cisco.dnac.sites_wireless_settings_ssids module -- Resource module for Sites Wireless Settings Ssids
Note
This module is part of the cisco.dnac collection (version 6.28.0).
To install it, use: ansible-galaxy collection install cisco.dnac.
You need further requirements to be able to use this module,
see Requirements for details.
To use it in a playbook, specify: cisco.dnac.sites_wireless_settings_ssids.
New in cisco.dnac 6.15.0
Synopsis
This module represents an alias of the module sites_wireless_settings_ssids_v1
Note
This module has a corresponding action plugin.
Requirements
The below requirements are needed on the host that executes this module.
dnacentersdk >= 2.4.9
python >= 3.5
Parameters
Parameter |
Comments |
|---|---|
Activate the AAA Override feature when set to true. Choices: |
|
List of Accounting server IpAddresses. |
|
Pre-Auth Access Control List (ACL) Name. |
|
Authentication Server, Mandatory for Guest SSIDs with wlanType=Guest and l3AuthType=web_auth. |
|
List of Authentication/Authorization server IpAddresses. |
|
L2 Authentication Type (If authType is not open , then atleast one RSN Cipher Suite and corresponding valid AKM must be enabled). Default is L2 Authentication Type if exists else None. |
|
This refers to the duration of inactivity, measured in seconds, before a client connected to the Basic Service Set is considered idle and timed out. Default is Basic ServiceSet ClientIdle Timeout if exists else 300. |
|
Activate the maximum idle feature for the Basic Service Set. Choices: |
|
He default value is the Cckm Timestamp Tolerance (in milliseconds, if specified); otherwise, it is 0. |
|
Activate the feature that allows for the exclusion of clients. Choices: |
|
This refers to the length of time, in seconds, a client is excluded or blocked from accessing the network after a specified number of unsuccessful attempts. Default is Client Exclusion Timeout if exists else 180. |
|
This pertains to the maximum data transfer rate, specified in bits per second, that a client is permitted to achieve. It should be in mutliples of 500. Default is Client Rate Limit if exists else 0. |
|
Activate Coverage Hole Detection feature when set to true. Choices: |
|
The Directed Multicast Service feature becomes operational when it is set to true. Choices: |
|
Flag for Cisco DNA Center SDK to enable debugging. Choices: |
|
The Cisco DNA Center hostname. |
|
The Cisco DNA Center password to authenticate. |
|
The Cisco DNA Center port. Default: :ansible-option-default:`443` |
|
The Cisco DNA Center username to authenticate. Default: :ansible-option-default:`"admin"` |
|
Flag to enable or disable SSL certificate verification. Choices: |
|
Informs the SDK which version of Cisco DNA Center to use. Default: :ansible-option-default:`"2.3.7.6"` |
|
Egress QOS. |
|
External WebAuth URL (Mandatory for Guest SSIDs with wlanType = Guest, l3AuthType = web_auth and authServer = auth_external). |
|
Fast Transition. |
|
Enable Fast Transition over the Distributed System when set to true. Choices: |
|
2.4 Ghz Band Policy value. Allowed only when 2.4 Radio Band is enabled in ssidRadioType. |
|
True if 6 GHz Policy Client Steering is enabled, else False. Choices: |
|
Id path parameter. SSID ID. |
|
Ingress QOS. |
|
When set to true, the Access Point (AP) Beacon Protection feature is activated, enhancing the security of the network. Choices: |
|
When set to true, the 802.1X authentication key is in use. Choices: |
|
When set to true, the feature that enables 802.1X authentication using the SHA256 algorithm is turned on. Choices: |
|
When set to true, the 802.1X-Plus-FT authentication key is in use. Choices: |
|
When set to true, the feature that enables the use of Easy Pre-shared Key (PSK) authentication is activated. Choices: |
|
When set to true, the Opportunistic Wireless Encryption (OWE) authentication key feature is turned on. Choices: |
|
When set to true, the Pre-shared Key (PSK) authentication feature is enabled. Choices: |
|
When set to true, the feature that enables the combination of Pre-shared Key (PSK) and Fast Transition (FT) authentication keys is activated. Choices: |
|
The feature that allows the use of Pre-shared Key (PSK) authentication with the SHA256 algorithm is enabled when it is set to true. Choices: |
|
When set to true, the feature enabling the Simultaneous Authentication of Equals (SAE) authentication key is activated. Choices: |
|
When set to true, the Simultaneous Authentication of Equals (SAE) Extended Authentication key feature is turned on. Choices: |
|
When set to true, the Simultaneous Authentication of Equals (SAE) combined with Fast Transition (FT) Authentication Key feature is enabled. Choices: |
|
Activating this setting by switching it to true turns on the authentication key feature that supports both Simultaneous Authentication of Equals (SAE) and Fast Transition (FT). Choices: |
|
When set to true, the SuiteB192-1x authentication key feature is enabled. Choices: |
|
When activated by setting it to true, the SuiteB-1x authentication key feature is engaged. Choices: |
|
When activated by setting it to true, the Broadcast SSID feature will make the SSID publicly visible to wireless devices searching for available networks. Choices: |
|
True if CCKM is enabled, else False. Choices: |
|
Set SSID's admin status as 'Enabled' when set to true. Choices: |
|
True if FastLane is enabled, else False. Choices: |
|
True if passphrase is in Hex format, else False. Choices: |
|
When set to true, MAC Filtering will be activated, allowing control over network access based on the MAC address of the device. Choices: |
|
Applicable only for Enterprise SSIDs. When set to True, Posturing will enabled. Required to be set to True if ACL needs to be mapped for Enterprise SSID. Choices: |
|
Deny clients using randomized MAC addresses when set to true. Choices: |
|
Default is L3 Authentication Type if exists else None. |
|
Default is Management Frame Protection Client if exists else Optional. |
|
Sites Wireless Settings Ssids's multiPSKSettings. |
|
Passphrase needs to be between 8 and 63 characters for ASCII type. HEX passphrase needs to be 64 characters. |
|
Passphrase Type(default ASCII). |
|
Priority. |
|
Pre-Defined NAS Options AP ETH Mac Address, AP IP address, AP Location , AP MAC Address, AP Name, AP Policy Tag, AP Site Tag, SSID, System IP Address, System MAC Address, System Name. |
|
The Neighbor List feature is enabled when it is set to true. Choices: |
|
Open SSID which is already created in the design and not associated to any other OPEN-SECURED SSID. |
|
Passphrase (Only applicable for SSID with PERSONAL security level). Passphrase needs to be between 8 and 63 characters for ASCII type. HEX passphrase needs to be 64 characters. |
|
WLAN Profile Name, if not passed autogenerated profile name will be assigned. The same wlanProfileName will also be used for policyProfileName. |
|
(REQUIRED is applicable for authType WPA3_PERSONAL, WPA3_ENTERPRISE, OPEN_SECURED) and (OPTIONAL/REQUIRED is applicable for authType WPA2_WPA3_PERSONAL and WPA2_WPA3_ENTERPRISE). |
|
RemoveOverrideInHierarchy query parameter. Remove override in hierarchy. Refer Feature tab for details. Choices: |
|
When set to true, the Robust Security Network (RSN) Cipher Suite CCMP128 encryption protocol is activated. Choices: |
|
When set to true, the Robust Security Network (RSN) Cipher Suite CCMP256 encryption protocol is activated. Choices: |
|
When set to true, the Robust Security Network (RSN) Cipher Suite GCMP128 encryption protocol is activated. Choices: |
|
When set to true, the Robust Security Network (RSN) Cipher Suite GCMP256 encryption protocol is activated. Choices: |
|
This denotes the allotted time span, expressed in seconds, before a session is automatically terminated due to inactivity. Default sessionTimeOut is 1800. |
|
Turn on the feature that imposes a time limit on user sessions. Choices: |
|
SiteId path parameter. Site UUID of Global site. |
|
When set to true, this will activate the timeout settings that apply to clients in sleep mode. Choices: |
|
This refers to the amount of time, measured in minutes, before a sleeping (inactive) client is timed out of the network. Default is Sleeping Client Timeout if exists else 720. |
|
Name of the SSID. |
|
Radio Policy Enum (default Triple band operation(2.4GHz, 5GHz and 6GHz)). |
|
Flag for Cisco DNA Center SDK to enable the validation of request bodies against a JSON schema. Choices: |
|
When set to true, the Web-Passthrough feature will be activated for the Guest SSID, allowing guests to bypass certain login requirements. Choices: |
|
Band select is allowed only when band options selected contains at least 2.4 GHz and 5 GHz band else false. Choices: |
|
Wlan Type. |
Notes
Note
SDK Method used are wireless.Wireless.create_ssid_v1, wireless.Wireless.delete_ssid_v1, wireless.Wireless.update_ssid_v1,
Paths used are post /dna/intent/api/v1/sites/{siteId}/wirelessSettings/ssids, delete /dna/intent/api/v1/sites/{siteId}/wirelessSettings/ssids/{id}, put /dna/intent/api/v1/sites/{siteId}/wirelessSettings/ssids/{id},
It should be noted that this module is an alias of sites_wireless_settings_ssids_v1
Does not support
check_modeThe plugin runs on the control node and does not use any ansible connection plugins, but instead the embedded connection manager from Cisco DNAC SDK
The parameters starting with dnac_ are used by the Cisco DNAC Python SDK to establish the connection
See Also
See also
- Cisco DNA Center documentation for Wireless CreateSSIDV1
Complete reference of the CreateSSIDV1 API.
- Cisco DNA Center documentation for Wireless DeleteSSIDV1
Complete reference of the DeleteSSIDV1 API.
- Cisco DNA Center documentation for Wireless UpdateSSIDV1
Complete reference of the UpdateSSIDV1 API.
Examples
- name: Create
cisco.dnac.sites_wireless_settings_ssids:
dnac_host: "{{dnac_host}}"
dnac_username: "{{dnac_username}}"
dnac_password: "{{dnac_password}}"
dnac_verify: "{{dnac_verify}}"
dnac_port: "{{dnac_port}}"
dnac_version: "{{dnac_version}}"
dnac_debug: "{{dnac_debug}}"
state: present
aaaOverride: true
acctServers:
- string
aclName: string
authServer: string
authServers:
- string
authType: string
basicServiceSetClientIdleTimeout: 0
basicServiceSetMaxIdleEnable: true
cckmTsfTolerance: 0
clientExclusionEnable: true
clientExclusionTimeout: 0
clientRateLimit: 0
coverageHoleDetectionEnable: true
directedMulticastServiceEnable: true
egressQos: string
externalAuthIpAddress: string
fastTransition: string
fastTransitionOverTheDistributedSystemEnable: true
ghz24Policy: string
ghz6PolicyClientSteering: true
ingressQos: string
isApBeaconProtectionEnabled: true
isAuthKey8021x: true
isAuthKey8021xPlusFT: true
isAuthKey8021x_SHA256: true
isAuthKeyEasyPSK: true
isAuthKeyOWE: true
isAuthKeyPSK: true
isAuthKeyPSKPlusFT: true
isAuthKeyPSKSHA256: true
isAuthKeySae: true
isAuthKeySaeExt: true
isAuthKeySaeExtPlusFT: true
isAuthKeySaePlusFT: true
isAuthKeySuiteB1921x: true
isAuthKeySuiteB1x: true
isBroadcastSSID: true
isCckmEnabled: true
isEnabled: true
isFastLaneEnabled: true
isHex: true
isMacFilteringEnabled: true
isPosturingEnabled: true
isRandomMacFilterEnabled: true
l3AuthType: string
managementFrameProtectionClientprotection: string
multiPSKSettings:
- passphrase: string
passphraseType: string
priority: 0
nasOptions:
- string
neighborListEnable: true
openSsid: string
passphrase: string
profileName: string
protectedManagementFrame: string
rsnCipherSuiteCcmp128: true
rsnCipherSuiteCcmp256: true
rsnCipherSuiteGcmp128: true
rsnCipherSuiteGcmp256: true
sessionTimeOut: 0
sessionTimeOutEnable: true
siteId: string
sleepingClientEnable: true
sleepingClientTimeout: 0
ssid: string
ssidRadioType: string
webPassthrough: true
wlanBandSelectEnable: true
wlanType: string
- name: Update by id
cisco.dnac.sites_wireless_settings_ssids:
dnac_host: "{{dnac_host}}"
dnac_username: "{{dnac_username}}"
dnac_password: "{{dnac_password}}"
dnac_verify: "{{dnac_verify}}"
dnac_port: "{{dnac_port}}"
dnac_version: "{{dnac_version}}"
dnac_debug: "{{dnac_debug}}"
state: present
aaaOverride: true
acctServers:
- string
aclName: string
authServer: string
authServers:
- string
authType: string
basicServiceSetClientIdleTimeout: 0
basicServiceSetMaxIdleEnable: true
cckmTsfTolerance: 0
clientExclusionEnable: true
clientExclusionTimeout: 0
clientRateLimit: 0
coverageHoleDetectionEnable: true
directedMulticastServiceEnable: true
egressQos: string
externalAuthIpAddress: string
fastTransition: string
fastTransitionOverTheDistributedSystemEnable: true
ghz24Policy: string
ghz6PolicyClientSteering: true
id: string
ingressQos: string
isApBeaconProtectionEnabled: true
isAuthKey8021x: true
isAuthKey8021xPlusFT: true
isAuthKey8021x_SHA256: true
isAuthKeyEasyPSK: true
isAuthKeyOWE: true
isAuthKeyPSK: true
isAuthKeyPSKPlusFT: true
isAuthKeyPSKSHA256: true
isAuthKeySae: true
isAuthKeySaeExt: true
isAuthKeySaeExtPlusFT: true
isAuthKeySaePlusFT: true
isAuthKeySuiteB1921x: true
isAuthKeySuiteB1x: true
isBroadcastSSID: true
isCckmEnabled: true
isEnabled: true
isFastLaneEnabled: true
isHex: true
isMacFilteringEnabled: true
isPosturingEnabled: true
isRandomMacFilterEnabled: true
l3AuthType: string
managementFrameProtectionClientprotection: string
multiPSKSettings:
- passphrase: string
passphraseType: string
priority: 0
nasOptions:
- string
neighborListEnable: true
openSsid: string
passphrase: string
profileName: string
protectedManagementFrame: string
rsnCipherSuiteCcmp128: true
rsnCipherSuiteCcmp256: true
rsnCipherSuiteGcmp128: true
rsnCipherSuiteGcmp256: true
sessionTimeOut: 0
sessionTimeOutEnable: true
siteId: string
sleepingClientEnable: true
sleepingClientTimeout: 0
ssid: string
ssidRadioType: string
webPassthrough: true
wlanBandSelectEnable: true
wlanType: string
- name: Delete by id
cisco.dnac.sites_wireless_settings_ssids:
dnac_host: "{{dnac_host}}"
dnac_username: "{{dnac_username}}"
dnac_password: "{{dnac_password}}"
dnac_verify: "{{dnac_verify}}"
dnac_port: "{{dnac_port}}"
dnac_version: "{{dnac_version}}"
dnac_debug: "{{dnac_debug}}"
state: absent
id: string
removeOverrideInHierarchy: true
siteId: string
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
|---|---|
A dictionary or list with the response returned by the Cisco DNAC Python SDK Returned: always Sample: :ansible-rv-sample-value:`{"response": {"taskId": "string", "url": "string"}, "version": "string"}` |