Playbook for cisco switch interface Network Access Control

Hello experts, I am looking for a way to automate access ports for NAC on legacy authentication. I only want to configure ports that already have “switchport mode access” and the “authentication event server dead action authorize vlan” we would like to match to the current vlan.

I need to go from
int gi 0/1
switchport access vlan 3216
switchport mode access
switchport voice vlan 120

spanning-tree portfast

to

switchport access vlan 105
switchport mode access
switchport voice vlan 120
ip device tracking maximum 10
authentication event server dead action authorize vlan 105
authentication host-mode multi-auth
authentication order dot1x mab webauth
authentication priority dot1x mab
authentication port-control auto
authentication periodic
authentication timer reauthenticate server
mab
dot1x pae authenticator
dot1x timeout tx-period 10
spanning-tree portfast

I have never used ansible to talk to a cisco box -- I am still
struggling with my garden-variety juniper SRX box -- but if you could
pull the config in ansible and register that in a variable, you should
be able to do some probulating and create a list/dict that you can
then feed to a loop.

Hi,

use cisco ios config module with a jinja template. Works like a charm for me.

https://docs.ansible.com/ansible/latest/collections/cisco/ios/ios_config_module.html

Michael

Thank you I will check this out. Is there a GIT for example templates using this?