Model for managing RLAN configuration Copyright (c) 2020 by Cisco Systems, Inc. All rights reserved.
Version: 2021-03-01
module Cisco-IOS-XE-wireless-rlan-cfg { yang-version 1; namespace "http://cisco.com/ns/yang/Cisco-IOS-XE-wireless-rlan-cfg"; prefix wireless-rlan-cfg; import Cisco-IOS-XE-wireless-enum-types { prefix wireless-enum-types; } import Cisco-IOS-XE-wireless-types { prefix wireless-types; } import ietf-inet-types { prefix inet; } import cisco-semver { prefix cisco-semver; } organization "Cisco Systems, Inc."; contact "Cisco Systems, Inc. Customer Service Postal: 170 W Tasman Drive San Jose, CA 95134 Tel: +1 1800 553-NETS E-mail: cs-yang@cisco.com"; description "Model for managing RLAN configuration Copyright (c) 2020 by Cisco Systems, Inc. All rights reserved."; revision "2021-03-01" { description "- Add ASCII 32-126 and leading/trailing spaces restriction for remote lan name and remote lan policy name"; reference "2.0.0"; } revision "2020-07-01" { description " - Updated description string from User Private Network to User Defined (Private) Network"; reference "1.2.1"; } revision "2019-11-01" { description "- Added User Private Network configuration. - Added User Private Network configuration for unicast - Added power-level-id config on Remote LAN policy profile"; reference "1.2.0"; } revision "2019-05-01" { description "- Added MDNS mode config on RLAN Profile and MDNS service policy on RLAN Policy. - Added semantic version"; reference "1.1.0"; } revision "2019-01-05" { description "Initial revision"; reference "1.0.0"; } cisco-semver:module-version "2.0.0"; cisco-semver:module-version "1.2.1"; cisco-semver:module-version "1.2.0"; cisco-semver:module-version "1.1.0"; cisco-semver:module-version "1.0.0"; grouping st-split-tunnel { description "Configuration of Split tunnel"; leaf split-tunnel-enabled { type boolean; description "Enable or Disable split tunnel"; } leaf acl-name { type string { length "0..31" { error-message "Invalid string length for ACL name:Valid string has be 0 to 32 characters"; error-app-tag "must-violation"; } } description "ACL in split tunnel"; } leaf split-tunnel-override { type boolean; description "Split tunnel override"; } leaf split-tunnel-gateway { type inet:ip-address; description "Gateway for split tunnel"; } leaf split-tunnel-netmask { type inet:ip-address; description "Netmask for split tunnel"; } } // grouping st-split-tunnel grouping st-multi-domain-vlans { description "Configure voice and data VLAN's"; leaf voice-vlan-id { type uint16; description "Configure voice VLAN ID"; } leaf data-vlan-id { type uint16; description "Configure data VLAN ID"; } } // grouping st-multi-domain-vlans grouping st-flow-monitor { description "Flexible Netflow configuration"; leaf flow-monitor-ingress-name { type string { length "1..32" { error-message "Invalid string length for Wireless flow monitor ingress names:Valid string has be 1 to 32 characters"; error-app-tag "must-violation"; } } must "../../central-switching = 'true' and ../ingress-enable = 'true' " { error-message "RLAN switching policy central-switching and ingress-enable should be enabled when using flow monitors"; error-app-tag "must-violation"; } description "Enable flow monitor on ingress traffic"; } leaf flow-monitor-egress-name { type string { length "1..32" { error-message "Invalid string length for Wireless flow monitor egress names:Valid string has be 1 to 32 characters"; error-app-tag "must-violation"; } } must "../../central-switching = 'true' and ../egress-enable = 'true' " { error-message "RLAN switching policy central-switching and egress-enable should be enabled when using flow monitors"; error-app-tag "must-violation"; } description "Enable flow monitor on egress traffic"; } leaf ingress-enable { type boolean; must "../../central-switching = 'true' and (string-length(../flow-monitor-ingress-name) > 0)" { error-message "RLAN switching policy central-switching should be enabled and ingress-name must be entered when using flow monitors"; error-app-tag "must-violation"; } description "Enable/Disable flow monitor on ingress traffic"; } leaf egress-enable { type boolean; must "../../central-switching = 'true' and (string-length(../flow-monitor-egress-name) > 0)" { error-message "RLAN switching policy central-switching should be enabled and egress-name must be entered when using flow monitors"; error-app-tag "must-violation"; } description "Enable/Disable flow monitor on egress traffic"; } } // grouping st-flow-monitor grouping blacklist-params { description "Set client blacklisting listing on RLAN"; leaf is-blacklist-enabled { type boolean; default "true"; description "Enable/Disable blacklisting"; } leaf blacklist-timeout { type uint32 { range "0 .. 2147483647"; } default "60"; description "Set time the client will be excluded"; } } // grouping blacklist-params grouping upn-config { description "User Defined (Private) Network related configuration"; leaf is-upn-restrict-enable { type boolean; default "false"; description "User Defined (Private) Network status"; } leaf upn-unicast-disable { type boolean; default "false"; description "User Defined (Private) Network Unicast disable status"; } } // grouping upn-config grouping st-rlan-policy-profile-config { description "Remote LAN policy profile"; leaf profile-name { type string { length "1..32" { error-message "Invalid string length for Remote LAN Policy Profile name:Valid string has be 1 to 32 characters"; error-app-tag "must-violation"; } pattern '[!-~]([ -~]*[!-~])?'; } description "Remote LAN Policy Profile Name"; } leaf status { type boolean; default "false"; description "Remote LAN Policy Profile status"; } leaf description { type string; description "Remote LAN Policy Profile Description"; } leaf ipv4-acl { type string { length "0..31" { error-message "Invalid string length for IPv4 ACL name:Valid string has be 0 to 32 characters"; error-app-tag "must-violation"; } } description "Name of IPv4 ACL"; } leaf ipv6-acl { type string { length "0..31" { error-message "Invalid string length for IPv6 ACL name:Valid string has be 0 to 32 characters"; error-app-tag "must-violation"; } } description "Configure the name of IPv6 ACL"; } leaf aaa-override { type boolean; default "false"; description "Enable or Disable AAA override for the global RLAN parameters."; } leaf aaa-policy-name { type string; default "default-aaa-policy"; description "AAA policy name."; } leaf central-switching { type boolean; default "true"; description "Enable or Disable central switching"; } leaf central-dhcp { type boolean; description "Enable or Disable central DHCP"; } leaf interface-name { type string; default "1"; description "Name of the VLAN name for the vlan-acl mapping."; } leaf poe { type boolean; description "Enable or Disable poe"; } leaf host-mode { type wireless-types:enm-host-mode; default "single-host-mode"; description "Configure the host mode for the remote LAN"; } container host-mode-vlans { description "Change the host mode VLAN for the remote LAN"; uses wireless-rlan-cfg:st-multi-domain-vlans; } // container host-mode-vlans leaf violation-mode { type wireless-types:enm-violation-mode; description "Violation mode for the remote LAN."; } container blacklist { description "Configure the blacklist for the remote LAN"; uses wireless-rlan-cfg:blacklist-params; } // container blacklist leaf pre-auth { type boolean; description "Enable or Disable pre_auth"; } leaf session-timeout { type uint32 { range "0 .. 86400"; } default "1800"; description "Configure the session timeout for the remote LAN"; } container flow-monitor-ipv4 { description "Configure the flow monitor IPv4 for the remote LAN"; uses wireless-rlan-cfg:st-flow-monitor; } // container flow-monitor-ipv4 container flow-monitor-ipv6 { description "Configure the flow monitor IPv6 for the remote LAN"; uses wireless-rlan-cfg:st-flow-monitor; } // container flow-monitor-ipv6 container split-tunnel-param { description "Configure the split tunnel for the remote LAN"; uses wireless-rlan-cfg:st-split-tunnel; } // container split-tunnel-param leaf dhcp-server { type inet:ipv4-address; description "Configure DHCP parameters for Remote-LAN"; } leaf is-dhcp-enabled { type boolean; default "false"; description "Configure DHCP enabled for Remote-LAN"; } leaf accounting-list { type string; description "Configure the accounting list for IEEE 802.1x"; } leaf mdns-policy-name { type string; default "default-mdns-service-policy"; description "The Name of MDNS service policy"; } container upn { description "Configure User Defined (Private) Network policies"; uses wireless-rlan-cfg:upn-config; } // container upn leaf power-level-id { type uint8 { range "1 .. 4"; } default "4"; description "Power level for the AP PoE port"; } } // grouping st-rlan-policy-profile-config grouping st-rlan-web-pre-auth-acl { description "Configuration of RLAN Web ACL"; leaf ipv4-acl { type string { length "0..31" { error-message "Invalid string length for IPv4 ACL name:Valid string has be 0 to 32 characters"; error-app-tag "must-violation"; } } description "Configure IPv4 RLAN Web ACL"; } leaf ipv6-acl { type string { length "0..31" { error-message "Invalid string length for IPv6 ACL name:Valid string has be 0 to 32 characters"; error-app-tag "must-violation"; } } description "Configure IPv6 RLAN Web ACL"; } } // grouping st-rlan-web-pre-auth-acl grouping st-rlan-config { description "Configure remote LAN profile"; leaf rlan-id { type uint32 { range "1 .. 128"; } description "Remote LAN Profile Id"; } leaf profile-name { type string { pattern '[!-~]([ -~]*[!-~])?'; } description "Remote LAN Profile Name"; } leaf mac-filtering { type string; description "Mac filtering on remote LAN"; } leaf auth-list { type string; description "Configure auth list on remote LAN"; } leaf security-8021x-dot1x { type boolean; description "Configures 802.1X"; } leaf auth-list-dot1x { type string; description "Configures security web auth"; } leaf security-web-auth { type boolean; description "Configures security web auth"; } leaf local-auth-eap-profile-name { type string; description "Configure the EAP profile on a Remote-LAN"; } leaf local-eap-auth-enabled { type boolean; description "Enable/Disable the EAP profile on a Remote-LAN"; } leaf web-auth-parameter-map { type string; description "Configure parameter map on a Remote-LAN"; } leaf max-associated-clients { type uint32; default "0"; description "Configure maximum client connections per Remote-LAN"; } leaf status { type boolean; default "false"; description "Remote LAN Profile status"; } container web-pre-auth-acl { description "Configure Web ACL for Remote-LAN"; uses wireless-rlan-cfg:st-rlan-web-pre-auth-acl; } // container web-pre-auth-acl leaf mdns-sd-mode { type wireless-enum-types:enm-wlan-mdns-sd-cfg; default "mdns-sd-bridging"; description "MDNS mode on remote LAN"; } } // grouping st-rlan-config container rlan-cfg-data { description "RLAN profile configurations"; container rlan-configs { description "RLAN profile configuration"; list rlan-config { key "rlan-id"; unique "profile-name"; description "RLAN profile"; uses wireless-rlan-cfg:st-rlan-config { refine profile-name { mandatory true; } } } // list rlan-config } // container rlan-configs container rlan-policy-profile-configs { description "RLAN policy profile configuration"; list rlan-policy-profile-config { key "profile-name"; description "RLAN policy profile"; uses wireless-rlan-cfg:st-rlan-policy-profile-config; } // list rlan-policy-profile-config } // container rlan-policy-profile-configs } // container rlan-cfg-data } // module Cisco-IOS-XE-wireless-rlan-cfg
© 2023 YumaWorks, Inc. All rights reserved.