I know we can create Macro's inside the templates using the VTL language, but what if you wanted to create a Macro on the switch so none PRIVI 15 users could add / remove 802.1x authentication as part of troubleshooting, or so that you could easily add / remove auth as part of troubleshooting...
When I try to push as part of the switch provisioning in DNAC I get this error :
Sun Oct 13 2019 15:23:11 GMT-0500 (Central Daylight Time) : Provisioning failed for the template Auth Macros.Message: Unable to push CLI ' Current output : Current expects : TEST-3850' to device 10.1.1.5 using protocol ssh2
I already tried making it interactive so it wouldn't look for the command prompt...
MY VTL Template is :
no macro name hmasecure
!
#INTERACTIVE
macro name hmasecure <IQ>Enter macro commands one per line. End with the character '@'.<R> authentication event fail retry 0 action next-method
authentication event server dead action authorize
authentication event server dead action authorize voice
authentication event server alive action reinitialize
authentication host-mode multi-auth
authentication order dot1x mab
authentication priority dot1x mab
authentication port-control auto
authentication periodic
authentication timer reauthenticate server
authentication timer inactivity server
authentication violation restrict
mab
dot1x pae authenticator
dot1x timeout tx-period 5
dot1x max-reauth-req 1
@
#ENDS_INTERACTIVE
!
Brian S. Turner
CCIE 6145