We are looking for an easy way for our security department to shut end user interfaces (mostly fa, some gi). previously we've done this with home-grown scripts and I've been asked if LMS could do this easily.
so ideally, the security department would have to select the "shut interface" job, select the device, and tell it what port to shut. I'd rather create a template that only works on end user switches (3750-g-e-x, 2950,3560 etc. NOT 6500, blade switches, routers, etc.)
From what I've tried, I could only hard set (int fa1/0/1 ->shut) the interface in the job. is there a way I could create a basic shut template that prompts the user what port to shut (or put on a black-hole vlan)?
Or, is there another way to do this aside from a netconfig job?
*various credentials (already created different credential sets so this is OK)
*security department should not have permission to shut trunks
*we would like to restrict access to the security team from the rest of LMS
*lms 3.2 patched up to date
*switches running snmp2 RO only
*lms could telnet/ssh to devices
*dev stage of deploying snmpv3
*local authorization (non-ACS), TACACS authentication with local fallback
I have been working on this exact issue on another thread: https://supportforums.cisco.com/message/3200456#3200456 . I also have LMS and haven't found a way to do this through ciscoworks but I am currently trying to the the EEM route. The script I am trying to run monitors ports that show not connected due to users turning off their machines, unplugging their machines etc and shuts down after a period of time that you prefer. The guy I'm working with is very helpful, I don't know if this is a route you wan't to take but it might be worth taking a look at.
Cisco DNA Center version 2.2.2.x includes the features and improvements that
New intelligence provides an easy, gradual, and complete adoption of SD-Access. Faster Cisco DNA Center set-up saves time and effort.
When using Cisco cellular modules with a SIM card an APN must be provided. The APN cannot be stored in the SIM card and is supplied by your SIM card provider. Cisco cellular software contains a database of well-known APNs based on the country and ...
Cisco 3850: IOS-XE/Firmware Upgrade
This procedure is aimed at Cisco 3850 switch ONLY.
IOS-XE Bundle Mode is not covered.
9300, 9500 (vanilla & high-performance), ISR 1k, ISR 4k and ASR is not covered.
Listen: https://smarturl.it/CCRS8E46Follow us: twitter.com/ciscochampionsIt’s been several years since the release of Cisco DNA Center, and it’s matured into a complete network management system, an automation and orchestration engine, an AI/ML analy...
The 2021 IT Blog Awards, hosted by Cisco, is now open for submissions. Submit your blog, vlog or podcast today. For more information, including category details, the process, past winners and FAQs, check out: https://www.cisco.com/c/en/us/t...