Network Device
Location in GUI: Administration » Network Resources » Network Devices
Diagram
Section titled “Diagram”
Classes
Section titled “Classes”network_resources (ise)
Section titled “network_resources (ise)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| network_devices | List | [network_devices] | No |
network_devices (ise.network_resources)
Section titled “network_devices (ise.network_resources)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| name | String | Regex: ^[\w\d_\-\.]+$ | Yes | |
| description | String | No | ||
| ips | List | [ips] | No | |
| profile_name | String | No | Cisco | |
| model_name | String | No | ||
| software_version | String | No | ||
| network_device_groups | List | String | No | |
| authentication_network_protocol | Choice | RADIUS, TACACS_PLUS | No | |
| radius | Class | [radius] | No | |
| tacacs | Class | [tacacs] | No | |
| snmp | Class | [snmp] | No | |
| trust_sec | Class | [trust_sec] | No |
ips (ise.network_resources.network_devices)
Section titled “ips (ise.network_resources.network_devices)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| ip | String | Yes | ||
| ip_exclude | String | No | ||
| mask | Integer | min: 0, max: 128 | No | 32 |
radius (ise.network_resources.network_devices)
Section titled “radius (ise.network_resources.network_devices)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| shared_secret | String | No | ||
| second_shared_secret | String | No | ||
| coa_port | Integer | min: 1, max: 65535 | No | 1700 |
| dtls_required | Boolean | true, false | No | false |
| dtls_dns_name | String | No | ||
| enable_key_wrap | Boolean | true, false | No | false |
| encryption_key | String | No | ||
| encryption_key_format | Choice | ASCII, HEXADECIMAL | No | ASCII |
| message_authenticator_code_key | String | No |
tacacs (ise.network_resources.network_devices)
Section titled “tacacs (ise.network_resources.network_devices)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| connect_mode_options | Choice | OFF, ON_LEGACY, ON_DRAFT_COMPLIANT | No | OFF |
| shared_secret | String | No |
snmp (ise.network_resources.network_devices)
Section titled “snmp (ise.network_resources.network_devices)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| link_trap_query | Boolean | true, false | No | true |
| mac_trap_query | Boolean | true, false | No | true |
| originating_policy_services_node | String | No | ||
| polling_interval | Any | Integer[min: 600, max: 86400] or Integer[min: 0, max: 0] | No | 28800 |
| ro_community | String | No | ||
| version | Choice | ONE, TWO_C, THREE | No |
trust_sec (ise.network_resources.network_devices)
Section titled “trust_sec (ise.network_resources.network_devices)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| device_id | String | No | ||
| device_password | String | No | ||
| rest_api_username | String | No | ||
| rest_api_password | String | No | ||
| download_environment_data_every_x_seconds | Integer | min: 0 | No | 86400 |
| download_peer_authorization_policy_every_x_seconds | Integer | min: 0 | No | 86400 |
| re_authentication_every_x_seconds | Integer | min: 0 | No | 86400 |
| download_sgacl_lists_every_x_seconds | Integer | min: 0 | No | 86400 |
| other_sga_devices_to_trust_this_device | Boolean | true, false | No | true |
| send_configuration_to_device | Boolean | true, false | No | false |
| send_configuration_to_device_using | Choice | ENABLE_USING_COA, ENABLE_USING_CLI, DISABLE_ALL | No | DISABLE_ALL |
| coa_source_host | String | No | ||
| include_when_deploying_sgt_updates | Boolean | true, false | No | false |
| exec_mode_username | String | No | ||
| exec_mode_password | String | No | ||
| enable_mode_password | String | No |
Examples
Section titled “Examples”Simple example:
ise: network_resources: network_devices: - name: Router1 ips: - ip: 10.1.2.3 radius: shared_secret: Cisco123Full example:
ise: network_resources: network_devices: - name: Switch1 description: My first switch ips: - ip: 10.1.2.3 network_device_groups: - Is IPSEC Device - All Device Types - All Locations profile_name: Cisco model_name: C9300-24UX software_version: "17.10.1" authentication_network_protocol: RADIUS radius: shared_secret: Cisco123 second_shared_secret: Cisco1234 coa_port: 1701 dtls_required: true dtls_dns_name: cisco.com enable_key_wrap: true encryption_key: Cisco123Cisco123 encryption_key_format: ASCII message_authenticator_code_key: Cisco123Cisco1231234 tacacs: connect_mode_options: ON_LEGACY shared_secret: Cisco123 snmp: link_trap_query: false mac_trap_query: false polling_interval: 10000 originating_policy_services_node: ise1 ro_community: Cisco123 version: TWO_C trust_sec: device_id: Dev1 device_password: Cisco123 rest_api_username: dev1 rest_api_password: Cisco123 download_environment_data_every_x_seconds: 10000 download_peer_authorization_policy_every_x_seconds: 10000 re_authentication_every_x_seconds: 10000 download_sgacl_lists_every_x_seconds: 10000 other_sga_devices_to_trust_this_device: false send_configuration_to_device: true send_configuration_to_device_using: ENABLE_USING_COA coa_source_host: ise1.cisco.com include_when_deploying_sgt_updates: true exec_mode_username: dev1 exec_mode_password: Cisco123 enable_mode_password: Cisco123