Home Explore Help
Sign In
MarcusCom
/
ciscolive
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 736794155a
Branches Tags
ciscolive
/
automation
/
cleu-ansible-n9k
/
roles
/
aaa
/
tasks
/
main.yml

main.yml 1.0 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940 
  1. ---
    2. 

  2. - name: Enable TACACS+ feature
    3. 

  3.   nxos_feature:
    4. 

  4.       feature: tacacs+
    5. 

  5.       state: enabled
    6. 

  6.   tags: aaa
    7. 

  7. 

  8. - name: Add TACACS+ hosts
    9. 

  9.   nxos_aaa_server_host:
    10. 

  10.       address: "{{ item.host }}"
    11. 

  11.       encrypt_type: "0"
    12. 

  12.       host_timeout: "{{ tacacs_host_timeout }}"
    13. 

  13.       key: "{{ tacacs_key }}"
    14. 

  14.       server_type: tacacs
    15. 

  15.   with_items: "{{ tacacs_servers }}"
    16. 

  16.   tags: aaa
    17. 

  17. 

  18. - name: Add AAA group server
    19. 

  19.   nxos_config:
    20. 

  20.       lines:
    21. 

  21.           - server {{ item.host }}
    22. 

  22.       parents: aaa group server tacacs+ {{ tacacs_group_name }}
    23. 

  23.   with_items: "{{ tacacs_servers }}"
    24. 

  24.   tags: aaa
    25. 

  25. 

  26. - name: Add additional TACACS+ group config
    27. 

  27.   nxos_config:
    28. 

  28.       lines:
    29. 

  29.           - deadtime 10
    30. 

  30.           - source-interface {{ tacacs_source_interface }}
    31. 

  31.           - use-vrf {{ tacacs_vrf }}
    32. 

  32.       parents: aaa group server tacacs+ {{ tacacs_group_name }}
    33. 

  33.   tags: aaa
    34. 

  34. 

  35. - name: Configure authentication order
    36. 

  36.   nxos_config:
    37. 

  37.       lines:
    38. 

  38.           - aaa authentication login default group {{ tacacs_group_name }} local
    39. 

  39.           - aaa authentication login console none
    40. 

  40.   tags: aaa
    41.