Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
559
Views
2
Helpful
2
Replies

ISE 3.2 Patch API to update network device by name not working

Go to solution
rajgar
Level 1
Level 1

‎06-28-2023 06:33 AM

I am trying to update the network device location and type using the PATCH method for the ers/config/networkdevice/name/{name} API endpoint. Please see attached screenshot for details. 

ISE Version:
3.2.0.542

Response below:

 

    "ERSResponse": {
        "operation": "PATCH-patch by name-networkdevice",
        "messages": [
            {
                "title": "Validation Error - Illegal values: [trustsecsettings: sgaNotificationAndUpdates: coaSourceHost must be a valid value of node type Standalone/PPAN/Policy with Session services]",
                "type": "ERROR",
                "code": "Application resource validation exception"
            }
        ],

 

 

 

Preview file
120 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
hslai
Cisco Employee
Cisco Employee

‎07-02-2023 07:25 AM

@rajgar The error is about TrustSec settings so it appears that you had it configured but that caused validation error.

I tried one with RADIUS but no TrustSec settings and was able to update the groups. Here is my test input:

curl  --include  --insecure  --location \
--header 'Content-Type:application/json' \
--header 'Accept: application/json' \
--user $ise_username:$ise_password \
--request PATCH https://$ise_hostname/ers/config/networkdevice/name/PATCH_Test \
--data '
{
  "NetworkDevice" : {
	"NetworkDeviceGroupList" : [
	  "Location#All Locations",
	  "Device Type#All Device Types#TEST",
	  "IPSEC#Is IPSEC Device#No",
	  "Vendors#Vendors",
	  "Deployment Phase#Deployment Phase#test"]
  }
}'

View solution in original post

2 Replies 2

Go to solution
hslai
Cisco Employee
Cisco Employee

‎07-02-2023 07:25 AM

@rajgar The error is about TrustSec settings so it appears that you had it configured but that caused validation error.

I tried one with RADIUS but no TrustSec settings and was able to update the groups. Here is my test input:

curl  --include  --insecure  --location \
--header 'Content-Type:application/json' \
--header 'Accept: application/json' \
--user $ise_username:$ise_password \
--request PATCH https://$ise_hostname/ers/config/networkdevice/name/PATCH_Test \
--data '
{
  "NetworkDevice" : {
	"NetworkDeviceGroupList" : [
	  "Location#All Locations",
	  "Device Type#All Device Types#TEST",
	  "IPSEC#Is IPSEC Device#No",
	  "Vendors#Vendors",
	  "Deployment Phase#Deployment Phase#test"]
  }
}'

Go to solution
rajgar
Level 1
Level 1

‎07-03-2023 05:05 AM

that makes sense. Appreciate sharing a working example. 

0 Helpful
Customers Also Viewed These Support Documents