Adding upstream version 9.4.0+dfsg.upstream/9.4.0+dfsg

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

1 files changed, 106 insertions, 0 deletions

diff --git a/ansible_collections/cisco/meraki/playbooks/mx_deployment.yml b/ansible_collections/cisco/meraki/playbooks/mx_deployment.yml
new file mode 100644
index 000000000..a4f64e8ba
--- /dev/null
+++ b/ansible_collections/cisco/meraki/playbooks/mx_deployment.yml
@@ -0,0 +1,106 @@
+---
+
+- hosts: localhost
+  vars:
+    network_id: "L_828099381482771185" # Branch-1234
+  gather_facts: false
+  tasks:
+    # - name: Get all networks _appliance _vlans
+    #   cisco.meraki.networks_appliance_vlans_info:
+    #     networkId: "{{network_id}}"
+    #   register: result
+
+    - name: Enable Vlans on the MX
+      cisco.meraki.networks_appliance_vlans_settings:
+        state: present
+        networkId: "{{network_id}}"
+        vlansEnabled: true
+
+    - name: Update appliance Vlans
+      cisco.meraki.networks_appliance_vlans:
+        state: present
+        applianceIp: 192.168.1.2
+        cidr: 192.168.1.0/24
+        id: '1234'
+        name: My VLAN
+        networkId: "{{network_id}}"
+        subnet: 192.168.1.0/24
+
+    - name: Update appliance SSID
+      cisco.meraki.networks_appliance_ssids:
+       state: present
+       authMode: 8021x-radius
+       defaultVlanId: 10
+       enabled: true
+       name: My SSID
+       networkId: "{{network_id}}"
+       number: 1234
+       radiusServers:
+       - host: 1.2.3.4
+         port: 1000
+         secret: secret
+       visible: true
+       wpaEncryptionMode: WPA2 only
+
+    - name: Update appliance traffic shaping
+      cisco.meraki.networks_appliance_traffic_shaping:
+        state: present
+        globalBandwidthLimits:
+          limitDown: 5120
+          limitUp: 2048
+        networkId: "{{network_id}}"
+
+    - name: Update appliance ports
+      cisco.meraki.networks_appliance_ports:
+        allowedVlans: "all"
+        enabled: true
+        networkId: "{{network_id}}"
+        portId: "4"
+        type: "trunk"
+        vlan: 10
+        state: present
+
+    - name: Create FW outbound L3 rules
+      cisco.meraki.networks_appliance_firewall_l3_firewall_rules:
+        networkId: "{{network_id}}"
+        state: present
+        rules:
+          - comment: Block internetbadguys.com
+            destCidr: internetbadguys.com
+            destPort: any
+            policy: deny
+            protocol: any
+            srcCidr: any
+            syslogEnabled: false
+
+    - name: Create FW inbound L3 rules
+      cisco.meraki.networks_appliance_firewall_inbound_firewall_rules:
+        networkId: "{{network_id}}"
+        rules:
+        - comment: Allow HTTP traffic to VLAN 1234 with HTTP servers.
+          destCidr: VLAN(1234).*
+          destPort: '80'
+          policy: allow
+          protocol: tcp
+          srcCidr: Any
+          srcPort: Any
+          syslogEnabled: false
+
+    - name: Create FW L7 rules
+      cisco.meraki.networks_appliance_firewall_l7_firewall_rules:
+        networkId: "{{network_id}}"
+        rules:
+        - policy: deny
+          type: applicationCategory
+          value: 
+            name: Sports
+            id: meraki:layer7/category/5
+
+    - name: Get all networks _appliance _firewall l3firewallrules
+      cisco.meraki.networks_appliance_firewall_l3_firewall_rules_info:
+        networkId: "{{network_id}}"
+      register: result
+
+    - name: Show result
+      ansible.builtin.debug:
+        msg: "{{ result }}"