Solved: Re: LMS 3.2 Compliance Template syntax help

barkerc123c · ‎11-03-2011

I want to add the command "no logging event link-status" to all switchport mode access ports EXCEPT for the ones with the following switchport access vlans: 4022,4032,4042,4052,4072 & 4082. How do I create a compliance template to do this?

LMS 3.2, RME 4.3.1

Joe Clarke · ‎11-03-2011

Try this pattern for the prereq:

+ switchport access vlan [#(?!(4022|4032|4042|4052|4072|4082)).*#]

View solution in original post

Joe Clarke · ‎11-03-2011

Try this:

Name: VlanPrereq

IsPrereq: Yes

Sub-mode: interface [#(Fast|Gigabit)Ethernet#]

Body:

+ switchport access vlan [#(?!(4022|4032|4042|4052|4072|4082))#]

Name: DeployLinkStatus

Prereq: VlanPrereq

Parent: VlanPrereq

Body:

+ no logging event link-status

barkerc123c · ‎11-03-2011

Tried it & it didn't work. Here is a sample config of the ports. Command should not deploy on ports fa1 & 3 & gi1 but should deploy on fa2,4-8.

interface FastEthernet0/1

description NetOps Data/VoIP

switchport access vlan 4082

switchport mode access

switchport nonegotiate

switchport voice vlan 4083

snmp trap mac-notification change added

spanning-tree portfast

ip dhcp snooping trust

!

interface FastEthernet0/2

description NetOps Data/VoIP

switchport access vlan 661

switchport mode access

switchport nonegotiate

switchport voice vlan 4083

snmp trap mac-notification change added

spanning-tree portfast

!

interface FastEthernet0/3

switchport trunk encapsulation dot1q

switchport mode trunk

switchport nonegotiate

spanning-tree portfast trunk

spanning-tree bpduguard disable

ip dhcp snooping trust

!

interface FastEthernet0/4

description NetOps Data/VoIP

switchport access vlan 661

switchport mode access

switchport nonegotiate

switchport voice vlan 4083

ip access-group POLICY in

authentication order dot1x mab webauth

authentication port-control auto

authentication fallback WEB_AUTH_PROFILE

mab

snmp trap mac-notification change added

no snmp trap link-status

dot1x pae authenticator

dot1x timeout tx-period 5

no lldp transmit

spanning-tree portfast

!

interface FastEthernet0/5

description NetOps Data

switchport access vlan 661

switchport mode access

switchport nonegotiate

!

interface FastEthernet0/6

description NetOps Data/VoIP

switchport access vlan 661

switchport mode access

switchport nonegotiate

switchport voice vlan 4083

snmp trap mac-notification change added

spanning-tree portfast

!

interface FastEthernet0/7

description VoIP Phone 43170

switchport access vlan 661

switchport mode access

switchport nonegotiate

switchport voice vlan 4083

snmp trap mac-notification change added

!

interface FastEthernet0/8

description Docking Station

switchport access vlan 661

switchport mode access

switchport nonegotiate

switchport voice vlan 4083

snmp trap mac-notification change added

!

interface GigabitEthernet0/1

description Feed from c3750uhs011a fa3/0/30

switchport trunk encapsulation dot1q

switchport mode trunk

switchport nonegotiate

rmon collection history 10101 owner campusmanager buckets 10 interval 300

spanning-tree portfast trunk

spanning-tree bpduguard disable

ip dhcp snooping trust

!

Joe Clarke · ‎11-03-2011

Sorry, typo:

Name: VlanPrereq

IsPrereq: Yes

Sub-mode: interface [#(Fast|Gigabit)Ethernet.*#]

Body:

+ switchport access vlan [#(?!(4022|4032|4042|4052|4072|4082))#]

Name: DeployLinkStatus

Prereq: VlanPrereq

Parent: VlanPrereq

Body:

+ no logging event link-status

barkerc123c · ‎11-03-2011

Now I get CM0152 Prerequisite Commands does not exist in device archive

Joe Clarke · ‎11-03-2011

Try this pattern for the prereq:

+ switchport access vlan [#(?!(4022|4032|4042|4052|4072|4082)).*#]

barkerc123c · ‎11-03-2011

That did it! Thank you!!!