Location in GUI: Work Centers
» Network Access
» Policy Sets
» XXX
» Authentication Policy
Diagram
Classes
policy_sets (ise.network_access)
Name | Type | Constraint | Mandatory | Default Value |
---|
authentication_rules | List | [authentication_rules] | No | |
authentication_rules (ise.network_access.policy_sets)
Name | Type | Constraint | Mandatory | Default Value |
---|
name | String | Regex: ^[\w\d_\-\.]+$ | Yes | |
state | Choice | enabled , disabled , monitor | No | enabled |
condition | Class | [condition] | No | |
identity_source_name | String | | No | |
if_auth_fail | Choice | REJECT , CONTINUE , DROP | No | REJECT |
if_user_not_found | Choice | REJECT , CONTINUE , DROP | No | REJECT |
if_process_fail | Choice | REJECT , CONTINUE , DROP | No | DROP |
condition (ise.network_access.policy_sets.authentication_rules)
Name | Type | Constraint | Mandatory | Default Value |
---|
type | Choice | ConditionReference , ConditionAttributes , ConditionAndBlock , ConditionOrBlock | Yes | |
is_negate | Boolean | true , false | No | false |
dictionary_name | String | | No | |
attribute_name | String | | No | |
operator | Choice | contains , endsWith , equals , greaterOrEquals , greaterThan , in , ipEquals , ipGreaterThan , ipLessThan , ipNotEquals , lessOrEquals , lessThan , matches , notContains , notEndsWith , notEquals , notIn , notStartsWith , startsWith | No | |
attribute_value | String | | No | |
name | String | | No | |
children | List | [children] | No | |
children (ise.network_access.policy_sets.authentication_rules.condition)
Name | Type | Constraint | Mandatory | Default Value |
---|
type | Choice | ConditionReference , ConditionAttributes , ConditionAndBlock , ConditionOrBlock | Yes | |
is_negate | Boolean | true , false | No | |
dictionary_name | String | | No | |
attribute_name | String | | No | |
operator | Choice | contains , endsWith , equals , greaterOrEquals , greaterThan , in , ipEquals , ipGreaterThan , ipLessThan , ipNotEquals , lessOrEquals , lessThan , matches , notContains , notEndsWith , notEquals , notIn , notStartsWith , startsWith | No | |
attribute_value | String | | No | |
name | String | | No | |
children | List | [children] | No | |
children (ise.network_access.policy_sets.authentication_rules.condition.children)
Name | Type | Constraint | Mandatory | Default Value |
---|
type | Choice | ConditionReference , ConditionAttributes | Yes | |
is_negate | Boolean | true , false | No | |
dictionary_name | String | | No | |
attribute_name | String | | No | |
operator | Choice | contains , endsWith , equals , greaterOrEquals , greaterThan , in , ipEquals , ipGreaterThan , ipLessThan , ipNotEquals , lessOrEquals , lessThan , matches , notContains , notEndsWith , notEquals , notIn , notStartsWith , startsWith | No | |
attribute_value | String | | No | |
name | String | | No | |
Examples
- type: ConditionAttributes
dictionary_name: CERTIFICATE
attribute_name: Subject - Common Name
- type: ConditionReference
identity_source_name: Global_Certificate
if_user_not_found: CONTINUE