Network Device

Location in GUI: Administration » Network Resources » Network Devices

Diagram

Classes

network_resources (ise)

Name	Type	Constraint	Mandatory	Default Value
network_devices	List	`[network_devices]`	No

network_devices (ise.network_resources)

Name	Type	Constraint	Mandatory	Default Value
name	String	Regex: `^[\w\d_\-\.]+$`	Yes
description	String		No
ips	List	`[ips]`	No
profile_name	String		No	`Cisco`
model_name	String		No
software_version	String		No
network_device_groups	List	String	No
authentication_network_protocol	Choice	`RADIUS`, `TACACS_PLUS`	No
radius	Class	`[radius]`	No
tacacs	Class	`[tacacs]`	No
snmp	Class	`[snmp]`	No
trust_sec	Class	`[trust_sec]`	No

ips (ise.network_resources.network_devices)

Name	Type	Constraint	Mandatory	Default Value
ip	String		Yes
ip_exclude	String		No
mask	Integer	min: `0`, max: `128`	No	`32`

radius (ise.network_resources.network_devices)

Name	Type	Constraint	Mandatory	Default Value
shared_secret	String		No
second_shared_secret	String		No
coa_port	Integer	min: `1`, max: `65535`	No	`1700`
dtls_required	Boolean	`true`, `false`	No	`false`
dtls_dns_name	String		No
enable_key_wrap	Boolean	`true`, `false`	No	`false`
encryption_key	String		No
encryption_key_format	Choice	`ASCII`, `HEXADECIMAL`	No	`ASCII`
message_authenticator_code_key	String		No

tacacs (ise.network_resources.network_devices)

Name	Type	Constraint	Mandatory	Default Value
connect_mode_options	Choice	`OFF`, `ON_LEGACY`, `ON_DRAFT_COMPLIANT`	No	`OFF`
shared_secret	String		No

snmp (ise.network_resources.network_devices)

Name	Type	Constraint	Mandatory	Default Value
link_trap_query	Boolean	`true`, `false`	No	`true`
mac_trap_query	Boolean	`true`, `false`	No	`true`
originating_policy_services_node	String		No
polling_interval	Any	Integer[min: `600`, max: `86400`] or Integer[min: `0`, max: `0`]	No	`28800`
ro_community	String		No
version	Choice	`ONE`, `TWO_C`, `THREE`	No

trust_sec (ise.network_resources.network_devices)

Name	Type	Constraint	Mandatory	Default Value
device_id	String		No
device_password	String		No
rest_api_username	String		No
rest_api_password	String		No
download_environment_data_every_x_seconds	Integer	min: `0`	No	`86400`
download_peer_authorization_policy_every_x_seconds	Integer	min: `0`	No	`86400`
re_authentication_every_x_seconds	Integer	min: `0`	No	`86400`
download_sgacl_lists_every_x_seconds	Integer	min: `0`	No	`86400`
other_sga_devices_to_trust_this_device	Boolean	`true`, `false`	No	`true`
send_configuration_to_device	Boolean	`true`, `false`	No	`false`
send_configuration_to_device_using	Choice	`ENABLE_USING_COA`, `ENABLE_USING_CLI`, `DISABLE_ALL`	No	`DISABLE_ALL`
coa_source_host	String		No
include_when_deploying_sgt_updates	Boolean	`true`, `false`	No	`false`
exec_mode_username	String		No
exec_mode_password	String		No
enable_mode_password	String		No

Examples

Simple example:

ise:
  network_resources:
    network_devices:
      - name: Router1
        ips:
          - ip: 10.1.2.3
        radius:
          shared_secret: Cisco123

Full example:

ise:
  network_resources:
    network_devices:
      - name: Switch1
        description: My first switch
        ips:
          - ip: 10.1.2.3
        network_device_groups:
          - Is IPSEC Device
          - All Device Types
          - All Locations
        profile_name: Cisco
        model_name: C9300-24UX
        software_version: "17.10.1"
        authentication_network_protocol: RADIUS
        radius:
          shared_secret: Cisco123
          second_shared_secret: Cisco1234
          coa_port: 1701
          dtls_required: true
          dtls_dns_name: cisco.com
          enable_key_wrap: true
          encryption_key: Cisco123Cisco123
          encryption_key_format: ASCII
          message_authenticator_code_key: Cisco123Cisco1231234
        tacacs:
          connect_mode_options: ON_LEGACY
          shared_secret: Cisco123
        snmp:
          link_trap_query: false
          mac_trap_query: false
          polling_interval: 10000
          originating_policy_services_node: ise1
          ro_community: Cisco123
          version: TWO_C
        trust_sec:
          device_id: Dev1
          device_password: Cisco123
          rest_api_username: dev1
          rest_api_password: Cisco123
          download_environment_data_every_x_seconds: 10000
          download_peer_authorization_policy_every_x_seconds: 10000
          re_authentication_every_x_seconds: 10000
          download_sgacl_lists_every_x_seconds: 10000
          other_sga_devices_to_trust_this_device: false
          send_configuration_to_device: true
          send_configuration_to_device_using: ENABLE_USING_COA
          coa_source_host: ise1.cisco.com
          include_when_deploying_sgt_updates: true
          exec_mode_username: dev1
          exec_mode_password: Cisco123
          enable_mode_password: Cisco123