cisco.ise.allowed_protocols – Resource module for Allowed Protocols¶
Note
This plugin is part of the cisco.ise collection (version 0.0.9).
To install it use: ansible-galaxy collection install cisco.ise.
To use it in a playbook, specify: cisco.ise.allowed_protocols.
New in version 1.0.0: of cisco.ise
Synopsis¶
Manage operations create, update and delete of the resource Allowed Protocols.
Note
This module has a corresponding action plugin.
Parameters¶
See Also¶
See also
- cisco.ise.plugins.module_utils.definitions.allowed_protocols
The official documentation on the cisco.ise.plugins.module_utils.definitions.allowed_protocols module.
- Allowed Protocols reference
Complete reference of the Allowed Protocols object model.
Examples¶
- name: Create
cisco.ise.allowed_protocols:
ise_hostname: "{{ise_hostname}}"
ise_username: "{{ise_username}}"
ise_password: "{{ise_password}}"
ise_verify: "{{ise_verify}}"
state: present
allowChap: false
allowEapFast: true
allowEapMd5: true
allowEapTls: true
allowEapTtls: true
allowLeap: false
allowMsChapV1: false
allowMsChapV2: false
allowPapAscii: true
allowPeap: true
allowPreferredEapProtocol: true
allowTeap: true
allowWeakCiphersForEap: false
description: example allowed protocols
eapFast:
allowEapFastEapGtc: true
allowEapFastEapGtcPwdChange: true
allowEapFastEapGtcPwdChangeRetries: 1
allowEapFastEapMsChapV2: true
allowEapFastEapMsChapV2PwdChange: true
allowEapFastEapMsChapV2PwdChangeRetries: 1
allowEapFastEapTls: true
allowEapFastEapTlsAuthOfExpiredCerts: false
eapFastEnableEAPChaining: false
eapFastUsePacs: true
eapFastUsePacsAllowAnonymProvisioning: false
eapFastUsePacsAllowAuthenProvisioning: false
eapFastUsePacsAllowMachineAuthentication: false
eapFastUsePacsStatelessSessionResume: false
eapFastUsePacsTunnelPacTtl: 7776000
eapFastUsePacsTunnelPacTtlUnits: SECONDS
eapFastUsePacsUseProactivePacUpdatePrecentage: 10
eapTls:
allowEapTlsAuthOfExpiredCerts: false
eapTlsEnableStatelessSessionResume: false
eapTlsLBit: false
eapTtls:
eapTtlsChap: true
eapTtlsEapMd5: true
eapTtlsEapMsChapV2: true
eapTtlsEapMsChapV2PwdChange: true
eapTtlsEapMsChapV2PwdChangeRetries: 1
eapTtlsMsChapV1: true
eapTtlsMsChapV2: true
eapTtlsPapAscii: true
name: allowedprotocols1
peap:
allowPeapEapGtc: false
allowPeapEapMsChapV2: true
allowPeapEapMsChapV2PwdChange: true
allowPeapEapMsChapV2PwdChangeRetries: 1
allowPeapEapTls: true
allowPeapEapTlsAuthOfExpiredCerts: false
allowPeapV0: false
requireCryptobinding: false
preferredEapProtocol: PEAP
processHostLookup: true
requireMessageAuth: false
teap:
acceptClientCertDuringTunnelEst: true
allowTeapEapMsChapV2: true
allowTeapEapMsChapV2PwdChange: true
allowTeapEapMsChapV2PwdChangeRetries: 3
allowTeapEapTls: true
allowTeapEapTlsAuthOfExpiredCerts: false
enableEapChaining: false
requestBasicPwdAuth: false
- name: Update by id
cisco.ise.allowed_protocols:
ise_hostname: "{{ise_hostname}}"
ise_username: "{{ise_username}}"
ise_password: "{{ise_password}}"
ise_verify: "{{ise_verify}}"
state: present
allowChap: false
allowEapFast: true
allowEapMd5: true
allowEapTls: true
allowEapTtls: true
allowLeap: false
allowMsChapV1: false
allowMsChapV2: false
allowPapAscii: true
allowPeap: true
allowPreferredEapProtocol: true
allowTeap: true
allowWeakCiphersForEap: false
description: example allowed protocols
eapFast:
allowEapFastEapGtc: true
allowEapFastEapGtcPwdChange: true
allowEapFastEapGtcPwdChangeRetries: 1
allowEapFastEapMsChapV2: true
allowEapFastEapMsChapV2PwdChange: true
allowEapFastEapMsChapV2PwdChangeRetries: 1
allowEapFastEapTls: true
allowEapFastEapTlsAuthOfExpiredCerts: false
eapFastEnableEAPChaining: false
eapFastUsePacs: true
eapFastUsePacsAllowAnonymProvisioning: false
eapFastUsePacsAllowAuthenProvisioning: false
eapFastUsePacsAllowMachineAuthentication: false
eapFastUsePacsStatelessSessionResume: false
eapFastUsePacsTunnelPacTtl: 7776000
eapFastUsePacsTunnelPacTtlUnits: SECONDS
eapFastUsePacsUseProactivePacUpdatePrecentage: 10
eapTls:
allowEapTlsAuthOfExpiredCerts: false
eapTlsEnableStatelessSessionResume: false
eapTlsLBit: false
eapTtls:
eapTtlsChap: true
eapTtlsEapMd5: true
eapTtlsEapMsChapV2: true
eapTtlsEapMsChapV2PwdChange: true
eapTtlsEapMsChapV2PwdChangeRetries: 1
eapTtlsMsChapV1: true
eapTtlsMsChapV2: true
eapTtlsPapAscii: true
id: string
name: allowedprotocols1
peap:
allowPeapEapGtc: false
allowPeapEapMsChapV2: true
allowPeapEapMsChapV2PwdChange: true
allowPeapEapMsChapV2PwdChangeRetries: 1
allowPeapEapTls: true
allowPeapEapTlsAuthOfExpiredCerts: false
allowPeapV0: false
requireCryptobinding: false
preferredEapProtocol: PEAP
processHostLookup: true
requireMessageAuth: false
teap:
acceptClientCertDuringTunnelEst: true
allowTeapEapMsChapV2: true
allowTeapEapMsChapV2PwdChange: true
allowTeapEapMsChapV2PwdChangeRetries: 3
allowTeapEapTls: true
allowTeapEapTlsAuthOfExpiredCerts: false
enableEapChaining: false
requestBasicPwdAuth: false
- name: Delete by id
cisco.ise.allowed_protocols:
ise_hostname: "{{ise_hostname}}"
ise_username: "{{ise_username}}"
ise_password: "{{ise_password}}"
ise_verify: "{{ise_verify}}"
state: absent
id: string
Return Values¶
Common return values are documented here, the following are the fields unique to this module:
| Key | Returned | Description |
|---|---|---|
|
ise_response
dictionary
|
always |
A dictionary or list with the response returned by the Cisco ISE Python SDK
Sample:
{}
|
Authors¶
Rafael Campos (@racampos)