Axonius Documentation
Start typing to search…
  1. Enforcement Action Library
  2. Deploy Files and Run Commands

Cisco - Manage Interface Status

Cisco - Manage Interface Status sets the administrative status of a network interface to up (enabled) or down (shutdown) using SNMP for:

  • Assets returned by the selected query or assets selected on the relevant asset page.

This action uses SNMP to set the IF-MIB::ifAdminStatus value to 1 (up) or 2 (down) for the specified interface index.

See Creating Enforcement Sets to learn more about adding Enforcement Actions to Enforcement Sets.

📘

Note


Required Fields

These fields must be configured to run the Enforcement Action.

  • Action name - The name of this Enforcement Action. The system sets a default name. You can change the name.
  • Configure Dynamic Values (optional) - Toggle on to enter a Dynamic Value statement. See Creating Enforcement Action Dynamic Value Statements to learn more about Dynamic Value statement syntax.
  • Use stored credentials from the Cisco adapter - Select this option to use credentials from the adapter connection. By default, the first connection is selected.

    • When you select this option, the Select Adapter Connection drop-down becomes available. Select the adapter connection to use for this Enforcement Action.

📘

Note

  • To use this option, you must successfully configure a Cisco adapter connection.
  • Interface Index (ifIndex) - The SNMP interface index of the interface to manage. This corresponds to IF-MIB::ifIndex. You can find this value by querying the device's SNMP interface table or from the device configuration.
  • Admin Status - The desired administrative status for the interface. Select one of the following:
    • Up (Enable) - Sets the interface to administratively up (ifAdminStatus = 1)
    • Down (Shutdown) - Sets the interface to administratively down (ifAdminStatus = 2)

  • Compute Node - The Axonius node to use when connecting to the specified host. For more details, see Working with Axonius Compute Nodes.

Additional Fields

💡

Connection and Credentials

When Use stored credentials from the adapter is toggled off, some of the connection fields below are required to create the connection, while other fields are optional.

  • Host Name or IP Address (required) - The hostname or IP address of the Cisco device to manage.
  • SNMP Version (required) - The SNMP version to use (SNMPv2c or SNMPv3).
  • Community String (required for SNMPv2c) - The SNMP community string with write access to the device.
  • SNMPv3 Credentials (required for SNMPv3) - Username, authentication protocol, authentication password, privacy protocol, and privacy password.

  • Verify SSL (optional) - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.

  • HTTPS Proxy (optional) - Connect the adapter to a proxy instead of directly connecting it to the domain.

  • HTTPS Proxy User Name (optional) - The user name to use when connecting to the server using the HTTPS Proxy.

  • HTTPS Proxy Password (optional) - The password to use when connecting to the server using the HTTPS Proxy.

  • Gateway Name - Select the Gateway through which to connect to perform the action.

SNMP Details

Axonius uses SNMP SET operations on the IF-MIB::ifAdminStatus object (OID 1.3.6.1.2.1.2.2.1.7).

Required Ports

Axonius must be able to communicate via the following ports:

  • UDP port 161 (SNMP)

Required Permissions

The stored credentials, or those provided in Connection and Credentials, must have the following permission(s) to perform this Enforcement Action:

The SNMP credentials must have write access to the IF-MIB::ifAdminStatus object on the target Cisco device. This typically requires:

  • SNMPv2c - A community string with read-write access
  • SNMPv3 - A user account with authentication and privacy configured, and write access to the interfaces MIB

For more details about other enforcement actions available, see Action Library.

Updated about 2 hours ago