cisco.ise.allowed_protocols module – Resource module for Allowed Protocols

Note

This module is part of the cisco.ise collection (version 2.3.2).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install cisco.ise.

To use it in a playbook, specify: cisco.ise.allowed_protocols.

New in version 1.0.0: of cisco.ise

Synopsis

  • Manage operations create, update and delete of the resource Allowed Protocols.

  • This API creates an allowed protocol.

  • This API deletes an allowed protocol.

Note

This module has a corresponding action plugin.

Requirements

The below requirements are needed on the host that executes this module.

  • ciscoisesdk >= 2.0.1

  • python >= 3.5

Parameters

Parameter

Comments

allowChap

boolean

AllowChap flag.

Choices:

  • no

  • yes

allowEapFast

boolean

AllowEapFast flag.

Choices:

  • no

  • yes

allowEapMd5

boolean

AllowEapMd5 flag.

Choices:

  • no

  • yes

allowEapTls

boolean

AllowEapTls flag.

Choices:

  • no

  • yes

allowEapTtls

boolean

AllowEapTtls flag.

Choices:

  • no

  • yes

allowLeap

boolean

AllowLeap flag.

Choices:

  • no

  • yes

allowMsChapV1

boolean

AllowMsChapV1 flag.

Choices:

  • no

  • yes

allowMsChapV2

boolean

AllowMsChapV2 flag.

Choices:

  • no

  • yes

allowPapAscii

boolean

AllowPapAscii flag.

Choices:

  • no

  • yes

allowPeap

boolean

AllowPeap flag.

Choices:

  • no

  • yes

allowPreferredEapProtocol

boolean

AllowPreferredEapProtocol flag.

Choices:

  • no

  • yes

allowTeap

boolean

AllowTeap flag.

Choices:

  • no

  • yes

allowWeakCiphersForEap

boolean

AllowWeakCiphersForEap flag.

Choices:

  • no

  • yes

description

string

Allowed Protocols’s description.

eapFast

dictionary

The eapFast is required only if allowEapFast is true, otherwise it must be ignored. The object eapFast contains the settings for EAP FAST protocol.

allowEapFastEapGtc

boolean

AllowEapFastEapGtc flag.

Choices:

  • no

  • yes

allowEapFastEapGtcPwdChange

boolean

The allowEapFastEapGtcPwdChange is required only if allowEapFastEapGtc is true, otherwise it must be ignored.

Choices:

  • no

  • yes

allowEapFastEapGtcPwdChangeRetries

integer

The allowEapFastEapGtcPwdChangeRetries is required only if allowEapFastEapGtc is true, otherwise it must be ignored. Valid range is 0-3.

allowEapFastEapMsChapV2

boolean

AllowEapFastEapMsChapV2 flag.

Choices:

  • no

  • yes

allowEapFastEapMsChapV2PwdChange

boolean

The allowEapFastEapMsChapV2PwdChange is required only if allowEapFastEapMsChapV2 is true, otherwise it must be ignored.

Choices:

  • no

  • yes

allowEapFastEapMsChapV2PwdChangeRetries

integer

The allowEapFastEapMsChapV2PwdChangeRetries is required only if eapTtlsEapMsChapV2 is true, otherwise it must be ignored. Valid range is 0-3.

allowEapFastEapTls

boolean

AllowEapFastEapTls flag.

Choices:

  • no

  • yes

allowEapFastEapTlsAuthOfExpiredCerts

boolean

The allowEapFastEapTlsAuthOfExpiredCerts is required only if allowEapFastEapTls is true, otherwise it must be ignored.

Choices:

  • no

  • yes

eapFastDontUsePacsAcceptClientCert

boolean

The eapFastDontUsePacsAcceptClientCert is required only if eapFastUsePacs is FALSE, otherwise it must be ignored.

Choices:

  • no

  • yes

eapFastDontUsePacsAllowMachineAuthentication

boolean

The eapFastDontUsePacsAllowMachineAuthentication is required only if eapFastUsePacs is FALSE, otherwise it must be ignored.

Choices:

  • no

  • yes

eapFastEnableEAPChaining

boolean

EapFastEnableEAPChaining flag.

Choices:

  • no

  • yes

eapFastUsePacs

boolean

EapFastUsePacs flag.

Choices:

  • no

  • yes

eapFastUsePacsAcceptClientCert

boolean

The eapFastUsePacsAcceptClientCert is required only if eapFastUsePacsAllowAuthenProvisioning is true, otherwise it must be ignored.

Choices:

  • no

  • yes

eapFastUsePacsAllowAnonymProvisioning

boolean

The eapFastUsePacsAllowAnonymProvisioning is required only if eapFastUsePacs is true, otherwise it must be ignored.

Choices:

  • no

  • yes

eapFastUsePacsAllowAuthenProvisioning

boolean

The eapFastUsePacsAllowAuthenProvisioning is required only if eapFastUsePacs is true, otherwise it must be ignored.

Choices:

  • no

  • yes

eapFastUsePacsAllowMachineAuthentication

boolean

EapFastUsePacsAllowMachineAuthentication flag.

Choices:

  • no

  • yes

eapFastUsePacsAuthorizationPacTtl

integer

The eapFastUsePacsAuthorizationPacTtl is required only if eapFastUsePacsStatelessSessionResume is true, otherwise it must be ignored.

eapFastUsePacsAuthorizationPacTtlUnits

string

The eapFastUsePacsAuthorizationPacTtlUnits is required only if eapFastUsePacsStatelessSessionResume is true, otherwise it must be ignored. Allowed Values - SECONDS, - MINUTES, - HOURS, - DAYS, - WEEKS.

eapFastUsePacsMachinePacTtl

integer

The eapFastUsePacsMachinePacTtl is required only if eapFastUsePacsAllowMachineAuthentication is true, otherwise it must be ignored.

eapFastUsePacsMachinePacTtlUnits

string

The eapFastUsePacsMachinePacTtlUnits is required only if eapFastUsePacsAllowMachineAuthentication is true, otherwise it must be ignored. Allowed Values - SECONDS, - MINUTES, - HOURS, - DAYS, - WEEKS.

eapFastUsePacsReturnAccessAcceptAfterAuthenticatedProvisioning

boolean

The eapFastUsePacsReturnAccessAcceptAfterAuthenticatedProvisioning is required only if eapFastUsePacsAllowAuthenProvisioning is true, otherwise it must be ignored.

Choices:

  • no

  • yes

eapFastUsePacsStatelessSessionResume

boolean

The eapFastUsePacsStatelessSessionResume is required only if eapFastUsePacs is true, otherwise it must be ignored.

Choices:

  • no

  • yes

eapFastUsePacsTunnelPacTtl

integer

The eapFastUsePacsTunnelPacTtl is required only if eapFastUsePacs is true, otherwise it must be ignored.

eapFastUsePacsTunnelPacTtlUnits

string

The eapFastUsePacsTunnelPacTtlUnits is required only if eapFastUsePacs is true, otherwise it must be ignored. Allowed Values - SECONDS, - MINUTES, - HOURS, - DAYS, - WEEKS.

eapFastUsePacsUseProactivePacUpdatePrecentage

integer

The eapFastUsePacsUseProactivePacUpdatePrecentage is required only if eapFastUsePacs is true, otherwise it must be ignored.

eapTls

dictionary

The eapTls is required only if allowEapTls is true, otherwise it must be ignored. The object eapTls contains the settings for EAP TLS protocol.

allowEapTlsAuthOfExpiredCerts

boolean

AllowEapTlsAuthOfExpiredCerts flag.

Choices:

  • no

  • yes

eapTlsEnableStatelessSessionResume

boolean

EapTlsEnableStatelessSessionResume flag.

Choices:

  • no

  • yes

eapTlsSessionTicketPrecentage

integer

The eapTlsSessionTicketPrecentage is required only if eapTlsEnableStatelessSessionResume is true, otherwise it must be ignored.

eapTlsSessionTicketTtl

integer

Time to live. The eapTlsSessionTicketTtl is required only if eapTlsEnableStatelessSessionResume is true, otherwise it must be ignored.

eapTlsSessionTicketTtlUnits

string

Time to live time units. The eapTlsSessionTicketTtlUnits is required only if eapTlsEnableStatelessSessionResume is true, otherwise it must be ignored. Allowed Values - SECONDS, - MINUTES, - HOURS, - DAYS, - WEEKS.

eapTlsLBit

boolean

EapTlsLBit flag.

Choices:

  • no

  • yes

eapTtls

dictionary

The eapTtls is required only if allowEapTtls is true, otherwise it must be ignored. The object eapTtls contains the settings for EAP TTLS protocol.

eapTtlsChap

boolean

EapTtlsChap flag.

Choices:

  • no

  • yes

eapTtlsEapMd5

boolean

EapTtlsEapMd5 flag.

Choices:

  • no

  • yes

eapTtlsEapMsChapV2

boolean

EapTtlsEapMsChapV2 flag.

Choices:

  • no

  • yes

eapTtlsEapMsChapV2PwdChange

boolean

The eapTtlsEapMsChapV2PwdChange is required only if eapTtlsEapMsChapV2 is true, otherwise it must be ignored.

Choices:

  • no

  • yes

eapTtlsEapMsChapV2PwdChangeRetries

integer

The eapTtlsEapMsChapV2PwdChangeRetries is required only if eapTtlsEapMsChapV2 is true, otherwise it must be ignored. Valid range is 0-3.

eapTtlsMsChapV1

boolean

EapTtlsMsChapV1 flag.

Choices:

  • no

  • yes

eapTtlsMsChapV2

boolean

EapTtlsMsChapV2 flag.

Choices:

  • no

  • yes

eapTtlsPapAscii

boolean

EapTtlsPapAscii flag.

Choices:

  • no

  • yes

id

string

Resource UUID, Mandatory for update.

ise_debug

boolean

Flag for Identity Services Engine SDK to enable debugging.

Choices:

  • no ← (default)

  • yes

ise_hostname

string / required

The Identity Services Engine hostname.

ise_password

string / required

The Identity Services Engine password to authenticate.

ise_username

string / required

The Identity Services Engine username to authenticate.

ise_uses_api_gateway

boolean

added in 1.1.0 of cisco.ise

Flag that informs the SDK whether to use the Identity Services Engine’s API Gateway to send requests.

If it is true, it uses the ISE’s API Gateway and sends requests to https://{{ise_hostname}}.

If it is false, it sends the requests to https://{{ise_hostname}}:{{port}}, where the port value depends on the Service used (ERS, Mnt, UI, PxGrid).

Choices:

  • no

  • yes ← (default)

ise_uses_csrf_token

boolean

added in 3.0.0 of cisco.ise

Flag that informs the SDK whether we send the CSRF token to ISE’s ERS APIs.

If it is True, the SDK assumes that your ISE CSRF Check is enabled.

If it is True, it assumes you need the SDK to manage the CSRF token automatically for you.

Choices:

  • no ← (default)

  • yes

ise_verify

boolean

Flag to enable or disable SSL certificate verification.

Choices:

  • no

  • yes ← (default)

ise_version

string

Informs the SDK which version of Identity Services Engine to use.

Default: “3.1.1”

ise_wait_on_rate_limit

boolean

Flag for Identity Services Engine SDK to enable automatic rate-limit handling.

Choices:

  • no

  • yes ← (default)

name

string

Resource Name.

peap

dictionary

Allowed Protocols’s peap.

allowPeapEapGtc

boolean

AllowPeapEapGtc flag.

Choices:

  • no

  • yes

allowPeapEapGtcPwdChange

boolean

The allowPeapEapGtcPwdChange is required only if allowPeapEapGtc is true, otherwise it must be ignored.

Choices:

  • no

  • yes

allowPeapEapGtcPwdChangeRetries

integer

The allowPeapEapGtcPwdChangeRetries is required only if allowPeapEapGtc is true, otherwise it must be ignored. Valid range is 0-3.

allowPeapEapMsChapV2

boolean

AllowPeapEapMsChapV2 flag.

Choices:

  • no

  • yes

allowPeapEapMsChapV2PwdChange

boolean

The allowPeapEapMsChapV2PwdChange is required only if allowPeapEapMsChapV2 is true, otherwise it must be ignored.

Choices:

  • no

  • yes

allowPeapEapMsChapV2PwdChangeRetries

integer

The allowPeapEapMsChapV2PwdChangeRetries is required only if allowPeapEapMsChapV2 is true, otherwise it must be ignored. Valid range is 0-3.

allowPeapEapTls

boolean

AllowPeapEapTls flag.

Choices:

  • no

  • yes

allowPeapEapTlsAuthOfExpiredCerts

boolean

The allowPeapEapTlsAuthOfExpiredCerts is required only if allowPeapEapTls is true, otherwise it must be ignored.

Choices:

  • no

  • yes

allowPeapV0

boolean

AllowPeapV0 flag.

Choices:

  • no

  • yes

requireCryptobinding

boolean

RequireCryptobinding flag.

Choices:

  • no

  • yes

preferredEapProtocol

string

The preferredEapProtocol is required only if allowPreferredEapProtocol is true, otherwise it must be ignored. Allowed Values - EAP_FAST, - PEAP, - LEAP, - EAP_MD5, - EAP_TLS, - EAP_TTLS, - TEAP.

processHostLookup

boolean

ProcessHostLookup flag.

Choices:

  • no

  • yes

requireMessageAuth

boolean

RequireMessageAuth flag.

Choices:

  • no

  • yes

teap

dictionary

The teap is required only if allowTeap is true, otherwise it must be ignored. The object teap contains the settings for TEAP protocol.

acceptClientCertDuringTunnelEst

boolean

AcceptClientCertDuringTunnelEst flag.

Choices:

  • no

  • yes

allowDowngradeMsk

boolean

AllowDowngradeMsk flag.

Choices:

  • no

  • yes

allowTeapEapMsChapV2

boolean

AllowTeapEapMsChapV2 flag.

Choices:

  • no

  • yes

allowTeapEapMsChapV2PwdChange

boolean

The allowTeapEapMsChapV2PwdChange is required only if allowTeapEapMsChapV2 is true, otherwise it must be ignored.

Choices:

  • no

  • yes

allowTeapEapMsChapV2PwdChangeRetries

integer

The allowTeapEapMsChapV2PwdChangeRetries is required only if allowTeapEapMsChapV2 is true, otherwise it must be ignored. Valid range is 0-3.

allowTeapEapTls

boolean

AllowTeapEapTls flag.

Choices:

  • no

  • yes

allowTeapEapTlsAuthOfExpiredCerts

boolean

The allowTeapEapTlsAuthOfExpiredCerts is required only if allowTeapEapTls is true, otherwise it must be ignored.

Choices:

  • no

  • yes

enableEapChaining

boolean

EnableEapChaining flag.

Choices:

  • no

  • yes

Notes

Note

  • SDK Method used are allowed_protocols.AllowedProtocols.create_allowed_protocol, allowed_protocols.AllowedProtocols.delete_allowed_protocol_by_id, allowed_protocols.AllowedProtocols.update_allowed_protocol_by_id,

  • Paths used are post /ers/config/allowedprotocols, delete /ers/config/allowedprotocols/{id},

  • Does not support check_mode

  • The plugin runs on the control node and does not use any ansible connection plugins, but instead the embedded connection manager from Cisco ISE SDK

  • The parameters starting with ise_ are used by the Cisco ISE Python SDK to establish the connection

Examples

- name: Update by id
  cisco.ise.allowed_protocols:
    ise_hostname: "{{ise_hostname}}"
    ise_username: "{{ise_username}}"
    ise_password: "{{ise_password}}"
    ise_verify: "{{ise_verify}}"
    state: present
    allowChap: true
    allowEapFast: true
    allowEapMd5: true
    allowEapTls: true
    allowEapTtls: true
    allowLeap: true
    allowMsChapV1: true
    allowMsChapV2: true
    allowPapAscii: true
    allowPeap: true
    allowPreferredEapProtocol: true
    allowTeap: true
    allowWeakCiphersForEap: true
    description: string
    eapFast:
      allowEapFastEapGtc: true
      allowEapFastEapGtcPwdChange: true
      allowEapFastEapGtcPwdChangeRetries: 0
      allowEapFastEapMsChapV2: true
      allowEapFastEapMsChapV2PwdChange: true
      allowEapFastEapMsChapV2PwdChangeRetries: 0
      allowEapFastEapTls: true
      allowEapFastEapTlsAuthOfExpiredCerts: true
      eapFastDontUsePacsAcceptClientCert: true
      eapFastDontUsePacsAllowMachineAuthentication: true
      eapFastEnableEAPChaining: true
      eapFastUsePacs: true
      eapFastUsePacsAcceptClientCert: true
      eapFastUsePacsAllowAnonymProvisioning: true
      eapFastUsePacsAllowAuthenProvisioning: true
      eapFastUsePacsAllowMachineAuthentication: true
      eapFastUsePacsAuthorizationPacTtl: 0
      eapFastUsePacsAuthorizationPacTtlUnits: string
      eapFastUsePacsMachinePacTtl: 0
      eapFastUsePacsMachinePacTtlUnits: string
      eapFastUsePacsReturnAccessAcceptAfterAuthenticatedProvisioning: true
      eapFastUsePacsStatelessSessionResume: true
      eapFastUsePacsTunnelPacTtl: 0
      eapFastUsePacsTunnelPacTtlUnits: string
      eapFastUsePacsUseProactivePacUpdatePrecentage: 0
    eapTls:
      allowEapTlsAuthOfExpiredCerts: true
      eapTlsEnableStatelessSessionResume: true
      eapTlsSessionTicketPrecentage: 0
      eapTlsSessionTicketTtl: 0
      eapTlsSessionTicketTtlUnits: string
    eapTlsLBit: true
    eapTtls:
      eapTtlsChap: true
      eapTtlsEapMd5: true
      eapTtlsEapMsChapV2: true
      eapTtlsEapMsChapV2PwdChange: true
      eapTtlsEapMsChapV2PwdChangeRetries: 0
      eapTtlsMsChapV1: true
      eapTtlsMsChapV2: true
      eapTtlsPapAscii: true
    id: string
    name: string
    peap:
      allowPeapEapGtc: true
      allowPeapEapGtcPwdChange: true
      allowPeapEapGtcPwdChangeRetries: 0
      allowPeapEapMsChapV2: true
      allowPeapEapMsChapV2PwdChange: true
      allowPeapEapMsChapV2PwdChangeRetries: 0
      allowPeapEapTls: true
      allowPeapEapTlsAuthOfExpiredCerts: true
      allowPeapV0: true
      requireCryptobinding: true
    preferredEapProtocol: string
    processHostLookup: true
    requireMessageAuth: true
    teap:
      acceptClientCertDuringTunnelEst: true
      allowDowngradeMsk: true
      allowTeapEapMsChapV2: true
      allowTeapEapMsChapV2PwdChange: true
      allowTeapEapMsChapV2PwdChangeRetries: 0
      allowTeapEapTls: true
      allowTeapEapTlsAuthOfExpiredCerts: true
      enableEapChaining: true

- name: Delete by id
  cisco.ise.allowed_protocols:
    ise_hostname: "{{ise_hostname}}"
    ise_username: "{{ise_username}}"
    ise_password: "{{ise_password}}"
    ise_verify: "{{ise_verify}}"
    state: absent
    id: string

- name: Create
  cisco.ise.allowed_protocols:
    ise_hostname: "{{ise_hostname}}"
    ise_username: "{{ise_username}}"
    ise_password: "{{ise_password}}"
    ise_verify: "{{ise_verify}}"
    state: present
    allowChap: true
    allowEapFast: true
    allowEapMd5: true
    allowEapTls: true
    allowEapTtls: true
    allowLeap: true
    allowMsChapV1: true
    allowMsChapV2: true
    allowPapAscii: true
    allowPeap: true
    allowPreferredEapProtocol: true
    allowTeap: true
    allowWeakCiphersForEap: true
    description: string
    eapFast:
      allowEapFastEapGtc: true
      allowEapFastEapGtcPwdChange: true
      allowEapFastEapGtcPwdChangeRetries: 0
      allowEapFastEapMsChapV2: true
      allowEapFastEapMsChapV2PwdChange: true
      allowEapFastEapMsChapV2PwdChangeRetries: 0
      allowEapFastEapTls: true
      allowEapFastEapTlsAuthOfExpiredCerts: true
      eapFastDontUsePacsAcceptClientCert: true
      eapFastDontUsePacsAllowMachineAuthentication: true
      eapFastEnableEAPChaining: true
      eapFastUsePacs: true
      eapFastUsePacsAcceptClientCert: true
      eapFastUsePacsAllowAnonymProvisioning: true
      eapFastUsePacsAllowAuthenProvisioning: true
      eapFastUsePacsAllowMachineAuthentication: true
      eapFastUsePacsAuthorizationPacTtl: 0
      eapFastUsePacsAuthorizationPacTtlUnits: string
      eapFastUsePacsMachinePacTtl: 0
      eapFastUsePacsMachinePacTtlUnits: string
      eapFastUsePacsReturnAccessAcceptAfterAuthenticatedProvisioning: true
      eapFastUsePacsStatelessSessionResume: true
      eapFastUsePacsTunnelPacTtl: 0
      eapFastUsePacsTunnelPacTtlUnits: string
      eapFastUsePacsUseProactivePacUpdatePrecentage: 0
    eapTls:
      allowEapTlsAuthOfExpiredCerts: true
      eapTlsEnableStatelessSessionResume: true
      eapTlsSessionTicketPrecentage: 0
      eapTlsSessionTicketTtl: 0
      eapTlsSessionTicketTtlUnits: string
    eapTlsLBit: true
    eapTtls:
      eapTtlsChap: true
      eapTtlsEapMd5: true
      eapTtlsEapMsChapV2: true
      eapTtlsEapMsChapV2PwdChange: true
      eapTtlsEapMsChapV2PwdChangeRetries: 0
      eapTtlsMsChapV1: true
      eapTtlsMsChapV2: true
      eapTtlsPapAscii: true
    name: string
    peap:
      allowPeapEapGtc: true
      allowPeapEapGtcPwdChange: true
      allowPeapEapGtcPwdChangeRetries: 0
      allowPeapEapMsChapV2: true
      allowPeapEapMsChapV2PwdChange: true
      allowPeapEapMsChapV2PwdChangeRetries: 0
      allowPeapEapTls: true
      allowPeapEapTlsAuthOfExpiredCerts: true
      allowPeapV0: true
      requireCryptobinding: true
    preferredEapProtocol: string
    processHostLookup: true
    requireMessageAuth: true
    teap:
      acceptClientCertDuringTunnelEst: true
      allowDowngradeMsk: true
      allowTeapEapMsChapV2: true
      allowTeapEapMsChapV2PwdChange: true
      allowTeapEapMsChapV2PwdChangeRetries: 0
      allowTeapEapTls: true
      allowTeapEapTlsAuthOfExpiredCerts: true
      enableEapChaining: true

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

ise_response

dictionary

A dictionary or list with the response returned by the Cisco ISE Python SDK

Returned: always

Sample: “{\n \”id\”: \”string\”,\n \”name\”: \”string\”,\n \”description\”: \”string\”,\n \”eapTls\”: {\n \”allowEapTlsAuthOfExpiredCerts\”: true,\n \”eapTlsEnableStatelessSessionResume\”: true,\n \”eapTlsSessionTicketTtl\”: 0,\n \”eapTlsSessionTicketTtlUnits\”: \”string\”,\n \”eapTlsSessionTicketPrecentage\”: 0\n },\n \”peap\”: {\n \”allowPeapEapMsChapV2\”: true,\n \”allowPeapEapMsChapV2PwdChange\”: true,\n \”allowPeapEapMsChapV2PwdChangeRetries\”: 0,\n \”allowPeapEapGtc\”: true,\n \”allowPeapEapGtcPwdChange\”: true,\n \”allowPeapEapGtcPwdChangeRetries\”: 0,\n \”allowPeapEapTls\”: true,\n \”allowPeapEapTlsAuthOfExpiredCerts\”: true,\n \”requireCryptobinding\”: true,\n \”allowPeapV0\”: true\n },\n \”eapFast\”: {\n \”allowEapFastEapMsChapV2\”: true,\n \”allowEapFastEapMsChapV2PwdChange\”: true,\n \”allowEapFastEapMsChapV2PwdChangeRetries\”: 0,\n \”allowEapFastEapGtc\”: true,\n \”allowEapFastEapGtcPwdChange\”: true,\n \”allowEapFastEapGtcPwdChangeRetries\”: 0,\n \”allowEapFastEapTls\”: true,\n \”allowEapFastEapTlsAuthOfExpiredCerts\”: true,\n \”eapFastUsePacs\”: true,\n \”eapFastUsePacsTunnelPacTtl\”: 0,\n \”eapFastUsePacsTunnelPacTtlUnits\”: \”string\”,\n \”eapFastUsePacsUseProactivePacUpdatePrecentage\”: 0,\n \”eapFastUsePacsAllowAnonymProvisioning\”: true,\n \”eapFastUsePacsAllowAuthenProvisioning\”: true,\n \”eapFastUsePacsReturnAccessAcceptAfterAuthenticatedProvisioning\”: true,\n \”eapFastUsePacsAcceptClientCert\”: true,\n \”eapFastUsePacsMachinePacTtl\”: 0,\n \”eapFastUsePacsMachinePacTtlUnits\”: \”string\”,\n \”eapFastUsePacsAllowMachineAuthentication\”: true,\n \”eapFastUsePacsStatelessSessionResume\”: true,\n \”eapFastUsePacsAuthorizationPacTtl\”: 0,\n \”eapFastUsePacsAuthorizationPacTtlUnits\”: \”string\”,\n \”eapFastDontUsePacsAcceptClientCert\”: true,\n \”eapFastDontUsePacsAllowMachineAuthentication\”: true,\n \”eapFastEnableEAPChaining\”: true\n },\n \”eapTtls\”: {\n \”eapTtlsPapAscii\”: true,\n \”eapTtlsChap\”: true,\n \”eapTtlsMsChapV1\”: true,\n \”eapTtlsMsChapV2\”: true,\n \”eapTtlsEapMd5\”: true,\n \”eapTtlsEapMsChapV2\”: true,\n \”eapTtlsEapMsChapV2PwdChange\”: true,\n \”eapTtlsEapMsChapV2PwdChangeRetries\”: 0\n },\n \”teap\”: {\n \”allowTeapEapMsChapV2\”: true,\n \”allowTeapEapMsChapV2PwdChange\”: true,\n \”allowTeapEapMsChapV2PwdChangeRetries\”: 0,\n \”allowTeapEapTls\”: true,\n \”allowTeapEapTlsAuthOfExpiredCerts\”: true,\n \”acceptClientCertDuringTunnelEst\”: true,\n \”enableEapChaining\”: true,\n \”allowDowngradeMsk\”: true\n },\n \”processHostLookup\”: true,\n \”allowPapAscii\”: true,\n \”allowChap\”: true,\n \”allowMsChapV1\”: true,\n \”allowMsChapV2\”: true,\n \”allowEapMd5\”: true,\n \”allowLeap\”: true,\n \”allowEapTls\”: true,\n \”allowEapTtls\”: true,\n \”allowEapFast\”: true,\n \”allowPeap\”: true,\n \”allowTeap\”: true,\n \”allowPreferredEapProtocol\”: true,\n \”preferredEapProtocol\”: \”string\”,\n \”eapTlsLBit\”: true,\n \”allowWeakCiphersForEap\”: true,\n \”requireMessageAuth\”: true,\n \”link\”: {\n \”rel\”: \”string\”,\n \”href\”: \”string\”,\n \”type\”: \”string\”\n }\n}\n”

ise_update_response

dictionary

added in 1.1.0 of cisco.ise

A dictionary or list with the response returned by the Cisco ISE Python SDK

Returned: always

Sample: “{\n \”UpdatedFieldsList\”: {\n \”updatedField\”: [\n {\n \”field\”: \”string\”,\n \”oldValue\”: \”string\”,\n \”newValue\”: \”string\”\n }\n ],\n \”field\”: \”string\”,\n \”oldValue\”: \”string\”,\n \”newValue\”: \”string\”\n }\n}\n”

Authors

  • Rafael Campos (@racampos)