_chap_v2_pwd_change: true eap_ms_chap_v2_pwd_change_retries: 3 eap_tls: true eap_tls_auth_of_expired_certs: false accept_client_cert_during_tunnel_est: true enable_eap_chaining: false allow_downgrade_msk: true request_basic_pwd_auth: false process_host_lookup: true allow_pap_ascii: true allow_chap: false allow_ms_chap_v1: false allow_ms_chap_v2: false allow_eap_md5: true allow_leap: false allow_eap_tls: true allow_eap_ttls: true allow_eap_fast: true allow_peap: false allow_teap: true allow_preferred_eap_protocol: true preferred_eap_protocol: EAP_FAST eap_tls_l_bit: false allow_weak_ciphers_for_eap: false require_message_auth: false five_g: false