Ansible - 9800 WLCs - cisco.ios.ios_config module and prompts

8uck5nort · ‎06-28-2024

I am trying to develop a role that will turn off the 2.4 and 5 ghz radios and set the desired country codes then turn them back on.

role logic:

- name: Turn off 2.4 and 5 Ghz radios

cisco.ios.ios_config:

lines:

- "ap dot11 24ghz shutdown"

- "ap dot11 5ghz shutdown"

- name: Set Country Codes

cisco.ios.ios_config:

lines:

- "ap country US,MX,CA"

- name: Turn on 2.4 and 5 Ghz radios

cisco.ios.ios_config:

lines:

- "no ap dot11 24ghz shutdown"

- "no ap dot11 5ghz shutdown"

When you shut the radios down you also get a prompt. However, that section seems to work. It is only when trying to set the country code.

Any suggestions?

bigevilbeard · ‎06-29-2024

When you shut down the radios, you might be taken out of the configuration context where the ap country command is valid?

Please mark this as helpful or solution accepted to help others
Connect with me https://bigevilbeard.github.io

8uck5nort · ‎06-30-2024

@bigevilbeard that may be. I am not sure how I would go about determining if that is the case. Up the verbosity on the playbook would be my first inclination.

That playbook was my first attempt. I have done some further research and it appears the the ansible cisco.ios module has some limitations when it comes to operating against a 9800 controller instead of a catalyst switch.

In full disclosure I am just beginning my automation journey so take my code samples in that context. Having said that my research has lead me using the ansible.netconf module to perform the same thing. This is what was generated by an AI query so it provides just a generic conceptual playbook. I think I am on the right path, but would like to hear what others have done or offer a different approach.

---

- name: Set country code on Cisco 9800-CL controller

hosts: cisco_controllers

gather_facts: no

tasks:

- name: Disable wireless network

netconf_config:

host: "{{ ansible_host }}"

username: "{{ ansible_user }}"

password: "{{ ansible_password }}"

source_data: |

<rf-network>no rf-network rf-net</rf-network>

</controller>

</mobility>

</wireless>

</config>

- name: Set country code

netconf_config:

host: "{{ ansible_host }}"

username: "{{ ansible_user }}"

password: "{{ ansible_password }}"

source_data: |

</wireless>

</config>

- name: Re-enable wireless network

netconf_config:

host: "{{ ansible_host }}"

username: "{{ ansible_user }}"

password: "{{ ansible_password }}"

source_data: |

<rf-network>rf-network rf-net</rf-network>

</controller>

</mobility>

</wireless>

</config>

bigevilbeard · ‎06-30-2024

I’m not 100% as never ran this on WLC, but thought it would like this (I’m on my phone excuse the formatting)

- name: Configure Country Code and Radio Settings
hosts: cisco_devices
connection: network_cli
gather_facts: false

tasks:
- name: Turn off 2.4 and 5 GHz radios
cisco.ios.ios_config:
lines:
- "ap dot11 24ghz shutdown"
- "ap dot11 5ghz shutdown"

- name: Set Country Codes
cisco.ios.ios_config:
lines:
- "config t" # Enter global config mode
- "ap country US,MX,CA" # Set country codes

- name: Turn on 2.4 and 5 GHz radios (Ensure correct CLI context)
cisco.ios.ios_config:
lines:
- "config t" # Enter global config mode (again, just in case)
- "no ap dot11 24ghz shutdown"
- "no ap dot11 5ghz shutdown"

I’ve not considered the netconf way, looks good tho. Great that you're exploring different options and learning through your automation journey

Please mark this as helpful or solution accepted to help others
Connect with me https://bigevilbeard.github.io

8uck5nort · ‎07-09-2024

Update. I did get the ansible.netcommon.netconf-config module to work. I never could get the cisco.ios.ios_config module to work. When it comes to configuring the 9800 wireless side it will take some creative thinking. Or at least that is the way it appears at this point in the journey. Anway for those that are interested here is the playbook/role that worked. You can use it either way with a little modification. I learned a lot. Crafting the xml from the yang model was the hardest part and took the longest. I ended up making configuration changes and inspecting the xml on an unconfigured device and then pulled the xml off an already configured 9800 WLC and used notepad++ to diff and compare. I was able to discern the changes in the two xmls and build out the changes. It was cumbersome but it worked. If anyone has any suggestions to improve the role or the xml build process, I would be grateful.

---

# This is a DevTest Role. It is not approved for Production Use!

# This role configures the bypass day 0 on a 9800 device.

- name: Disable 2.4 Ghz wireless network

ansible.netcommon.netconf_config:

content: |

<dot11-cfg-data xmlns="http://cisco.com/ns/yang/Cisco-IOS-XE-wireless-dot11-cfg">

<dot11-entries>

<dot11-entry>

<apf-network-state>false</apf-network-state>

</dot11-entry>

</dot11-entries>

</dot11-cfg-data>

</config>

- name: Disable 2.4 Ghz wireless network

ansible.netcommon.netconf_config:

content: |

<dot11-cfg-data xmlns="http://cisco.com/ns/yang/Cisco-IOS-XE-wireless-dot11-cfg">

<dot11-entries>

<dot11-entry>

<apf-network-state>false</apf-network-state>

</dot11-entry>

</dot11-entries>

</dot11-cfg-data>

</config>

- name: Set country codes

ansible.netcommon.netconf_config:

content: |

<apf-cfg-data xmlns="http://cisco.com/ns/yang/Cisco-IOS-XE-wireless-apf-cfg">

<apf>

<dot11-country-code>US,MX,CA</dot11-country-code>

</apf>

</apf-cfg-data>

</config>

- name: Re-enable 5ghz wireless network

ansible.netcommon.netconf_config:

content: |

<dot11-cfg-data xmlns="http://cisco.com/ns/yang/Cisco-IOS-XE-wireless-dot11-cfg">

<dot11-entries>

<dot11-entry>

<apf-network-state>true</apf-network-state>

</dot11-entry>

</dot11-entries>

</dot11-cfg-data>

</config>

- name: Re-enable 2.4ghz wireless network

ansible.netcommon.netconf_config:

content: |

<dot11-cfg-data xmlns="http://cisco.com/ns/yang/Cisco-IOS-XE-wireless-dot11-cfg">

<dot11-entries>

<dot11-entry>

<apf-network-state>true</apf-network-state>

</dot11-entry>

</dot11-entries>

</dot11-cfg-data>

</config>

Marcel Zehnder · ‎07-15-2024

Hi @8uck5nort
For all devices running recent XE code (including WLC), NETCONF is my preferred API. Regarding the payload/XML build process, have a look at yangsuite; it simplifies the process tremendously.