cisco.dnac.sites_wireless_settings_ssids_v1 module – Resource module for Sites Wireless Settings Ssids V1
Note
This module is part of the cisco.dnac collection (version 6.27.0).
You might already have this collection installed if you are using the ansible
package.
It is not included in ansible-core
.
To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install cisco.dnac
.
You need further requirements to be able to use this module,
see Requirements for details.
To use it in a playbook, specify: cisco.dnac.sites_wireless_settings_ssids_v1
.
New in cisco.dnac 6.15.0
Synopsis
Manage operations create, update and delete of the resource Sites Wireless Settings Ssids V1.
This API allows the user to create an SSID Service Set Identifier at the Global site.
This API allows the user to delete an SSID Service Set Identifier at the global level , if the SSID is not mapped to any Wireless Profile, Or remove override from given site Id .
This API allows the user to update an SSID Service Set Identifier at the given site.
Note
This module has a corresponding action plugin.
Requirements
The below requirements are needed on the host that executes this module.
dnacentersdk >= 2.4.9
python >= 3.5
Parameters
Parameter |
Comments |
---|---|
Activate the AAA Override feature when set to true. Choices:
|
|
List of Accounting server IpAddresses. |
|
Pre-Auth Access Control List (ACL) Name. |
|
Authentication Server, Mandatory for Guest SSIDs with wlanType=Guest and l3AuthType=web_auth. |
|
List of Authentication/Authorization server IpAddresses. |
|
L2 Authentication Type (If authType is not open , then atleast one RSN Cipher Suite and corresponding valid AKM must be enabled). Default is L2 Authentication Type if exists else None. |
|
This refers to the duration of inactivity, measured in seconds, before a client connected to the Basic Service Set is considered idle and timed out. Default is Basic ServiceSet ClientIdle Timeout if exists else 300. |
|
Activate the maximum idle feature for the Basic Service Set. Choices:
|
|
He default value is the Cckm Timestamp Tolerance (in milliseconds, if specified); otherwise, it is 0. |
|
Activate the feature that allows for the exclusion of clients. Choices:
|
|
This refers to the length of time, in seconds, a client is excluded or blocked from accessing the network after a specified number of unsuccessful attempts. Default is Client Exclusion Timeout if exists else 180. |
|
This pertains to the maximum data transfer rate, specified in bits per second, that a client is permitted to achieve. It should be in mutliples of 500. Default is Client Rate Limit if exists else 0. |
|
Activate Coverage Hole Detection feature when set to true. Choices:
|
|
The Directed Multicast Service feature becomes operational when it is set to true. Choices:
|
|
Flag for Cisco DNA Center SDK to enable debugging. Choices:
|
|
The Cisco DNA Center hostname. |
|
The Cisco DNA Center password to authenticate. |
|
The Cisco DNA Center port. Default: |
|
The Cisco DNA Center username to authenticate. Default: |
|
Flag to enable or disable SSL certificate verification. Choices:
|
|
Informs the SDK which version of Cisco DNA Center to use. Default: |
|
Egress QOS. |
|
External WebAuth URL (Mandatory for Guest SSIDs with wlanType = Guest, l3AuthType = web_auth and authServer = auth_external). |
|
Fast Transition. |
|
Enable Fast Transition over the Distributed System when set to true. Choices:
|
|
2.4 Ghz Band Policy value. Allowed only when 2.4 Radio Band is enabled in ssidRadioType. |
|
True if 6 GHz Policy Client Steering is enabled, else False. Choices:
|
|
Id path parameter. SSID ID. |
|
Ingress QOS. |
|
When set to true, the Access Point (AP) Beacon Protection feature is activated, enhancing the security of the network. Choices:
|
|
When set to true, the 802.1X authentication key is in use. Choices:
|
|
When set to true, the feature that enables 802.1X authentication using the SHA256 algorithm is turned on. Choices:
|
|
When set to true, the 802.1X-Plus-FT authentication key is in use. Choices:
|
|
When set to true, the feature that enables the use of Easy Pre-shared Key (PSK) authentication is activated. Choices:
|
|
When set to true, the Opportunistic Wireless Encryption (OWE) authentication key feature is turned on. Choices:
|
|
When set to true, the Pre-shared Key (PSK) authentication feature is enabled. Choices:
|
|
When set to true, the feature that enables the combination of Pre-shared Key (PSK) and Fast Transition (FT) authentication keys is activated. Choices:
|
|
The feature that allows the use of Pre-shared Key (PSK) authentication with the SHA256 algorithm is enabled when it is set to true. Choices:
|
|
When set to true, the feature enabling the Simultaneous Authentication of Equals (SAE) authentication key is activated. Choices:
|
|
When set to true, the Simultaneous Authentication of Equals (SAE) Extended Authentication key feature is turned on. Choices:
|
|
When set to true, the Simultaneous Authentication of Equals (SAE) combined with Fast Transition (FT) Authentication Key feature is enabled. Choices:
|
|
Activating this setting by switching it to true turns on the authentication key feature that supports both Simultaneous Authentication of Equals (SAE) and Fast Transition (FT). Choices:
|
|
When set to true, the SuiteB192-1x authentication key feature is enabled. Choices:
|
|
When activated by setting it to true, the SuiteB-1x authentication key feature is engaged. Choices:
|
|
When activated by setting it to true, the Broadcast SSID feature will make the SSID publicly visible to wireless devices searching for available networks. Choices:
|
|
True if CCKM is enabled, else False. Choices:
|
|
Set SSID’s admin status as ‘Enabled’ when set to true. Choices:
|
|
True if FastLane is enabled, else False. Choices:
|
|
True if passphrase is in Hex format, else False. Choices:
|
|
When set to true, MAC Filtering will be activated, allowing control over network access based on the MAC address of the device. Choices:
|
|
Applicable only for Enterprise SSIDs. When set to True, Posturing will enabled. Required to be set to True if ACL needs to be mapped for Enterprise SSID. Choices:
|
|
Deny clients using randomized MAC addresses when set to true. Choices:
|
|
Default is L3 Authentication Type if exists else None. |
|
Default is Management Frame Protection Client if exists else Optional. |
|
Sites Wireless Settings Ssids’s multiPSKSettings. |
|
Passphrase needs to be between 8 and 63 characters for ASCII type. HEX passphrase needs to be 64 characters. |
|
Passphrase Type(default ASCII). |
|
Priority. |
|
Pre-Defined NAS Options AP ETH Mac Address, AP IP address, AP Location , AP MAC Address, AP Name, AP Policy Tag, AP Site Tag, SSID, System IP Address, System MAC Address, System Name. |
|
The Neighbor List feature is enabled when it is set to true. Choices:
|
|
Open SSID which is already created in the design and not associated to any other OPEN-SECURED SSID. |
|
Passphrase (Only applicable for SSID with PERSONAL security level). Passphrase needs to be between 8 and 63 characters for ASCII type. HEX passphrase needs to be 64 characters. |
|
WLAN Profile Name, if not passed autogenerated profile name will be assigned. The same wlanProfileName will also be used for policyProfileName. |
|
(REQUIRED is applicable for authType WPA3_PERSONAL, WPA3_ENTERPRISE, OPEN_SECURED) and (OPTIONAL/REQUIRED is applicable for authType WPA2_WPA3_PERSONAL and WPA2_WPA3_ENTERPRISE). |
|
RemoveOverrideInHierarchy query parameter. Remove override in hierarchy. Refer Feature tab for details. Choices:
|
|
When set to true, the Robust Security Network (RSN) Cipher Suite CCMP128 encryption protocol is activated. Choices:
|
|
When set to true, the Robust Security Network (RSN) Cipher Suite CCMP256 encryption protocol is activated. Choices:
|
|
When set to true, the Robust Security Network (RSN) Cipher Suite GCMP128 encryption protocol is activated. Choices:
|
|
When set to true, the Robust Security Network (RSN) Cipher Suite GCMP256 encryption protocol is activated. Choices:
|
|
This denotes the allotted time span, expressed in seconds, before a session is automatically terminated due to inactivity. Default sessionTimeOut is 1800. |
|
Turn on the feature that imposes a time limit on user sessions. Choices:
|
|
SiteId path parameter. Site UUID of Global site. |
|
When set to true, this will activate the timeout settings that apply to clients in sleep mode. Choices:
|
|
This refers to the amount of time, measured in minutes, before a sleeping (inactive) client is timed out of the network. Default is Sleeping Client Timeout if exists else 720. |
|
Name of the SSID. |
|
Radio Policy Enum (default Triple band operation(2.4GHz, 5GHz and 6GHz)). |
|
Flag for Cisco DNA Center SDK to enable the validation of request bodies against a JSON schema. Choices:
|
|
When set to true, the Web-Passthrough feature will be activated for the Guest SSID, allowing guests to bypass certain login requirements. Choices:
|
|
Band select is allowed only when band options selected contains at least 2.4 GHz and 5 GHz band else false. Choices:
|
|
Wlan Type. |
Notes
Note
SDK Method used are wireless.Wireless.create_ssid_v1, wireless.Wireless.delete_ssid_v1, wireless.Wireless.update_ssid_v1,
Paths used are post /dna/intent/api/v1/sites/{siteId}/wirelessSettings/ssids, delete /dna/intent/api/v1/sites/{siteId}/wirelessSettings/ssids/{id}, put /dna/intent/api/v1/sites/{siteId}/wirelessSettings/ssids/{id},
Does not support
check_mode
The plugin runs on the control node and does not use any ansible connection plugins, but instead the embedded connection manager from Cisco DNAC SDK
The parameters starting with dnac_ are used by the Cisco DNAC Python SDK to establish the connection
See Also
See also
- Cisco DNA Center documentation for Wireless CreateSSIDV1
Complete reference of the CreateSSIDV1 API.
- Cisco DNA Center documentation for Wireless DeleteSSIDV1
Complete reference of the DeleteSSIDV1 API.
- Cisco DNA Center documentation for Wireless UpdateSSIDV1
Complete reference of the UpdateSSIDV1 API.
Examples
- name: Create
cisco.dnac.sites_wireless_settings_ssids_v1:
dnac_host: "{{dnac_host}}"
dnac_username: "{{dnac_username}}"
dnac_password: "{{dnac_password}}"
dnac_verify: "{{dnac_verify}}"
dnac_port: "{{dnac_port}}"
dnac_version: "{{dnac_version}}"
dnac_debug: "{{dnac_debug}}"
state: present
aaaOverride: true
acctServers:
- string
aclName: string
authServer: string
authServers:
- string
authType: string
basicServiceSetClientIdleTimeout: 0
basicServiceSetMaxIdleEnable: true
cckmTsfTolerance: 0
clientExclusionEnable: true
clientExclusionTimeout: 0
clientRateLimit: 0
coverageHoleDetectionEnable: true
directedMulticastServiceEnable: true
egressQos: string
externalAuthIpAddress: string
fastTransition: string
fastTransitionOverTheDistributedSystemEnable: true
ghz24Policy: string
ghz6PolicyClientSteering: true
ingressQos: string
isApBeaconProtectionEnabled: true
isAuthKey8021x: true
isAuthKey8021xPlusFT: true
isAuthKey8021x_SHA256: true
isAuthKeyEasyPSK: true
isAuthKeyOWE: true
isAuthKeyPSK: true
isAuthKeyPSKPlusFT: true
isAuthKeyPSKSHA256: true
isAuthKeySae: true
isAuthKeySaeExt: true
isAuthKeySaeExtPlusFT: true
isAuthKeySaePlusFT: true
isAuthKeySuiteB1921x: true
isAuthKeySuiteB1x: true
isBroadcastSSID: true
isCckmEnabled: true
isEnabled: true
isFastLaneEnabled: true
isHex: true
isMacFilteringEnabled: true
isPosturingEnabled: true
isRandomMacFilterEnabled: true
l3AuthType: string
managementFrameProtectionClientprotection: string
multiPSKSettings:
- passphrase: string
passphraseType: string
priority: 0
nasOptions:
- string
neighborListEnable: true
openSsid: string
passphrase: string
profileName: string
protectedManagementFrame: string
rsnCipherSuiteCcmp128: true
rsnCipherSuiteCcmp256: true
rsnCipherSuiteGcmp128: true
rsnCipherSuiteGcmp256: true
sessionTimeOut: 0
sessionTimeOutEnable: true
siteId: string
sleepingClientEnable: true
sleepingClientTimeout: 0
ssid: string
ssidRadioType: string
webPassthrough: true
wlanBandSelectEnable: true
wlanType: string
- name: Update by id
cisco.dnac.sites_wireless_settings_ssids_v1:
dnac_host: "{{dnac_host}}"
dnac_username: "{{dnac_username}}"
dnac_password: "{{dnac_password}}"
dnac_verify: "{{dnac_verify}}"
dnac_port: "{{dnac_port}}"
dnac_version: "{{dnac_version}}"
dnac_debug: "{{dnac_debug}}"
state: present
aaaOverride: true
acctServers:
- string
aclName: string
authServer: string
authServers:
- string
authType: string
basicServiceSetClientIdleTimeout: 0
basicServiceSetMaxIdleEnable: true
cckmTsfTolerance: 0
clientExclusionEnable: true
clientExclusionTimeout: 0
clientRateLimit: 0
coverageHoleDetectionEnable: true
directedMulticastServiceEnable: true
egressQos: string
externalAuthIpAddress: string
fastTransition: string
fastTransitionOverTheDistributedSystemEnable: true
ghz24Policy: string
ghz6PolicyClientSteering: true
id: string
ingressQos: string
isApBeaconProtectionEnabled: true
isAuthKey8021x: true
isAuthKey8021xPlusFT: true
isAuthKey8021x_SHA256: true
isAuthKeyEasyPSK: true
isAuthKeyOWE: true
isAuthKeyPSK: true
isAuthKeyPSKPlusFT: true
isAuthKeyPSKSHA256: true
isAuthKeySae: true
isAuthKeySaeExt: true
isAuthKeySaeExtPlusFT: true
isAuthKeySaePlusFT: true
isAuthKeySuiteB1921x: true
isAuthKeySuiteB1x: true
isBroadcastSSID: true
isCckmEnabled: true
isEnabled: true
isFastLaneEnabled: true
isHex: true
isMacFilteringEnabled: true
isPosturingEnabled: true
isRandomMacFilterEnabled: true
l3AuthType: string
managementFrameProtectionClientprotection: string
multiPSKSettings:
- passphrase: string
passphraseType: string
priority: 0
nasOptions:
- string
neighborListEnable: true
openSsid: string
passphrase: string
profileName: string
protectedManagementFrame: string
rsnCipherSuiteCcmp128: true
rsnCipherSuiteCcmp256: true
rsnCipherSuiteGcmp128: true
rsnCipherSuiteGcmp256: true
sessionTimeOut: 0
sessionTimeOutEnable: true
siteId: string
sleepingClientEnable: true
sleepingClientTimeout: 0
ssid: string
ssidRadioType: string
webPassthrough: true
wlanBandSelectEnable: true
wlanType: string
- name: Delete by id
cisco.dnac.sites_wireless_settings_ssids_v1:
dnac_host: "{{dnac_host}}"
dnac_username: "{{dnac_username}}"
dnac_password: "{{dnac_password}}"
dnac_verify: "{{dnac_verify}}"
dnac_port: "{{dnac_port}}"
dnac_version: "{{dnac_version}}"
dnac_debug: "{{dnac_debug}}"
state: absent
id: string
removeOverrideInHierarchy: true
siteId: string
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
---|---|
A dictionary or list with the response returned by the Cisco DNAC Python SDK Returned: always Sample: |