cancel
Showing results for 
Search instead for 
Did you mean: 

NAC Automation

NAC Automation

michael_klaus
New Contributor III

Hello

I’m on a NAC Project with about 400-500 NAC Rules.  To configure all of them manually it’s a real pain. What possibilities of automation are available? 

Following tasks I’d like to automate:

  • vlan creation
  • Create NAC Rules
  • Create NAC Profile and assigns accespt Policy

 

For the following Tasks I found a solution for automation:

  • location Groups => can be done via CSV import
  • End System Groups => can be done via CSV import
  • Policy Mapping => Can be imported from CSV via legacy 

 

Unfortunately, the API does not support a lot of configuration Tasks. Does anyone have an idea if there is another way to automate this steps?

 

best regards
Michael

1 REPLY 1

Miguel-Angel_RO
Valued Contributor II

Michael,

 

The only option available is createGroupRuleProfilePolicy but is is quite limited in flexibility.

Here the code from XMC_NBI:

def createGroupRuleProfilePolicy(self, group_name: str, vlanId: int, vlanName: str, cfgDomain: str = 'Default'):
'''create NAC group, rule, profile, policy'''

query = '''
mutation {
accessControl {
createDCMVirtualAndPhysicalNetwork(input: {
vlanName: "<VLAN-NAME>"
primaryVlanId: <VLAN-ID>
name: "<GROUP>"
nacConfig: "<CONFIG-DOMAIN>"
}) {
status
message
}
}
}

 

Mig

GTM-P2G8KFN