Model for managing global dot11 parameters Copyright (c) 2016-2021 by Cisco Systems, Inc. All rights reserved.
Version: 2021-07-01
module Cisco-IOS-XE-wireless-apf-cfg { yang-version 1; namespace "http://cisco.com/ns/yang/Cisco-IOS-XE-wireless-apf-cfg"; prefix wireless-apf-cfg; import Cisco-IOS-XE-wireless-enum-types { prefix wireless-enum-types; } import Cisco-IOS-XE-wireless-types { prefix wireless-types; } import cisco-semver { prefix cisco-semver; } organization "Cisco Systems, Inc."; contact "Cisco Systems, Inc. Customer Service Postal: 170 W Tasman Drive San Jose, CA 95134 Tel: +1 1800 553-NETS E-mail: cs-yang@cisco.com"; description "Model for managing global dot11 parameters Copyright (c) 2016-2021 by Cisco Systems, Inc. All rights reserved."; revision "2021-07-01" { description "- Added default wireless password policy configuration - Added configuration for AP tags persistence - Added configuration for 6Ghz client steering - Added configuration for Secure RRM"; reference "8.1.0"; } revision "2021-03-01" { description "- Add ASCII 32-126 and leading/trailing spaces restriction for RF network name - Added method list for MAC and serial number authorization"; reference "8.0.0"; } revision "2020-11-01" { description "- Modified the range for leaf nodes balancing-window and xor-roam-min-client-count - Added priming controller configuration - Added configuration for FRA Freeze"; reference "7.0.0"; } revision "2020-07-01" { description "- Added configuration for AP audit reporting - Added configuration for calling id used in AP authorization - Added configuration for client roaming across different policy profiles"; reference "6.2.0"; } revision "2020-03-01" { description "- Added tri-radio-mode - Support to enable detailed client syslogs"; reference "6.1.0"; } revision "2019-06-02" { description "- Updated constraint for xor-roam-probe-suppress-op-mode configuration. - Add locally-administered-mac. - Added semantic version - Update the default values as per WLC configuration best practice"; reference "6.0.0"; } revision "2019-03-18" { description "- Add led-brightness-level - Cleaned up spelling errors in descriptions. - Default configuration for FRA is changed from Disable to Enable. - Cleaned up unused variables, renamed few appropriately. - Updated name for leaf nodes from SIP prefered call data - Restrict values for fra-service-priority"; reference "5.0.0"; } revision "2018-08-13" { description "- Add FRA sensor support - name changed for blacklist flags - Default value of country code changed - SIP prefered call configuration added"; reference "4.0.0"; } revision "2018-05-25" { description "AP auth support with serial number and Client Onboarding Event"; reference "3.0.0"; } revision "2018-01-24" { description "The first generally available version"; reference "2.0.0"; } revision "2017-05-05" { description "Initial revision"; reference "1.0.0"; } cisco-semver:module-version "8.1.0"; cisco-semver:module-version "8.0.0"; cisco-semver:module-version "7.0.0"; cisco-semver:module-version "6.2.0"; cisco-semver:module-version "6.1.0"; cisco-semver:module-version "6.0.0"; cisco-semver:module-version "5.0.0"; cisco-semver:module-version "4.0.0"; cisco-semver:module-version "3.0.0"; cisco-semver:module-version "2.0.0"; cisco-semver:module-version "1.0.0"; grouping st-apf { description "container for apf attributes"; leaf dot11-country-code { type string; default "00"; description "This field configures the country of operation"; } leaf system-mgmt-via-wireless { type boolean; default "false"; description "This field enables management access from wireless clients"; } leaf enable-client-onboarding-event { type boolean; default "false"; description "Enable Client Onboarding Event"; } leaf network-name { type string { pattern '[!-~]([ -~]*[!-~])?'; } default "default"; description "This field sets RF-Network name"; } leaf blacklist-dot1x-timeout { type boolean; default "true"; description "This flag specifies if client should be excluded (blacklisted) if repeated 802.1x Authentication Timeout occurs with a client."; } leaf blacklist-dot1x-auth { type boolean; default "true"; description "This flag specifies if client should be excluded (blacklisted) if repeated 802.1x Authentication Failures occurs with a client."; } leaf blacklist-dot11-assoc { type boolean; default "true"; description "This flag specifies if client should be excluded (blacklisted) if repeated 802.11 Association Failures occurs with a client."; } leaf blacklist-ip-theft { type boolean; default "true"; description "This flag specifies if client should be excluded (blacklisted) if it appears to be reusing an IP Address.(Possible IP Theft)"; } leaf blacklist-web-auth { type boolean; default "true"; description "This flag specifies if client should be excluded (blacklisted) if repeated Web Authentication Failures occurs with a client."; } leaf blacklist-failed-qos-policy { type boolean; default "true"; description "This flag specifies if client should be excluded (blacklisted) due to failed qos policy"; } leaf probe-limit { type uint16 { range "1 .. 100"; } default "2"; description "This value indicates probe request limit"; } leaf probe-interval { type uint16 { range "100 .. 64000"; } default "500"; description "This value indicates probe request interval"; } leaf max-user-logins { type uint32 { range "0 .. 8"; } default "0"; description "This attribute specifies the maximum number of concurrent logins that the switch will allow for a single user. A value 0 implies that there is no restriction on the number of concurrent logins with a single username."; } leaf web-auth-max-retries { type uint8 { range "0 .. 20"; } default "3"; description "Value specifies Maximum number of WebAuth request retries"; } leaf dot1x-eapol-key-max-retries { type uint8 { range "0 .. 4"; } default "2"; description "Value specifies Maximum number of EAPOL key retries"; } leaf dot1x-eapol-key-timeout { type uint32 { range "200 .. 5000"; } default "1000"; description "value specify EAPOL key retransmission timeout in milliseconds"; } leaf dot1x-eap-id-request-retries { type uint8 { range "1 .. 20"; } default "2"; description "Value specify maximum number of EAP ID request retransmissions"; } leaf dot1x-eap-id-request-timeout { type uint8 { range "1 .. 120"; } default "30"; description "Value specify EAP ID request-timeout value in seconds"; } leaf dot1x-eap-request-max-retries { type uint8 { range "0 .. 20"; } default "2"; description "Maximum number of EAP request retransmissions"; } leaf dot1x-eap-request-timeout { type uint8 { range "1 .. 120"; } default "30"; description "EAP request retransmission timeout value in seconds"; } leaf dot1x-eap-broadcast-interval { type uint32 { range "120 .. 86400"; } default "3600"; description "EAP-broadcast key renew interval time in seconds"; } leaf probe-filter { type boolean; default "true"; description "Configure filtering of probe requests from AP"; } leaf assisted-roam-floor-bias { type uint16 { range "5 .. 25"; } default "15"; description "Configures RSSI bias default for same floor APs"; } leaf assisted-roam-max-denial { type uint16 { range "1 .. 10"; } default "5"; description "Configures maximum number of times for association denial"; } leaf assisted-roam-min-prediction { type uint16 { range "2 .. 6"; } default "3"; description "Configures minimum number of optimized APs for assisted-roaming prediction to work"; } container sip-pref-call-data-entry { description "SIP preferred call database"; list sip-pref-call-data { key "call-index"; description "SIP preferred call data"; uses wireless-apf-cfg:sip-preferred-call-data; } // list sip-pref-call-data } // container sip-pref-call-data-entry leaf spam-authorize-aps-mac { type boolean; default "false"; description "Configures an AP authorization policy with mac"; } leaf spam-authorize-aps-serial-num { type boolean; default "false"; description "Configures an AP authorization policy with serial number"; } leaf spam-authorize-aps-method-list { type string { length "0..32"; } default "default"; description "Configures an AP authorization policy with specified method list"; } leaf dot1x-login-count-check { type boolean; description "Configure to ignore the same username count reaching max in the EAP identity response"; } leaf dedicated-to-xor-rssi-threshold { type int8 { range "-128 .. 0"; } default "-55"; description "Configures macro to micro transition RSSI"; } leaf xor-to-dedicated-rssi-threshold { type int8 { range "-128 .. 0"; } default "-65"; description "Configures micro-macro client load balancing window"; } leaf xor-roam-min-client-count { type uint16 { range "0 .. 200"; } default "3"; description "Configures macro-micro minimum client count for transition"; } leaf balancing-window { type uint16 { range "0 .. 200"; } default "3"; description "Configures micro-macro client load balancing window"; } leaf xor-probe-suppress-hysteresis { type int8 { range "-6 .. -3"; } default "-6"; description "Configures probe cycles to be suppressed[ RSSI in dBm]"; } leaf xor-roam-probe-suppress-op-mode { type wireless-enum-types:enm-apf-xor-roam-probe-suppression; must "(../xor-roam-probe-suppress-op-mode = 'apf-xor-suppress-opmode-disabled' or ../xor-roam-probe-suppress-op-mode = 'apf-xor-suppress-opmode-probe-suppress' or ../xor-roam-probe-suppress-op-mode = 'apf-xor-suppress-opmode-authprobe-suppress')" { error-message "micro-Macro probe suppression mode must be one of the following: 1. apf-xor-suppress-opmode-disabled 2. apf-xor-suppress-opmode-probe-suppress 3. apf-xor-suppress-opmode-authprobe-suppress"; error-app-tag "must-violation"; } default "apf-xor-suppress-opmode-disabled"; description "Configures micro-Macro probe suppression arguments"; } leaf xor-probe-suppress-aggression { type uint8 { range "0 .. 255"; } default "3"; description "Configures probe cycles to be suppressed [Number of cycles]"; } leaf fra-state { type boolean; default "false"; description "Enable/Disable Fra on all Cisco APs"; } leaf fra-interval { type uint32 { range "1 .. 24"; } default "1"; description "Configure Fra Interval in hours"; } leaf fra-sensitivity { type wireless-types:enm-fra-sensitivity; default "fra-sensitivity-medium"; description "Configure FRA Coverage Overlap Sensitivity"; } leaf fra-service-priority { type wireless-types:enm-fra-service-priority; must "((current() = 'fra-service-priority-coverage') or (current() = 'fra-service-priority-service-assurance'))" { error-message "FRA service priority should be either coverage or service assurance"; error-app-tag "must-violation"; } default "fra-service-priority-coverage"; description "Configure FRA Service Priority"; } leaf fra-sensor-threshold { type wireless-types:enm-fra-sensor-coverage-profile; default "fra-sensor-coverage-client-priority"; description "Configure FRA Sensor Threshold"; } leaf led-brightness-level { type uint8 { range "1 .. 8"; } default "1"; description "Configure AP LED brightness level. On modifying the global configuration, All AP's supporting LED brightness will be configured with global configured value. Represents following values. 1 - 8 LED brightness level."; } leaf locally-administered-mac { type boolean; default "false"; description "Enable the reporting of the probes from clients using locally administered MAC address"; } leaf tri-radio-mode { type boolean; default "false"; description "Tri radio mode configuration: False - tri-radio mode is disabled True - tri-radio mode is enabled"; } leaf enable-client-syslog-detailed { type boolean; default "false"; description "Enable Client Detailed syslogs"; } leaf spam-authorize-aps-calling-id { type boolean; description "Configures an AP authorization policy using the calling id"; } leaf ap-audit-report { type boolean; default "false"; description "AP audit report configuration: False - AP audit reporting disabled True - AP audit reporting enabled"; } leaf ap-audit-report-interval { type uint16; units "minutes"; must "((current() >= 10) and (current() <= 43200))" { error-message "AP Audit report interval range should be within 10-43200"; error-app-tag "must-violation"; } default "1440"; description "AP audit reporting interval"; } leaf vlan-persistent { type boolean; default "false"; description "Enable client roaming across different policy profiles"; } leaf is-priming-ctrlr { type boolean; description "Enable/disable this controller as priming controller"; } leaf fra-freeze { type boolean; default "false"; description "Enable/Disable FRA Freeze on all Cisco APs"; } leaf mac-mlist { type string { length "0..32"; } default ""; description "Method list for AP MAC authorization"; } leaf serial-no-mlist { type string { length "0..32"; } default ""; description "Method list for AP serial number authorization"; } leaf pwd-pol-def { type boolean; default "false"; description "Enable/disable default wireless password policy"; } leaf client-steering-cnt { type uint8 { range "0 .. 200"; } default "3"; description "Minimum number of clients for 6Ghz client steering"; } leaf client-steering-win-size { type uint8 { range "0 .. 200"; } default "3"; description "Minimum 2.4/5Ghz to 6Ghz client count difference to steer client"; } leaf client-steering-util-thres { type uint8 { range "0 .. 100"; } units "percentage"; default "20"; description "Maximum 2.4/5Ghz to 6Ghz channel utilization difference to steer client"; } leaf client-steering-rssi-24 { type int8 { range "-70 .. -20"; } units "dBm"; default "-60"; description "Minimum 2.4Ghz received RSSI threshold to steer client"; } leaf client-steering-rssi-5 { type int8 { range "-75 .. -20"; } units "dBm"; default "-65"; description "Minimum 5Ghz received RSSI threshold to steer client"; } leaf tag-persist-enabled { type boolean; default "false"; description "Enable persistent AP tags"; } leaf secure-rrm { type boolean; default "false"; description "Enable/Disable Secure RRM"; } } // grouping st-apf grouping sip-preferred-call-data { description "SIP Preferred call database"; leaf call-index { type uint8 { range "1 .. 6"; } description "Index in database for preferred call number"; } leaf sip-preferred-call-id { type string { length "0..28"; } default ""; description "SIP preferred call number"; } } // grouping sip-preferred-call-data container apf-cfg-data { description "AP functionality configuration data"; container apf { presence "apf"; description "AP functionality configuration"; uses wireless-apf-cfg:st-apf; } // container apf } // container apf-cfg-data } // module Cisco-IOS-XE-wireless-apf-cfg
© 2023 YumaWorks, Inc. All rights reserved.