This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

NAC Automation

NAC Automation

michael_klaus
New Contributor III

‎10-21-2020 05:59 AM

Hello

I’m on a NAC Project with about 400-500 NAC Rules.  To configure all of them manually it’s a real pain. What possibilities of automation are available? 

Following tasks I’d like to automate:

  • vlan creation
  • Create NAC Rules
  • Create NAC Profile and assigns accespt Policy

 

For the following Tasks I found a solution for automation:

  • location Groups => can be done via CSV import
  • End System Groups => can be done via CSV import
  • Policy Mapping => Can be imported from CSV via legacy 

 

Unfortunately, the API does not support a lot of configuration Tasks. Does anyone have an idea if there is another way to automate this steps?

 

best regards
Michael

0 Kudos
1 REPLY 1

Miguel-Angel_RO
Valued Contributor II

‎10-21-2020 07:42 AM

Michael,

 

The only option available is createGroupRuleProfilePolicy but is is quite limited in flexibility.

Here the code from XMC_NBI:

def createGroupRuleProfilePolicy(self, group_name: str, vlanId: int, vlanName: str, cfgDomain: str = 'Default'):
'''create NAC group, rule, profile, policy'''

        query = '''
mutation {
  accessControl {
    createDCMVirtualAndPhysicalNetwork(input: {
      vlanName: "<VLAN-NAME>"
      primaryVlanId: <VLAN-ID>
      name: "<GROUP>"
      nacConfig: "<CONFIG-DOMAIN>"
    }) {
      status
      message
    }
  }
}

 

Mig

0 Kudos
li.common.scroll-to.top
GTM-P2G8KFN