Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1929
Views
10
Helpful
2
Replies

Ansible yml configuration for radius server on cisco ios

Go to solution
FPerroneUru
Level 1
Level 1

‎12-15-2021 04:43 AM

Hello, I need help to configure a line of code regarding the configuration of radius server in cisco ios.

my current line is: radius-server host "IP" auth-port 1812 acct-port 1813 key 7 xxxxx where "xxxxx" is a dinamic line.
I need to make no (current line) where a part (xxxxx) is dynamic changes for all devices.
On the other hand then I need to change the ip address, that's why I have to save xxxxx in a variable.

 

summary of what I want to do:

no radius-server host "IP" auth-port 1812 acct-port 1813 key 7 xxxxx

radius-server host "OTHER IP" auth-port 1812 acct-port 1813 key 7 xxxxx

 

where xxxxx is different for all devices.

 

Thanks a lot

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
bigevilbeard
VIP
VIP

‎12-15-2021 06:57 AM

@FPerroneUru you can use  Ansible has a flexible inventory system https://docs.ansible.com/ansible/latest/user_guide/intro_inventory.html   that pulls data from various sources to feed your models. The list of devices and the key/value pairs that are used to configure those devices are combined into the specific group of facts in each device’s context. You could do something like

 

- name: RADUIS SET UP
  hosts: cisco
  gather_facts: no
  connection: network_cli
  tasks:

    - name: SET  RADUIS
      ios_config:
        commands:
          -radius-server host {{"OTHER IP"}} auth-port 1812 acct-port 1813 key 7 {{"KEY ONE"}}

This doc will show you how to build the correct inventory file  https://docs.ansible.com/ansible/latest/user_guide/intro_inventory.html

 

Hope this helps.

Please mark this as helpful or solution accepted to help others
Connect with me https://bigevilbeard.github.io

View solution in original post

2 Replies 2

Go to solution
bigevilbeard
VIP
VIP

‎12-15-2021 06:57 AM

@FPerroneUru you can use  Ansible has a flexible inventory system https://docs.ansible.com/ansible/latest/user_guide/intro_inventory.html   that pulls data from various sources to feed your models. The list of devices and the key/value pairs that are used to configure those devices are combined into the specific group of facts in each device’s context. You could do something like

 

- name: RADUIS SET UP
  hosts: cisco
  gather_facts: no
  connection: network_cli
  tasks:

    - name: SET  RADUIS
      ios_config:
        commands:
          -radius-server host {{"OTHER IP"}} auth-port 1812 acct-port 1813 key 7 {{"KEY ONE"}}

This doc will show you how to build the correct inventory file  https://docs.ansible.com/ansible/latest/user_guide/intro_inventory.html

 

Hope this helps.

Please mark this as helpful or solution accepted to help others
Connect with me https://bigevilbeard.github.io

Go to solution
FPerroneUru
Level 1
Level 1
In response to bigevilbeard

‎12-16-2021 06:20 AM

Thank you very much! My solution my solution was to write "key" without encryption and then tell the cisco device to encrypt them in key7.

Previously using a reverse of the previous encrypted password.

 

For example:

reverse of xxxxx = "ThisIsMyKey"

no radius-server host {{"OLDER IP"}} auth-port 1812 acct-port 1813

(the previous line deletes the entire line with the key included)

radius-server host "OTHER IP" auth-port 1812 acct-port 1813 key 7 "ThisIsMyKey"

Now when executing "sh run | include radius" i see "ThisIsMyKey" escrypted.

Customers Also Viewed These Support Documents