Basic Apply ANC Endpoint Policy by MAC Address Example¶
This sample applies a Cisco Adaptive Network Control (ANC) policy to an endpoint via DXL and Cisco pxGrid. The sample identifies the endpoint by its MAC address.
Prerequisites¶
The samples configuration step has been completed (see Samples Configuration).
The DXL fabric to which the client will connect has been bridged to Cisco pxGrid.
The Python client has been authorized to perform
DXL Cisco pxGrid Queries
(see Authorize Client to Use Cisco pxGrid via DXL).An ANC policy named
ANC_Shut
has been configured. The policy could be created by logging into the Cisco Identity Services Engine (ISE) web interface and performing the following steps:Navigate to Operations → Adaptive Network Control → Policy List.
On the List screen, click on the Add button.
On the List → New screen, enter
ANC_Shut
in the name field, selectSHUT_DOWN
in the Action field, and press the Submit button.
Configuration¶
Update the following line in the sample:
HOST_MAC = "<SPECIFY_MAC_ADDRESS>"
To specify the MAC address of an endpoint for which to apply the
ANC_Shut
. For example:
HOST_MAC = "00:11:22:33:44:55"
Running¶
To run this sample execute the
sample/basic/basic_anc_apply_endpoint_policy_by_mac_example.py
script as
follows:
python sample/basic/basic_anc_apply_endpoint_policy_by_mac_example.py
If the policy can be applied successfully, the output should appear similar to the following:
{ "macAddress": "00:11:22:33:44:55", "operationId": "cise.psarchlab.com:149", "policyName": "ANC_Shut", "status": "SUCCESS" }
The received results are displayed.
If the ANC_Shut
has already been associated with the endpoint
before the example is run, output similar to the
following should appear:
Error: mac address is already associated with this policy error associated with mac 00:11:22:33:44:55 (0)
If the ANC_Shut
has not been defined before the example is run, output similar to the following should appear:
Error: Policy is not configured error associated with mac 00:11:22:33:44:55 (0)
Details¶
The majority of the sample code is shown below:
# MAC address of the endpoint for which to get information HOST_MAC = "<SPECIFY_MAC_ADDRESS>" # Create the client with DxlClient(config) as dxl_client: # Connect to the fabric dxl_client.connect() logger.info("Connected to DXL fabric.") # Create client wrapper client = CiscoPxGridClient(dxl_client) try: # Invoke 'apply endpoint policy by MAC' method on service resp_dict = client.anc.apply_endpoint_policy_by_mac( HOST_MAC, "ANC_Shut") # Print out the response (convert dictionary to JSON for pretty # printing) print("Response:\n{0}".format( MessageUtils.dict_to_json(resp_dict, pretty_print=True))) except Exception as ex: print(str(ex))
Once a connection is established to the DXL fabric, a
dxlciscopxgridclient.client.CiscoPxGridClient
instance is created which
will be used to communicate with Cisco pxGrid.
Next, the dxlciscopxgridclient.client.AncClientCategory.apply_endpoint_policy_by_mac()
method is invoked with the MAC address of the endpoint for which to apply the
ANC_Shut
.
The final step is to display the contents of the returned dictionary (dict
)
which contains the results of the attempt to apply the ANC_Shut
to the endpoint.