--- ## This playbook configures essential features on IOS-XE for a new router (CSR in this case) ## The only requirement is a working SSH connection to the device - name: Configure essential features on IOS-XE device hosts: baguleykit gather_facts: false connection: network_cli roles: - common tasks: #Collect current device information - name: Collect current device facts cisco.ios.ios_facts: gather_subset: all register: current_config - name: Configuring login banner cisco.ios.ios_banner: banner: login text: | |--------------------------------------------------------------------------| | I M P O R T A N T N O T I C E | |Unauthorised use of this computer system may lead to criminal prosecution.| |If you are not an authorised user, disconnect immediately. | |Your use of this system may be monitored and/or recorded. | |By accessing and using this system you consent to such monitoring for | |law enforcement and other purposes. | |--------------------------------------------------------------------------| state: present - name: Configuring exec banner cisco.ios.ios_banner: banner: exec text: | |--------------------------------------------------------------------------| |This device is managed, supported and its configuration is owned by the | |Virgin Media Business Near Core Activations team in England. | |--------------------------------------------------------------------------| state: present - name: Configuring MOTD banner cisco.ios.ios_banner: banner: motd text: | Welcome to the Near Core Activations network infrastructure! state: present - name: Configuring NTP servers cisco.ios.ios_ntp_global: config: logging: true servers: - server: uk.pool.ntp.org version: 2 - server: 172.16.1.112 version: 2 state: merged - name: Configuring logging levels cisco.ios.ios_logging_global: config: buffered: severity: notifications size: 8096 console: severity: errors state: merged - name: Configuring hostname and domain settings cisco.ios.ios_system: hostname: "ANSIBLE-{{ current_config.ansible_facts.ansible_net_model }}" domain_name: siplab.net lookup_enabled: yes name_servers: - 10.30.10.250 - 8.8.8.8 - name: Configuring console and VTY settings cisco.ios.ios_config: lines: - authorization exec default - login authentication default - logging synchronous parents: - "{{ item }}" with_items: - line vty 0 15 - line con 0 - name: Configuring final system settings [AAA, services, timezone] and committing changes to startup-config cisco.ios.ios_config: lines: - service timestamps debug datetime msec localtime show-timezone - service timestamps log datetime msec localtime show-timezone - service tcp-keepalives-in - clock timezone GMT 0 0 - clock summer-time BST recurring last Sun Mar 1:00 last Sun Oct 2:00 - aaa new-model - aaa authentication login default local - aaa authentication enable default enable - aaa authorization config-commands - aaa authorization exec default local - aaa authorization commands 0 default local - aaa authorization commands 15 default local - aaa accounting exec default start-stop logger - aaa accounting commands 0 default start-stop logger - aaa accounting commands 1 default start-stop logger - aaa accounting commands 15 default start-stop logger - aaa accounting system default start-stop logger - aaa session-id common save_when: modified