netscaler.adc.authenticationradiusaction module – Configuration for RADIUS action resource.

Note

This module is part of the netscaler.adc collection (version 2.6.0).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install netscaler.adc.

To use it in a playbook, specify: netscaler.adc.authenticationradiusaction.

New in netscaler.adc 2.0.0

Synopsis

  • Configuration for RADIUS action resource.

Parameters

Parameter

Comments

accounting

any

Whether the RADIUS server is currently accepting accounting messages.

Choices:

  • "ON"

  • "OFF"

api_path

string

Base NITRO API path.

Define only in case of an ADM service proxy call

Default: "nitro/v1/config"

authentication

any

Configure the RADIUS server state to accept or refuse authentication messages.

Choices:

  • "ON"

  • "OFF"

authservretry

any

Number of retry by the Citrix ADC before getting response from the RADIUS server.

authtimeout

any

Number of seconds the Citrix ADC waits for a response from the RADIUS server.

callingstationid

any

Send Calling-Station-ID of the client to the RADIUS server. IP Address of the client is sent as its Calling-Station-ID.

Choices:

  • "ENABLED"

  • "DISABLED"

defaultauthenticationgroup

any

This is the default group that is chosen when the authentication succeeds in addition to extracted groups.

ipattributetype

any

Remote IP address attribute type in a RADIUS response.

ipvendorid

any

Vendor ID of the intranet IP attribute in the RADIUS response.

NOTE: A value of 0 indicates that the attribute is not vendor encoded.

managed_netscaler_instance_id

string

added in netscaler.adc 2.6.0

The ID of the managed NetScaler instance to which NetScaler Console

has to configure as a proxy server.

Define only in case of an ADM service proxy call

managed_netscaler_instance_ip

string

added in netscaler.adc 2.6.0

The IP of the managed NetScaler instance to which NetScaler Console

has to configure as a proxy server.

Define only in case of an ADM service proxy call

managed_netscaler_instance_name

string

added in netscaler.adc 2.6.0

The name of the managed NetScaler instance to which NetScaler Console

has to configure as a proxy server.

Define only in case of an ADM service proxy call

managed_netscaler_instance_password

string

added in netscaler.adc 2.6.0

The password of the managed NetScaler instance.

Define only in case of an ADM service proxy call

In Settings > Administration > System Configurations > Basic Settings,

if you select Prompt Credentials for Instance Login,

ensure to configure username and password of a managed instance.

managed_netscaler_instance_username

string

added in netscaler.adc 2.6.0

The username of the managed NetScaler instance.

Define only in case of an ADM service proxy call

In Settings > Administration > System Configurations > Basic Settings,

if you select Prompt Credentials for Instance Login,

ensure to configure username and password of a managed instance.

name

any

Name for the RADIUS action.

Must begin with a letter, number, or the underscore character (_), and must contain only letters, numbers, and the hyphen (-), period (.) pound (#), space ( ), at (@), equals (=), colon (:), and underscore characters. Cannot be changed after the RADIUS action is added.

netscaler_console_as_proxy_server

boolean

added in netscaler.adc 2.6.0

The IP address of the NetScaler ADC appliance acting as a proxy server.

Define only in case of an ADM service proxy call

Choices:

  • false ← (default)

  • true

nitro_auth_token

string

The authentication token provided by a login operation.

nitro_pass

string

The password with which to authenticate to the NetScaler ADC node.

nitro_protocol

string

Which protocol to use when accessing the nitro API objects.

Choices:

  • "http"

  • "https" ← (default)

nitro_user

string

The username with which to authenticate to the NetScaler ADC node.

nsip

string / required

The ip address of the NetScaler ADC appliance where the nitro API calls will be made.

The port can be specified with the colon (:). E.g. 192.168.1.1:555.

passencoding

any

Encoding type for passwords in RADIUS packets that the Citrix ADC sends to the RADIUS server.

Choices:

  • "pap"

  • "chap"

  • "mschapv1"

  • "mschapv2"

pwdattributetype

any

Vendor-specific password attribute type in a RADIUS response.

pwdvendorid

any

Vendor ID of the attribute, in the RADIUS response, used to extract the user password.

radattributetype

any

RADIUS attribute type, used for RADIUS group extraction.

radgroupseparator

any

RADIUS group separator string

The group separator delimits group names within a RADIUS attribute for RADIUS group extraction.

radgroupsprefix

any

RADIUS groups prefix string.

This groups prefix precedes the group names within a RADIUS attribute for RADIUS group extraction.

radkey

string

Key shared between the RADIUS server and the Citrix ADC.

Required to allow the Citrix ADC to communicate with the RADIUS server.

radnasid

any

If configured, this string is sent to the RADIUS server as the Network Access Server ID (NASID).

radnasip

any

If enabled, the Citrix ADC IP address (NSIP) is sent to the RADIUS server as the Network Access Server IP (NASIP) address.

The RADIUS protocol defines the meaning and use of the NASIP address.

Choices:

  • "ENABLED"

  • "DISABLED"

radvendorid

any

RADIUS vendor ID attribute, used for RADIUS group extraction.

save_config

boolean

If true the module will save the configuration on the NetScaler ADC node if it makes any changes.

The module will not save the configuration on the NetScaler ADC node if it made no changes.

Choices:

  • false ← (default)

  • true

serverip

string

IP address assigned to the RADIUS server.

servername

string

RADIUS server name as a FQDN. Mutually exclusive with RADIUS IP address.

serverport

any

Port number on which the RADIUS server listens for connections.

state

string

The state of the resource being configured by the module on the NetScaler ADC node.

When present, the resource will be added/updated configured according to the module’s parameters.

When absent, the resource will be deleted from the NetScaler ADC node.

When unset, the resource will be unset on the NetScaler ADC node.

Choices:

  • "present" ← (default)

  • "absent"

  • "unset"

targetlbvserver

any

If transport mode is TLS, specify the name of LB vserver to associate. The LB vserver needs to be of type TCP and service associated needs to be SSL_TCP

transport

any

Transport mode to RADIUS server.

Choices:

  • "UDP"

  • "TCP"

  • "TLS"

tunnelendpointclientip

any

Send Tunnel Endpoint Client IP address to the RADIUS server.

Choices:

  • "ENABLED"

  • "DISABLED"

validate_certs

boolean

If false, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.

Choices:

  • false

  • true ← (default)

Notes

Note

Examples

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

changed

boolean

Indicates if any change is made by the module

Returned: always

Sample: true

diff

dictionary

Dictionary of before and after changes

Returned: always

Sample: {"after": {"key2": "pqr"}, "before": {"key1": "xyz"}, "prepared": "changes done"}

diff_list

list / elements=string

List of differences between the actual configured object and the configuration specified in the module

Returned: when changed

Sample: ["Attribute `key1` differs. Desired: (<class 'str'>) XYZ. Existing: (<class 'str'>) PQR"]

failed

boolean

Indicates if the module failed or not

Returned: always

Sample: false

loglines

list / elements=string

list of logged messages by the module

Returned: always

Sample: ["message 1", "message 2"]

Authors

  • Sumanth Lingappa (@sumanth-lingappa)