1. Packages
  2. Juniper Mist
  3. API Docs
  4. site
  5. Wlan
Juniper Mist v0.1.1 published on Monday, Nov 4, 2024 by Pulumi

junipermist.site.Wlan

Explore with Pulumi AI

junipermist logo
Juniper Mist v0.1.1 published on Monday, Nov 4, 2024 by Pulumi

    This resource manages the Site Wlans. The WLAN object contains all the required configuration to broadcast an SSID (Authentication, VLAN, …)

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as junipermist from "@pulumi/juniper-mist";
    
    const wlanOne = new junipermist.site.Wlan("wlan_one", {
        ssid: "wlan_one",
        siteId: terraformTest.id,
        bands: [
            "5",
            "6",
        ],
        vlanEnabled: true,
        vlanId: "143",
        wlanLimitUp: 10000,
        wlanLimitDown: 20000,
        clientLimitUp: 512,
        clientLimitDown: 1000,
        auth: {
            type: "psk",
            psk: "secretpsk",
        },
        "interface": "all",
    });
    
    import pulumi
    import pulumi_juniper_mist as junipermist
    
    wlan_one = junipermist.site.Wlan("wlan_one",
        ssid="wlan_one",
        site_id=terraform_test["id"],
        bands=[
            "5",
            "6",
        ],
        vlan_enabled=True,
        vlan_id="143",
        wlan_limit_up=10000,
        wlan_limit_down=20000,
        client_limit_up=512,
        client_limit_down=1000,
        auth={
            "type": "psk",
            "psk": "secretpsk",
        },
        interface="all")
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-junipermist/sdk/go/junipermist/site"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := site.NewWlan(ctx, "wlan_one", &site.WlanArgs{
    			Ssid:   pulumi.String("wlan_one"),
    			SiteId: pulumi.Any(terraformTest.Id),
    			Bands: pulumi.StringArray{
    				pulumi.String("5"),
    				pulumi.String("6"),
    			},
    			VlanEnabled:     pulumi.Bool(true),
    			VlanId:          pulumi.String("143"),
    			WlanLimitUp:     pulumi.Int(10000),
    			WlanLimitDown:   pulumi.Int(20000),
    			ClientLimitUp:   pulumi.Int(512),
    			ClientLimitDown: pulumi.Int(1000),
    			Auth: &site.WlanAuthArgs{
    				Type: pulumi.String("psk"),
    				Psk:  pulumi.String("secretpsk"),
    			},
    			Interface: pulumi.String("all"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using JuniperMist = Pulumi.JuniperMist;
    
    return await Deployment.RunAsync(() => 
    {
        var wlanOne = new JuniperMist.Site.Wlan("wlan_one", new()
        {
            Ssid = "wlan_one",
            SiteId = terraformTest.Id,
            Bands = new[]
            {
                "5",
                "6",
            },
            VlanEnabled = true,
            VlanId = "143",
            WlanLimitUp = 10000,
            WlanLimitDown = 20000,
            ClientLimitUp = 512,
            ClientLimitDown = 1000,
            Auth = new JuniperMist.Site.Inputs.WlanAuthArgs
            {
                Type = "psk",
                Psk = "secretpsk",
            },
            Interface = "all",
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.junipermist.site.Wlan;
    import com.pulumi.junipermist.site.WlanArgs;
    import com.pulumi.junipermist.site.inputs.WlanAuthArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var wlanOne = new Wlan("wlanOne", WlanArgs.builder()
                .ssid("wlan_one")
                .siteId(terraformTest.id())
                .bands(            
                    "5",
                    "6")
                .vlanEnabled(true)
                .vlanId(143)
                .wlanLimitUp(10000)
                .wlanLimitDown(20000)
                .clientLimitUp(512)
                .clientLimitDown(1000)
                .auth(WlanAuthArgs.builder()
                    .type("psk")
                    .psk("secretpsk")
                    .build())
                .interface_("all")
                .build());
    
        }
    }
    
    resources:
      wlanOne:
        type: junipermist:site:Wlan
        name: wlan_one
        properties:
          ssid: wlan_one
          siteId: ${terraformTest.id}
          bands:
            - '5'
            - '6'
          vlanEnabled: true
          vlanId: 143
          wlanLimitUp: 10000
          wlanLimitDown: 20000
          clientLimitUp: 512
          clientLimitDown: 1000
          auth:
            type: psk
            psk: secretpsk
          interface: all
    

    Create Wlan Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new Wlan(name: string, args: WlanArgs, opts?: CustomResourceOptions);
    @overload
    def Wlan(resource_name: str,
             args: WlanArgs,
             opts: Optional[ResourceOptions] = None)
    
    @overload
    def Wlan(resource_name: str,
             opts: Optional[ResourceOptions] = None,
             site_id: Optional[str] = None,
             ssid: Optional[str] = None,
             acct_immediate_update: Optional[bool] = None,
             acct_interim_interval: Optional[int] = None,
             acct_servers: Optional[Sequence[WlanAcctServerArgs]] = None,
             airwatch: Optional[WlanAirwatchArgs] = None,
             allow_ipv6_ndp: Optional[bool] = None,
             allow_mdns: Optional[bool] = None,
             allow_ssdp: Optional[bool] = None,
             ap_ids: Optional[Sequence[str]] = None,
             app_limit: Optional[WlanAppLimitArgs] = None,
             app_qos: Optional[WlanAppQosArgs] = None,
             apply_to: Optional[str] = None,
             arp_filter: Optional[bool] = None,
             auth: Optional[WlanAuthArgs] = None,
             auth_server_selection: Optional[str] = None,
             auth_servers: Optional[Sequence[WlanAuthServerArgs]] = None,
             auth_servers_nas_id: Optional[str] = None,
             auth_servers_nas_ip: Optional[str] = None,
             auth_servers_retries: Optional[int] = None,
             auth_servers_timeout: Optional[int] = None,
             band_steer: Optional[bool] = None,
             band_steer_force_band5: Optional[bool] = None,
             bands: Optional[Sequence[str]] = None,
             block_blacklist_clients: Optional[bool] = None,
             bonjour: Optional[WlanBonjourArgs] = None,
             cisco_cwa: Optional[WlanCiscoCwaArgs] = None,
             client_limit_down: Optional[int] = None,
             client_limit_down_enabled: Optional[bool] = None,
             client_limit_up: Optional[int] = None,
             client_limit_up_enabled: Optional[bool] = None,
             coa_servers: Optional[Sequence[WlanCoaServerArgs]] = None,
             disable11ax: Optional[bool] = None,
             disable_ht_vht_rates: Optional[bool] = None,
             disable_uapsd: Optional[bool] = None,
             disable_v1_roam_notify: Optional[bool] = None,
             disable_v2_roam_notify: Optional[bool] = None,
             disable_wmm: Optional[bool] = None,
             dns_server_rewrite: Optional[WlanDnsServerRewriteArgs] = None,
             dtim: Optional[int] = None,
             dynamic_psk: Optional[WlanDynamicPskArgs] = None,
             dynamic_vlan: Optional[WlanDynamicVlanArgs] = None,
             enable_local_keycaching: Optional[bool] = None,
             enable_wireless_bridging: Optional[bool] = None,
             enable_wireless_bridging_dhcp_tracking: Optional[bool] = None,
             enabled: Optional[bool] = None,
             fast_dot1x_timers: Optional[bool] = None,
             hide_ssid: Optional[bool] = None,
             hostname_ie: Optional[bool] = None,
             hotspot20: Optional[WlanHotspot20Args] = None,
             inject_dhcp_option82: Optional[WlanInjectDhcpOption82Args] = None,
             interface: Optional[str] = None,
             isolation: Optional[bool] = None,
             l2_isolation: Optional[bool] = None,
             legacy_overds: Optional[bool] = None,
             limit_bcast: Optional[bool] = None,
             limit_probe_response: Optional[bool] = None,
             max_idletime: Optional[int] = None,
             mist_nac: Optional[WlanMistNacArgs] = None,
             mxtunnel_ids: Optional[Sequence[str]] = None,
             mxtunnel_names: Optional[Sequence[str]] = None,
             no_static_dns: Optional[bool] = None,
             no_static_ip: Optional[bool] = None,
             portal: Optional[WlanPortalArgs] = None,
             portal_allowed_hostnames: Optional[Sequence[str]] = None,
             portal_allowed_subnets: Optional[Sequence[str]] = None,
             portal_denied_hostnames: Optional[Sequence[str]] = None,
             qos: Optional[WlanQosArgs] = None,
             radsec: Optional[WlanRadsecArgs] = None,
             roam_mode: Optional[str] = None,
             schedule: Optional[WlanScheduleArgs] = None,
             sle_excluded: Optional[bool] = None,
             use_eapol_v1: Optional[bool] = None,
             vlan_enabled: Optional[bool] = None,
             vlan_id: Optional[str] = None,
             vlan_ids: Optional[Sequence[str]] = None,
             vlan_pooling: Optional[bool] = None,
             wlan_limit_down: Optional[int] = None,
             wlan_limit_down_enabled: Optional[bool] = None,
             wlan_limit_up: Optional[int] = None,
             wlan_limit_up_enabled: Optional[bool] = None,
             wxtag_ids: Optional[Sequence[str]] = None,
             wxtunnel_id: Optional[str] = None,
             wxtunnel_remote_id: Optional[str] = None)
    func NewWlan(ctx *Context, name string, args WlanArgs, opts ...ResourceOption) (*Wlan, error)
    public Wlan(string name, WlanArgs args, CustomResourceOptions? opts = null)
    public Wlan(String name, WlanArgs args)
    public Wlan(String name, WlanArgs args, CustomResourceOptions options)
    
    type: junipermist:site:Wlan
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args WlanArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args WlanArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args WlanArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args WlanArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args WlanArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var junipermistWlanResource = new JuniperMist.Site.Wlan("junipermistWlanResource", new()
    {
        SiteId = "string",
        Ssid = "string",
        AcctImmediateUpdate = false,
        AcctInterimInterval = 0,
        AcctServers = new[]
        {
            new JuniperMist.Site.Inputs.WlanAcctServerArgs
            {
                Host = "string",
                Secret = "string",
                KeywrapEnabled = false,
                KeywrapFormat = "string",
                KeywrapKek = "string",
                KeywrapMack = "string",
                Port = 0,
            },
        },
        Airwatch = new JuniperMist.Site.Inputs.WlanAirwatchArgs
        {
            ApiKey = "string",
            ConsoleUrl = "string",
            Password = "string",
            Username = "string",
            Enabled = false,
        },
        AllowIpv6Ndp = false,
        AllowMdns = false,
        AllowSsdp = false,
        ApIds = new[]
        {
            "string",
        },
        AppLimit = new JuniperMist.Site.Inputs.WlanAppLimitArgs
        {
            Apps = 
            {
                { "string", 0 },
            },
            Enabled = false,
            WxtagIds = 
            {
                { "string", 0 },
            },
        },
        AppQos = new JuniperMist.Site.Inputs.WlanAppQosArgs
        {
            Apps = 
            {
                { "string", new JuniperMist.Site.Inputs.WlanAppQosAppsArgs
                {
                    Dscp = 0,
                    DstSubnet = "string",
                    SrcSubnet = "string",
                } },
            },
            Enabled = false,
            Others = new[]
            {
                new JuniperMist.Site.Inputs.WlanAppQosOtherArgs
                {
                    Dscp = 0,
                    DstSubnet = "string",
                    PortRanges = "string",
                    Protocol = "string",
                    SrcSubnet = "string",
                },
            },
        },
        ApplyTo = "string",
        ArpFilter = false,
        Auth = new JuniperMist.Site.Inputs.WlanAuthArgs
        {
            AnticlogThreshold = 0,
            EapReauth = false,
            EnableMacAuth = false,
            KeyIdx = 0,
            Keys = new[]
            {
                "string",
            },
            MultiPskOnly = false,
            Owe = "string",
            Pairwises = new[]
            {
                "string",
            },
            PrivateWlan = false,
            Psk = "string",
            Type = "string",
            WepAsSecondaryAuth = false,
        },
        AuthServerSelection = "string",
        AuthServers = new[]
        {
            new JuniperMist.Site.Inputs.WlanAuthServerArgs
            {
                Host = "string",
                Secret = "string",
                KeywrapEnabled = false,
                KeywrapFormat = "string",
                KeywrapKek = "string",
                KeywrapMack = "string",
                Port = 0,
            },
        },
        AuthServersNasId = "string",
        AuthServersNasIp = "string",
        AuthServersRetries = 0,
        AuthServersTimeout = 0,
        BandSteer = false,
        BandSteerForceBand5 = false,
        Bands = new[]
        {
            "string",
        },
        BlockBlacklistClients = false,
        Bonjour = new JuniperMist.Site.Inputs.WlanBonjourArgs
        {
            AdditionalVlanIds = new[]
            {
                "string",
            },
            Services = 
            {
                { "string", new JuniperMist.Site.Inputs.WlanBonjourServicesArgs
                {
                    DisableLocal = false,
                    RadiusGroups = new[]
                    {
                        "string",
                    },
                    Scope = "string",
                } },
            },
            Enabled = false,
        },
        CiscoCwa = new JuniperMist.Site.Inputs.WlanCiscoCwaArgs
        {
            AllowedHostnames = new[]
            {
                "string",
            },
            AllowedSubnets = new[]
            {
                "string",
            },
            BlockedSubnets = new[]
            {
                "string",
            },
            Enabled = false,
        },
        ClientLimitDown = 0,
        ClientLimitDownEnabled = false,
        ClientLimitUp = 0,
        ClientLimitUpEnabled = false,
        CoaServers = new[]
        {
            new JuniperMist.Site.Inputs.WlanCoaServerArgs
            {
                Ip = "string",
                Secret = "string",
                DisableEventTimestampCheck = false,
                Enabled = false,
                Port = 0,
            },
        },
        Disable11ax = false,
        DisableHtVhtRates = false,
        DisableUapsd = false,
        DisableV1RoamNotify = false,
        DisableV2RoamNotify = false,
        DisableWmm = false,
        DnsServerRewrite = new JuniperMist.Site.Inputs.WlanDnsServerRewriteArgs
        {
            Enabled = false,
            RadiusGroups = 
            {
                { "string", "string" },
            },
        },
        Dtim = 0,
        DynamicPsk = new JuniperMist.Site.Inputs.WlanDynamicPskArgs
        {
            DefaultPsk = "string",
            DefaultVlanId = "string",
            Enabled = false,
            ForceLookup = false,
            Source = "string",
            VlanIds = new[]
            {
                "string",
            },
        },
        DynamicVlan = new JuniperMist.Site.Inputs.WlanDynamicVlanArgs
        {
            DefaultVlanIds = new[]
            {
                "string",
            },
            Enabled = false,
            LocalVlanIds = new[]
            {
                "string",
            },
            Type = "string",
            Vlans = 
            {
                { "string", "string" },
            },
        },
        EnableLocalKeycaching = false,
        EnableWirelessBridging = false,
        EnableWirelessBridgingDhcpTracking = false,
        Enabled = false,
        FastDot1xTimers = false,
        HideSsid = false,
        HostnameIe = false,
        Hotspot20 = new JuniperMist.Site.Inputs.WlanHotspot20Args
        {
            DomainNames = new[]
            {
                "string",
            },
            Enabled = false,
            NaiRealms = new[]
            {
                "string",
            },
            Operators = new[]
            {
                "string",
            },
            Rcois = new[]
            {
                "string",
            },
            VenueName = "string",
        },
        InjectDhcpOption82 = new JuniperMist.Site.Inputs.WlanInjectDhcpOption82Args
        {
            CircuitId = "string",
            Enabled = false,
        },
        Interface = "string",
        Isolation = false,
        L2Isolation = false,
        LegacyOverds = false,
        LimitBcast = false,
        LimitProbeResponse = false,
        MaxIdletime = 0,
        MistNac = new JuniperMist.Site.Inputs.WlanMistNacArgs
        {
            Enabled = false,
        },
        MxtunnelIds = new[]
        {
            "string",
        },
        MxtunnelNames = new[]
        {
            "string",
        },
        NoStaticDns = false,
        NoStaticIp = false,
        Portal = new JuniperMist.Site.Inputs.WlanPortalArgs
        {
            AmazonClientId = "string",
            AmazonClientSecret = "string",
            AmazonEmailDomains = new[]
            {
                "string",
            },
            AmazonEnabled = false,
            AmazonExpire = 0,
            Auth = "string",
            AzureClientId = "string",
            AzureClientSecret = "string",
            AzureEnabled = false,
            AzureExpire = 0,
            AzureTenantId = "string",
            BroadnetPassword = "string",
            BroadnetSid = "string",
            BroadnetUserId = "string",
            BypassWhenCloudDown = false,
            ClickatellApiKey = "string",
            CrossSite = false,
            EmailEnabled = false,
            Enabled = false,
            Expire = 0,
            ExternalPortalUrl = "string",
            FacebookClientId = "string",
            FacebookClientSecret = "string",
            FacebookEmailDomains = new[]
            {
                "string",
            },
            FacebookEnabled = false,
            FacebookExpire = 0,
            Forward = false,
            ForwardUrl = "string",
            GoogleClientId = "string",
            GoogleClientSecret = "string",
            GoogleEmailDomains = new[]
            {
                "string",
            },
            GoogleEnabled = false,
            GoogleExpire = 0,
            GupshupPassword = "string",
            GupshupUserid = "string",
            MicrosoftClientId = "string",
            MicrosoftClientSecret = "string",
            MicrosoftEmailDomains = new[]
            {
                "string",
            },
            MicrosoftEnabled = false,
            MicrosoftExpire = 0,
            PassphraseEnabled = false,
            PassphraseExpire = 0,
            Password = "string",
            PredefinedSponsorsEnabled = false,
            PredefinedSponsorsHideEmail = false,
            Privacy = false,
            PuzzelPassword = "string",
            PuzzelServiceId = "string",
            PuzzelUsername = "string",
            SmsEnabled = false,
            SmsExpire = 0,
            SmsMessageFormat = "string",
            SmsProvider = "string",
            SponsorAutoApprove = false,
            SponsorEmailDomains = new[]
            {
                "string",
            },
            SponsorEnabled = false,
            SponsorExpire = 0,
            SponsorLinkValidityDuration = "string",
            SponsorNotifyAll = false,
            SponsorStatusNotify = false,
            Sponsors = 
            {
                { "string", "string" },
            },
            SsoDefaultRole = "string",
            SsoForcedRole = "string",
            SsoIdpCert = "string",
            SsoIdpSignAlgo = "string",
            SsoIdpSsoUrl = "string",
            SsoIssuer = "string",
            SsoNameidFormat = "string",
            TelstraClientId = "string",
            TelstraClientSecret = "string",
            TwilioAuthToken = "string",
            TwilioPhoneNumber = "string",
            TwilioSid = "string",
        },
        PortalAllowedHostnames = new[]
        {
            "string",
        },
        PortalAllowedSubnets = new[]
        {
            "string",
        },
        PortalDeniedHostnames = new[]
        {
            "string",
        },
        Qos = new JuniperMist.Site.Inputs.WlanQosArgs
        {
            Class = "string",
            Overwrite = false,
        },
        Radsec = new JuniperMist.Site.Inputs.WlanRadsecArgs
        {
            CoaEnabled = false,
            Enabled = false,
            IdleTimeout = 0,
            MxclusterIds = new[]
            {
                "string",
            },
            ProxyHosts = new[]
            {
                "string",
            },
            ServerName = "string",
            Servers = new[]
            {
                new JuniperMist.Site.Inputs.WlanRadsecServerArgs
                {
                    Host = "string",
                    Port = 0,
                },
            },
            UseMxedge = false,
            UseSiteMxedge = false,
        },
        RoamMode = "string",
        Schedule = new JuniperMist.Site.Inputs.WlanScheduleArgs
        {
            Enabled = false,
            Hours = new JuniperMist.Site.Inputs.WlanScheduleHoursArgs
            {
                Fri = "string",
                Mon = "string",
                Sat = "string",
                Sun = "string",
                Thu = "string",
                Tue = "string",
                Wed = "string",
            },
        },
        SleExcluded = false,
        UseEapolV1 = false,
        VlanEnabled = false,
        VlanId = "string",
        VlanIds = new[]
        {
            "string",
        },
        VlanPooling = false,
        WlanLimitDown = 0,
        WlanLimitDownEnabled = false,
        WlanLimitUp = 0,
        WlanLimitUpEnabled = false,
        WxtagIds = new[]
        {
            "string",
        },
        WxtunnelId = "string",
        WxtunnelRemoteId = "string",
    });
    
    example, err := site.NewWlan(ctx, "junipermistWlanResource", &site.WlanArgs{
    	SiteId:              pulumi.String("string"),
    	Ssid:                pulumi.String("string"),
    	AcctImmediateUpdate: pulumi.Bool(false),
    	AcctInterimInterval: pulumi.Int(0),
    	AcctServers: site.WlanAcctServerArray{
    		&site.WlanAcctServerArgs{
    			Host:           pulumi.String("string"),
    			Secret:         pulumi.String("string"),
    			KeywrapEnabled: pulumi.Bool(false),
    			KeywrapFormat:  pulumi.String("string"),
    			KeywrapKek:     pulumi.String("string"),
    			KeywrapMack:    pulumi.String("string"),
    			Port:           pulumi.Int(0),
    		},
    	},
    	Airwatch: &site.WlanAirwatchArgs{
    		ApiKey:     pulumi.String("string"),
    		ConsoleUrl: pulumi.String("string"),
    		Password:   pulumi.String("string"),
    		Username:   pulumi.String("string"),
    		Enabled:    pulumi.Bool(false),
    	},
    	AllowIpv6Ndp: pulumi.Bool(false),
    	AllowMdns:    pulumi.Bool(false),
    	AllowSsdp:    pulumi.Bool(false),
    	ApIds: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	AppLimit: &site.WlanAppLimitArgs{
    		Apps: pulumi.IntMap{
    			"string": pulumi.Int(0),
    		},
    		Enabled: pulumi.Bool(false),
    		WxtagIds: pulumi.IntMap{
    			"string": pulumi.Int(0),
    		},
    	},
    	AppQos: &site.WlanAppQosArgs{
    		Apps: site.WlanAppQosAppsMap{
    			"string": &site.WlanAppQosAppsArgs{
    				Dscp:      pulumi.Int(0),
    				DstSubnet: pulumi.String("string"),
    				SrcSubnet: pulumi.String("string"),
    			},
    		},
    		Enabled: pulumi.Bool(false),
    		Others: site.WlanAppQosOtherArray{
    			&site.WlanAppQosOtherArgs{
    				Dscp:       pulumi.Int(0),
    				DstSubnet:  pulumi.String("string"),
    				PortRanges: pulumi.String("string"),
    				Protocol:   pulumi.String("string"),
    				SrcSubnet:  pulumi.String("string"),
    			},
    		},
    	},
    	ApplyTo:   pulumi.String("string"),
    	ArpFilter: pulumi.Bool(false),
    	Auth: &site.WlanAuthArgs{
    		AnticlogThreshold: pulumi.Int(0),
    		EapReauth:         pulumi.Bool(false),
    		EnableMacAuth:     pulumi.Bool(false),
    		KeyIdx:            pulumi.Int(0),
    		Keys: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		MultiPskOnly: pulumi.Bool(false),
    		Owe:          pulumi.String("string"),
    		Pairwises: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		PrivateWlan:        pulumi.Bool(false),
    		Psk:                pulumi.String("string"),
    		Type:               pulumi.String("string"),
    		WepAsSecondaryAuth: pulumi.Bool(false),
    	},
    	AuthServerSelection: pulumi.String("string"),
    	AuthServers: site.WlanAuthServerArray{
    		&site.WlanAuthServerArgs{
    			Host:           pulumi.String("string"),
    			Secret:         pulumi.String("string"),
    			KeywrapEnabled: pulumi.Bool(false),
    			KeywrapFormat:  pulumi.String("string"),
    			KeywrapKek:     pulumi.String("string"),
    			KeywrapMack:    pulumi.String("string"),
    			Port:           pulumi.Int(0),
    		},
    	},
    	AuthServersNasId:    pulumi.String("string"),
    	AuthServersNasIp:    pulumi.String("string"),
    	AuthServersRetries:  pulumi.Int(0),
    	AuthServersTimeout:  pulumi.Int(0),
    	BandSteer:           pulumi.Bool(false),
    	BandSteerForceBand5: pulumi.Bool(false),
    	Bands: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	BlockBlacklistClients: pulumi.Bool(false),
    	Bonjour: &site.WlanBonjourArgs{
    		AdditionalVlanIds: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		Services: site.WlanBonjourServicesMap{
    			"string": &site.WlanBonjourServicesArgs{
    				DisableLocal: pulumi.Bool(false),
    				RadiusGroups: pulumi.StringArray{
    					pulumi.String("string"),
    				},
    				Scope: pulumi.String("string"),
    			},
    		},
    		Enabled: pulumi.Bool(false),
    	},
    	CiscoCwa: &site.WlanCiscoCwaArgs{
    		AllowedHostnames: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		AllowedSubnets: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		BlockedSubnets: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		Enabled: pulumi.Bool(false),
    	},
    	ClientLimitDown:        pulumi.Int(0),
    	ClientLimitDownEnabled: pulumi.Bool(false),
    	ClientLimitUp:          pulumi.Int(0),
    	ClientLimitUpEnabled:   pulumi.Bool(false),
    	CoaServers: site.WlanCoaServerArray{
    		&site.WlanCoaServerArgs{
    			Ip:                         pulumi.String("string"),
    			Secret:                     pulumi.String("string"),
    			DisableEventTimestampCheck: pulumi.Bool(false),
    			Enabled:                    pulumi.Bool(false),
    			Port:                       pulumi.Int(0),
    		},
    	},
    	Disable11ax:         pulumi.Bool(false),
    	DisableHtVhtRates:   pulumi.Bool(false),
    	DisableUapsd:        pulumi.Bool(false),
    	DisableV1RoamNotify: pulumi.Bool(false),
    	DisableV2RoamNotify: pulumi.Bool(false),
    	DisableWmm:          pulumi.Bool(false),
    	DnsServerRewrite: &site.WlanDnsServerRewriteArgs{
    		Enabled: pulumi.Bool(false),
    		RadiusGroups: pulumi.StringMap{
    			"string": pulumi.String("string"),
    		},
    	},
    	Dtim: pulumi.Int(0),
    	DynamicPsk: &site.WlanDynamicPskArgs{
    		DefaultPsk:    pulumi.String("string"),
    		DefaultVlanId: pulumi.String("string"),
    		Enabled:       pulumi.Bool(false),
    		ForceLookup:   pulumi.Bool(false),
    		Source:        pulumi.String("string"),
    		VlanIds: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    	},
    	DynamicVlan: &site.WlanDynamicVlanArgs{
    		DefaultVlanIds: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		Enabled: pulumi.Bool(false),
    		LocalVlanIds: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		Type: pulumi.String("string"),
    		Vlans: pulumi.StringMap{
    			"string": pulumi.String("string"),
    		},
    	},
    	EnableLocalKeycaching:              pulumi.Bool(false),
    	EnableWirelessBridging:             pulumi.Bool(false),
    	EnableWirelessBridgingDhcpTracking: pulumi.Bool(false),
    	Enabled:                            pulumi.Bool(false),
    	FastDot1xTimers:                    pulumi.Bool(false),
    	HideSsid:                           pulumi.Bool(false),
    	HostnameIe:                         pulumi.Bool(false),
    	Hotspot20: &site.WlanHotspot20Args{
    		DomainNames: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		Enabled: pulumi.Bool(false),
    		NaiRealms: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		Operators: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		Rcois: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		VenueName: pulumi.String("string"),
    	},
    	InjectDhcpOption82: &site.WlanInjectDhcpOption82Args{
    		CircuitId: pulumi.String("string"),
    		Enabled:   pulumi.Bool(false),
    	},
    	Interface:          pulumi.String("string"),
    	Isolation:          pulumi.Bool(false),
    	L2Isolation:        pulumi.Bool(false),
    	LegacyOverds:       pulumi.Bool(false),
    	LimitBcast:         pulumi.Bool(false),
    	LimitProbeResponse: pulumi.Bool(false),
    	MaxIdletime:        pulumi.Int(0),
    	MistNac: &site.WlanMistNacArgs{
    		Enabled: pulumi.Bool(false),
    	},
    	MxtunnelIds: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	MxtunnelNames: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	NoStaticDns: pulumi.Bool(false),
    	NoStaticIp:  pulumi.Bool(false),
    	Portal: &site.WlanPortalArgs{
    		AmazonClientId:     pulumi.String("string"),
    		AmazonClientSecret: pulumi.String("string"),
    		AmazonEmailDomains: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		AmazonEnabled:        pulumi.Bool(false),
    		AmazonExpire:         pulumi.Float64(0),
    		Auth:                 pulumi.String("string"),
    		AzureClientId:        pulumi.String("string"),
    		AzureClientSecret:    pulumi.String("string"),
    		AzureEnabled:         pulumi.Bool(false),
    		AzureExpire:          pulumi.Float64(0),
    		AzureTenantId:        pulumi.String("string"),
    		BroadnetPassword:     pulumi.String("string"),
    		BroadnetSid:          pulumi.String("string"),
    		BroadnetUserId:       pulumi.String("string"),
    		BypassWhenCloudDown:  pulumi.Bool(false),
    		ClickatellApiKey:     pulumi.String("string"),
    		CrossSite:            pulumi.Bool(false),
    		EmailEnabled:         pulumi.Bool(false),
    		Enabled:              pulumi.Bool(false),
    		Expire:               pulumi.Float64(0),
    		ExternalPortalUrl:    pulumi.String("string"),
    		FacebookClientId:     pulumi.String("string"),
    		FacebookClientSecret: pulumi.String("string"),
    		FacebookEmailDomains: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		FacebookEnabled:    pulumi.Bool(false),
    		FacebookExpire:     pulumi.Float64(0),
    		Forward:            pulumi.Bool(false),
    		ForwardUrl:         pulumi.String("string"),
    		GoogleClientId:     pulumi.String("string"),
    		GoogleClientSecret: pulumi.String("string"),
    		GoogleEmailDomains: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		GoogleEnabled:         pulumi.Bool(false),
    		GoogleExpire:          pulumi.Float64(0),
    		GupshupPassword:       pulumi.String("string"),
    		GupshupUserid:         pulumi.String("string"),
    		MicrosoftClientId:     pulumi.String("string"),
    		MicrosoftClientSecret: pulumi.String("string"),
    		MicrosoftEmailDomains: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		MicrosoftEnabled:            pulumi.Bool(false),
    		MicrosoftExpire:             pulumi.Float64(0),
    		PassphraseEnabled:           pulumi.Bool(false),
    		PassphraseExpire:            pulumi.Float64(0),
    		Password:                    pulumi.String("string"),
    		PredefinedSponsorsEnabled:   pulumi.Bool(false),
    		PredefinedSponsorsHideEmail: pulumi.Bool(false),
    		Privacy:                     pulumi.Bool(false),
    		PuzzelPassword:              pulumi.String("string"),
    		PuzzelServiceId:             pulumi.String("string"),
    		PuzzelUsername:              pulumi.String("string"),
    		SmsEnabled:                  pulumi.Bool(false),
    		SmsExpire:                   pulumi.Float64(0),
    		SmsMessageFormat:            pulumi.String("string"),
    		SmsProvider:                 pulumi.String("string"),
    		SponsorAutoApprove:          pulumi.Bool(false),
    		SponsorEmailDomains: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		SponsorEnabled:              pulumi.Bool(false),
    		SponsorExpire:               pulumi.Float64(0),
    		SponsorLinkValidityDuration: pulumi.String("string"),
    		SponsorNotifyAll:            pulumi.Bool(false),
    		SponsorStatusNotify:         pulumi.Bool(false),
    		Sponsors: pulumi.StringMap{
    			"string": pulumi.String("string"),
    		},
    		SsoDefaultRole:      pulumi.String("string"),
    		SsoForcedRole:       pulumi.String("string"),
    		SsoIdpCert:          pulumi.String("string"),
    		SsoIdpSignAlgo:      pulumi.String("string"),
    		SsoIdpSsoUrl:        pulumi.String("string"),
    		SsoIssuer:           pulumi.String("string"),
    		SsoNameidFormat:     pulumi.String("string"),
    		TelstraClientId:     pulumi.String("string"),
    		TelstraClientSecret: pulumi.String("string"),
    		TwilioAuthToken:     pulumi.String("string"),
    		TwilioPhoneNumber:   pulumi.String("string"),
    		TwilioSid:           pulumi.String("string"),
    	},
    	PortalAllowedHostnames: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	PortalAllowedSubnets: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	PortalDeniedHostnames: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	Qos: &site.WlanQosArgs{
    		Class:     pulumi.String("string"),
    		Overwrite: pulumi.Bool(false),
    	},
    	Radsec: &site.WlanRadsecArgs{
    		CoaEnabled:  pulumi.Bool(false),
    		Enabled:     pulumi.Bool(false),
    		IdleTimeout: pulumi.Int(0),
    		MxclusterIds: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		ProxyHosts: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		ServerName: pulumi.String("string"),
    		Servers: site.WlanRadsecServerArray{
    			&site.WlanRadsecServerArgs{
    				Host: pulumi.String("string"),
    				Port: pulumi.Int(0),
    			},
    		},
    		UseMxedge:     pulumi.Bool(false),
    		UseSiteMxedge: pulumi.Bool(false),
    	},
    	RoamMode: pulumi.String("string"),
    	Schedule: &site.WlanScheduleArgs{
    		Enabled: pulumi.Bool(false),
    		Hours: &site.WlanScheduleHoursArgs{
    			Fri: pulumi.String("string"),
    			Mon: pulumi.String("string"),
    			Sat: pulumi.String("string"),
    			Sun: pulumi.String("string"),
    			Thu: pulumi.String("string"),
    			Tue: pulumi.String("string"),
    			Wed: pulumi.String("string"),
    		},
    	},
    	SleExcluded: pulumi.Bool(false),
    	UseEapolV1:  pulumi.Bool(false),
    	VlanEnabled: pulumi.Bool(false),
    	VlanId:      pulumi.String("string"),
    	VlanIds: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	VlanPooling:          pulumi.Bool(false),
    	WlanLimitDown:        pulumi.Int(0),
    	WlanLimitDownEnabled: pulumi.Bool(false),
    	WlanLimitUp:          pulumi.Int(0),
    	WlanLimitUpEnabled:   pulumi.Bool(false),
    	WxtagIds: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	WxtunnelId:       pulumi.String("string"),
    	WxtunnelRemoteId: pulumi.String("string"),
    })
    
    var junipermistWlanResource = new Wlan("junipermistWlanResource", WlanArgs.builder()
        .siteId("string")
        .ssid("string")
        .acctImmediateUpdate(false)
        .acctInterimInterval(0)
        .acctServers(WlanAcctServerArgs.builder()
            .host("string")
            .secret("string")
            .keywrapEnabled(false)
            .keywrapFormat("string")
            .keywrapKek("string")
            .keywrapMack("string")
            .port(0)
            .build())
        .airwatch(WlanAirwatchArgs.builder()
            .apiKey("string")
            .consoleUrl("string")
            .password("string")
            .username("string")
            .enabled(false)
            .build())
        .allowIpv6Ndp(false)
        .allowMdns(false)
        .allowSsdp(false)
        .apIds("string")
        .appLimit(WlanAppLimitArgs.builder()
            .apps(Map.of("string", 0))
            .enabled(false)
            .wxtagIds(Map.of("string", 0))
            .build())
        .appQos(WlanAppQosArgs.builder()
            .apps(Map.of("string", Map.ofEntries(
                Map.entry("dscp", 0),
                Map.entry("dstSubnet", "string"),
                Map.entry("srcSubnet", "string")
            )))
            .enabled(false)
            .others(WlanAppQosOtherArgs.builder()
                .dscp(0)
                .dstSubnet("string")
                .portRanges("string")
                .protocol("string")
                .srcSubnet("string")
                .build())
            .build())
        .applyTo("string")
        .arpFilter(false)
        .auth(WlanAuthArgs.builder()
            .anticlogThreshold(0)
            .eapReauth(false)
            .enableMacAuth(false)
            .keyIdx(0)
            .keys("string")
            .multiPskOnly(false)
            .owe("string")
            .pairwises("string")
            .privateWlan(false)
            .psk("string")
            .type("string")
            .wepAsSecondaryAuth(false)
            .build())
        .authServerSelection("string")
        .authServers(WlanAuthServerArgs.builder()
            .host("string")
            .secret("string")
            .keywrapEnabled(false)
            .keywrapFormat("string")
            .keywrapKek("string")
            .keywrapMack("string")
            .port(0)
            .build())
        .authServersNasId("string")
        .authServersNasIp("string")
        .authServersRetries(0)
        .authServersTimeout(0)
        .bandSteer(false)
        .bandSteerForceBand5(false)
        .bands("string")
        .blockBlacklistClients(false)
        .bonjour(WlanBonjourArgs.builder()
            .additionalVlanIds("string")
            .services(Map.of("string", Map.ofEntries(
                Map.entry("disableLocal", false),
                Map.entry("radiusGroups", "string"),
                Map.entry("scope", "string")
            )))
            .enabled(false)
            .build())
        .ciscoCwa(WlanCiscoCwaArgs.builder()
            .allowedHostnames("string")
            .allowedSubnets("string")
            .blockedSubnets("string")
            .enabled(false)
            .build())
        .clientLimitDown(0)
        .clientLimitDownEnabled(false)
        .clientLimitUp(0)
        .clientLimitUpEnabled(false)
        .coaServers(WlanCoaServerArgs.builder()
            .ip("string")
            .secret("string")
            .disableEventTimestampCheck(false)
            .enabled(false)
            .port(0)
            .build())
        .disable11ax(false)
        .disableHtVhtRates(false)
        .disableUapsd(false)
        .disableV1RoamNotify(false)
        .disableV2RoamNotify(false)
        .disableWmm(false)
        .dnsServerRewrite(WlanDnsServerRewriteArgs.builder()
            .enabled(false)
            .radiusGroups(Map.of("string", "string"))
            .build())
        .dtim(0)
        .dynamicPsk(WlanDynamicPskArgs.builder()
            .defaultPsk("string")
            .defaultVlanId("string")
            .enabled(false)
            .forceLookup(false)
            .source("string")
            .vlanIds("string")
            .build())
        .dynamicVlan(WlanDynamicVlanArgs.builder()
            .defaultVlanIds("string")
            .enabled(false)
            .localVlanIds("string")
            .type("string")
            .vlans(Map.of("string", "string"))
            .build())
        .enableLocalKeycaching(false)
        .enableWirelessBridging(false)
        .enableWirelessBridgingDhcpTracking(false)
        .enabled(false)
        .fastDot1xTimers(false)
        .hideSsid(false)
        .hostnameIe(false)
        .hotspot20(WlanHotspot20Args.builder()
            .domainNames("string")
            .enabled(false)
            .naiRealms("string")
            .operators("string")
            .rcois("string")
            .venueName("string")
            .build())
        .injectDhcpOption82(WlanInjectDhcpOption82Args.builder()
            .circuitId("string")
            .enabled(false)
            .build())
        .interface_("string")
        .isolation(false)
        .l2Isolation(false)
        .legacyOverds(false)
        .limitBcast(false)
        .limitProbeResponse(false)
        .maxIdletime(0)
        .mistNac(WlanMistNacArgs.builder()
            .enabled(false)
            .build())
        .mxtunnelIds("string")
        .mxtunnelNames("string")
        .noStaticDns(false)
        .noStaticIp(false)
        .portal(WlanPortalArgs.builder()
            .amazonClientId("string")
            .amazonClientSecret("string")
            .amazonEmailDomains("string")
            .amazonEnabled(false)
            .amazonExpire(0)
            .auth("string")
            .azureClientId("string")
            .azureClientSecret("string")
            .azureEnabled(false)
            .azureExpire(0)
            .azureTenantId("string")
            .broadnetPassword("string")
            .broadnetSid("string")
            .broadnetUserId("string")
            .bypassWhenCloudDown(false)
            .clickatellApiKey("string")
            .crossSite(false)
            .emailEnabled(false)
            .enabled(false)
            .expire(0)
            .externalPortalUrl("string")
            .facebookClientId("string")
            .facebookClientSecret("string")
            .facebookEmailDomains("string")
            .facebookEnabled(false)
            .facebookExpire(0)
            .forward(false)
            .forwardUrl("string")
            .googleClientId("string")
            .googleClientSecret("string")
            .googleEmailDomains("string")
            .googleEnabled(false)
            .googleExpire(0)
            .gupshupPassword("string")
            .gupshupUserid("string")
            .microsoftClientId("string")
            .microsoftClientSecret("string")
            .microsoftEmailDomains("string")
            .microsoftEnabled(false)
            .microsoftExpire(0)
            .passphraseEnabled(false)
            .passphraseExpire(0)
            .password("string")
            .predefinedSponsorsEnabled(false)
            .predefinedSponsorsHideEmail(false)
            .privacy(false)
            .puzzelPassword("string")
            .puzzelServiceId("string")
            .puzzelUsername("string")
            .smsEnabled(false)
            .smsExpire(0)
            .smsMessageFormat("string")
            .smsProvider("string")
            .sponsorAutoApprove(false)
            .sponsorEmailDomains("string")
            .sponsorEnabled(false)
            .sponsorExpire(0)
            .sponsorLinkValidityDuration("string")
            .sponsorNotifyAll(false)
            .sponsorStatusNotify(false)
            .sponsors(Map.of("string", "string"))
            .ssoDefaultRole("string")
            .ssoForcedRole("string")
            .ssoIdpCert("string")
            .ssoIdpSignAlgo("string")
            .ssoIdpSsoUrl("string")
            .ssoIssuer("string")
            .ssoNameidFormat("string")
            .telstraClientId("string")
            .telstraClientSecret("string")
            .twilioAuthToken("string")
            .twilioPhoneNumber("string")
            .twilioSid("string")
            .build())
        .portalAllowedHostnames("string")
        .portalAllowedSubnets("string")
        .portalDeniedHostnames("string")
        .qos(WlanQosArgs.builder()
            .class_("string")
            .overwrite(false)
            .build())
        .radsec(WlanRadsecArgs.builder()
            .coaEnabled(false)
            .enabled(false)
            .idleTimeout(0)
            .mxclusterIds("string")
            .proxyHosts("string")
            .serverName("string")
            .servers(WlanRadsecServerArgs.builder()
                .host("string")
                .port(0)
                .build())
            .useMxedge(false)
            .useSiteMxedge(false)
            .build())
        .roamMode("string")
        .schedule(WlanScheduleArgs.builder()
            .enabled(false)
            .hours(WlanScheduleHoursArgs.builder()
                .fri("string")
                .mon("string")
                .sat("string")
                .sun("string")
                .thu("string")
                .tue("string")
                .wed("string")
                .build())
            .build())
        .sleExcluded(false)
        .useEapolV1(false)
        .vlanEnabled(false)
        .vlanId("string")
        .vlanIds("string")
        .vlanPooling(false)
        .wlanLimitDown(0)
        .wlanLimitDownEnabled(false)
        .wlanLimitUp(0)
        .wlanLimitUpEnabled(false)
        .wxtagIds("string")
        .wxtunnelId("string")
        .wxtunnelRemoteId("string")
        .build());
    
    junipermist_wlan_resource = junipermist.site.Wlan("junipermistWlanResource",
        site_id="string",
        ssid="string",
        acct_immediate_update=False,
        acct_interim_interval=0,
        acct_servers=[{
            "host": "string",
            "secret": "string",
            "keywrap_enabled": False,
            "keywrap_format": "string",
            "keywrap_kek": "string",
            "keywrap_mack": "string",
            "port": 0,
        }],
        airwatch={
            "api_key": "string",
            "console_url": "string",
            "password": "string",
            "username": "string",
            "enabled": False,
        },
        allow_ipv6_ndp=False,
        allow_mdns=False,
        allow_ssdp=False,
        ap_ids=["string"],
        app_limit={
            "apps": {
                "string": 0,
            },
            "enabled": False,
            "wxtag_ids": {
                "string": 0,
            },
        },
        app_qos={
            "apps": {
                "string": {
                    "dscp": 0,
                    "dst_subnet": "string",
                    "src_subnet": "string",
                },
            },
            "enabled": False,
            "others": [{
                "dscp": 0,
                "dst_subnet": "string",
                "port_ranges": "string",
                "protocol": "string",
                "src_subnet": "string",
            }],
        },
        apply_to="string",
        arp_filter=False,
        auth={
            "anticlog_threshold": 0,
            "eap_reauth": False,
            "enable_mac_auth": False,
            "key_idx": 0,
            "keys": ["string"],
            "multi_psk_only": False,
            "owe": "string",
            "pairwises": ["string"],
            "private_wlan": False,
            "psk": "string",
            "type": "string",
            "wep_as_secondary_auth": False,
        },
        auth_server_selection="string",
        auth_servers=[{
            "host": "string",
            "secret": "string",
            "keywrap_enabled": False,
            "keywrap_format": "string",
            "keywrap_kek": "string",
            "keywrap_mack": "string",
            "port": 0,
        }],
        auth_servers_nas_id="string",
        auth_servers_nas_ip="string",
        auth_servers_retries=0,
        auth_servers_timeout=0,
        band_steer=False,
        band_steer_force_band5=False,
        bands=["string"],
        block_blacklist_clients=False,
        bonjour={
            "additional_vlan_ids": ["string"],
            "services": {
                "string": {
                    "disable_local": False,
                    "radius_groups": ["string"],
                    "scope": "string",
                },
            },
            "enabled": False,
        },
        cisco_cwa={
            "allowed_hostnames": ["string"],
            "allowed_subnets": ["string"],
            "blocked_subnets": ["string"],
            "enabled": False,
        },
        client_limit_down=0,
        client_limit_down_enabled=False,
        client_limit_up=0,
        client_limit_up_enabled=False,
        coa_servers=[{
            "ip": "string",
            "secret": "string",
            "disable_event_timestamp_check": False,
            "enabled": False,
            "port": 0,
        }],
        disable11ax=False,
        disable_ht_vht_rates=False,
        disable_uapsd=False,
        disable_v1_roam_notify=False,
        disable_v2_roam_notify=False,
        disable_wmm=False,
        dns_server_rewrite={
            "enabled": False,
            "radius_groups": {
                "string": "string",
            },
        },
        dtim=0,
        dynamic_psk={
            "default_psk": "string",
            "default_vlan_id": "string",
            "enabled": False,
            "force_lookup": False,
            "source": "string",
            "vlan_ids": ["string"],
        },
        dynamic_vlan={
            "default_vlan_ids": ["string"],
            "enabled": False,
            "local_vlan_ids": ["string"],
            "type": "string",
            "vlans": {
                "string": "string",
            },
        },
        enable_local_keycaching=False,
        enable_wireless_bridging=False,
        enable_wireless_bridging_dhcp_tracking=False,
        enabled=False,
        fast_dot1x_timers=False,
        hide_ssid=False,
        hostname_ie=False,
        hotspot20={
            "domain_names": ["string"],
            "enabled": False,
            "nai_realms": ["string"],
            "operators": ["string"],
            "rcois": ["string"],
            "venue_name": "string",
        },
        inject_dhcp_option82={
            "circuit_id": "string",
            "enabled": False,
        },
        interface="string",
        isolation=False,
        l2_isolation=False,
        legacy_overds=False,
        limit_bcast=False,
        limit_probe_response=False,
        max_idletime=0,
        mist_nac={
            "enabled": False,
        },
        mxtunnel_ids=["string"],
        mxtunnel_names=["string"],
        no_static_dns=False,
        no_static_ip=False,
        portal={
            "amazon_client_id": "string",
            "amazon_client_secret": "string",
            "amazon_email_domains": ["string"],
            "amazon_enabled": False,
            "amazon_expire": 0,
            "auth": "string",
            "azure_client_id": "string",
            "azure_client_secret": "string",
            "azure_enabled": False,
            "azure_expire": 0,
            "azure_tenant_id": "string",
            "broadnet_password": "string",
            "broadnet_sid": "string",
            "broadnet_user_id": "string",
            "bypass_when_cloud_down": False,
            "clickatell_api_key": "string",
            "cross_site": False,
            "email_enabled": False,
            "enabled": False,
            "expire": 0,
            "external_portal_url": "string",
            "facebook_client_id": "string",
            "facebook_client_secret": "string",
            "facebook_email_domains": ["string"],
            "facebook_enabled": False,
            "facebook_expire": 0,
            "forward": False,
            "forward_url": "string",
            "google_client_id": "string",
            "google_client_secret": "string",
            "google_email_domains": ["string"],
            "google_enabled": False,
            "google_expire": 0,
            "gupshup_password": "string",
            "gupshup_userid": "string",
            "microsoft_client_id": "string",
            "microsoft_client_secret": "string",
            "microsoft_email_domains": ["string"],
            "microsoft_enabled": False,
            "microsoft_expire": 0,
            "passphrase_enabled": False,
            "passphrase_expire": 0,
            "password": "string",
            "predefined_sponsors_enabled": False,
            "predefined_sponsors_hide_email": False,
            "privacy": False,
            "puzzel_password": "string",
            "puzzel_service_id": "string",
            "puzzel_username": "string",
            "sms_enabled": False,
            "sms_expire": 0,
            "sms_message_format": "string",
            "sms_provider": "string",
            "sponsor_auto_approve": False,
            "sponsor_email_domains": ["string"],
            "sponsor_enabled": False,
            "sponsor_expire": 0,
            "sponsor_link_validity_duration": "string",
            "sponsor_notify_all": False,
            "sponsor_status_notify": False,
            "sponsors": {
                "string": "string",
            },
            "sso_default_role": "string",
            "sso_forced_role": "string",
            "sso_idp_cert": "string",
            "sso_idp_sign_algo": "string",
            "sso_idp_sso_url": "string",
            "sso_issuer": "string",
            "sso_nameid_format": "string",
            "telstra_client_id": "string",
            "telstra_client_secret": "string",
            "twilio_auth_token": "string",
            "twilio_phone_number": "string",
            "twilio_sid": "string",
        },
        portal_allowed_hostnames=["string"],
        portal_allowed_subnets=["string"],
        portal_denied_hostnames=["string"],
        qos={
            "class_": "string",
            "overwrite": False,
        },
        radsec={
            "coa_enabled": False,
            "enabled": False,
            "idle_timeout": 0,
            "mxcluster_ids": ["string"],
            "proxy_hosts": ["string"],
            "server_name": "string",
            "servers": [{
                "host": "string",
                "port": 0,
            }],
            "use_mxedge": False,
            "use_site_mxedge": False,
        },
        roam_mode="string",
        schedule={
            "enabled": False,
            "hours": {
                "fri": "string",
                "mon": "string",
                "sat": "string",
                "sun": "string",
                "thu": "string",
                "tue": "string",
                "wed": "string",
            },
        },
        sle_excluded=False,
        use_eapol_v1=False,
        vlan_enabled=False,
        vlan_id="string",
        vlan_ids=["string"],
        vlan_pooling=False,
        wlan_limit_down=0,
        wlan_limit_down_enabled=False,
        wlan_limit_up=0,
        wlan_limit_up_enabled=False,
        wxtag_ids=["string"],
        wxtunnel_id="string",
        wxtunnel_remote_id="string")
    
    const junipermistWlanResource = new junipermist.site.Wlan("junipermistWlanResource", {
        siteId: "string",
        ssid: "string",
        acctImmediateUpdate: false,
        acctInterimInterval: 0,
        acctServers: [{
            host: "string",
            secret: "string",
            keywrapEnabled: false,
            keywrapFormat: "string",
            keywrapKek: "string",
            keywrapMack: "string",
            port: 0,
        }],
        airwatch: {
            apiKey: "string",
            consoleUrl: "string",
            password: "string",
            username: "string",
            enabled: false,
        },
        allowIpv6Ndp: false,
        allowMdns: false,
        allowSsdp: false,
        apIds: ["string"],
        appLimit: {
            apps: {
                string: 0,
            },
            enabled: false,
            wxtagIds: {
                string: 0,
            },
        },
        appQos: {
            apps: {
                string: {
                    dscp: 0,
                    dstSubnet: "string",
                    srcSubnet: "string",
                },
            },
            enabled: false,
            others: [{
                dscp: 0,
                dstSubnet: "string",
                portRanges: "string",
                protocol: "string",
                srcSubnet: "string",
            }],
        },
        applyTo: "string",
        arpFilter: false,
        auth: {
            anticlogThreshold: 0,
            eapReauth: false,
            enableMacAuth: false,
            keyIdx: 0,
            keys: ["string"],
            multiPskOnly: false,
            owe: "string",
            pairwises: ["string"],
            privateWlan: false,
            psk: "string",
            type: "string",
            wepAsSecondaryAuth: false,
        },
        authServerSelection: "string",
        authServers: [{
            host: "string",
            secret: "string",
            keywrapEnabled: false,
            keywrapFormat: "string",
            keywrapKek: "string",
            keywrapMack: "string",
            port: 0,
        }],
        authServersNasId: "string",
        authServersNasIp: "string",
        authServersRetries: 0,
        authServersTimeout: 0,
        bandSteer: false,
        bandSteerForceBand5: false,
        bands: ["string"],
        blockBlacklistClients: false,
        bonjour: {
            additionalVlanIds: ["string"],
            services: {
                string: {
                    disableLocal: false,
                    radiusGroups: ["string"],
                    scope: "string",
                },
            },
            enabled: false,
        },
        ciscoCwa: {
            allowedHostnames: ["string"],
            allowedSubnets: ["string"],
            blockedSubnets: ["string"],
            enabled: false,
        },
        clientLimitDown: 0,
        clientLimitDownEnabled: false,
        clientLimitUp: 0,
        clientLimitUpEnabled: false,
        coaServers: [{
            ip: "string",
            secret: "string",
            disableEventTimestampCheck: false,
            enabled: false,
            port: 0,
        }],
        disable11ax: false,
        disableHtVhtRates: false,
        disableUapsd: false,
        disableV1RoamNotify: false,
        disableV2RoamNotify: false,
        disableWmm: false,
        dnsServerRewrite: {
            enabled: false,
            radiusGroups: {
                string: "string",
            },
        },
        dtim: 0,
        dynamicPsk: {
            defaultPsk: "string",
            defaultVlanId: "string",
            enabled: false,
            forceLookup: false,
            source: "string",
            vlanIds: ["string"],
        },
        dynamicVlan: {
            defaultVlanIds: ["string"],
            enabled: false,
            localVlanIds: ["string"],
            type: "string",
            vlans: {
                string: "string",
            },
        },
        enableLocalKeycaching: false,
        enableWirelessBridging: false,
        enableWirelessBridgingDhcpTracking: false,
        enabled: false,
        fastDot1xTimers: false,
        hideSsid: false,
        hostnameIe: false,
        hotspot20: {
            domainNames: ["string"],
            enabled: false,
            naiRealms: ["string"],
            operators: ["string"],
            rcois: ["string"],
            venueName: "string",
        },
        injectDhcpOption82: {
            circuitId: "string",
            enabled: false,
        },
        "interface": "string",
        isolation: false,
        l2Isolation: false,
        legacyOverds: false,
        limitBcast: false,
        limitProbeResponse: false,
        maxIdletime: 0,
        mistNac: {
            enabled: false,
        },
        mxtunnelIds: ["string"],
        mxtunnelNames: ["string"],
        noStaticDns: false,
        noStaticIp: false,
        portal: {
            amazonClientId: "string",
            amazonClientSecret: "string",
            amazonEmailDomains: ["string"],
            amazonEnabled: false,
            amazonExpire: 0,
            auth: "string",
            azureClientId: "string",
            azureClientSecret: "string",
            azureEnabled: false,
            azureExpire: 0,
            azureTenantId: "string",
            broadnetPassword: "string",
            broadnetSid: "string",
            broadnetUserId: "string",
            bypassWhenCloudDown: false,
            clickatellApiKey: "string",
            crossSite: false,
            emailEnabled: false,
            enabled: false,
            expire: 0,
            externalPortalUrl: "string",
            facebookClientId: "string",
            facebookClientSecret: "string",
            facebookEmailDomains: ["string"],
            facebookEnabled: false,
            facebookExpire: 0,
            forward: false,
            forwardUrl: "string",
            googleClientId: "string",
            googleClientSecret: "string",
            googleEmailDomains: ["string"],
            googleEnabled: false,
            googleExpire: 0,
            gupshupPassword: "string",
            gupshupUserid: "string",
            microsoftClientId: "string",
            microsoftClientSecret: "string",
            microsoftEmailDomains: ["string"],
            microsoftEnabled: false,
            microsoftExpire: 0,
            passphraseEnabled: false,
            passphraseExpire: 0,
            password: "string",
            predefinedSponsorsEnabled: false,
            predefinedSponsorsHideEmail: false,
            privacy: false,
            puzzelPassword: "string",
            puzzelServiceId: "string",
            puzzelUsername: "string",
            smsEnabled: false,
            smsExpire: 0,
            smsMessageFormat: "string",
            smsProvider: "string",
            sponsorAutoApprove: false,
            sponsorEmailDomains: ["string"],
            sponsorEnabled: false,
            sponsorExpire: 0,
            sponsorLinkValidityDuration: "string",
            sponsorNotifyAll: false,
            sponsorStatusNotify: false,
            sponsors: {
                string: "string",
            },
            ssoDefaultRole: "string",
            ssoForcedRole: "string",
            ssoIdpCert: "string",
            ssoIdpSignAlgo: "string",
            ssoIdpSsoUrl: "string",
            ssoIssuer: "string",
            ssoNameidFormat: "string",
            telstraClientId: "string",
            telstraClientSecret: "string",
            twilioAuthToken: "string",
            twilioPhoneNumber: "string",
            twilioSid: "string",
        },
        portalAllowedHostnames: ["string"],
        portalAllowedSubnets: ["string"],
        portalDeniedHostnames: ["string"],
        qos: {
            "class": "string",
            overwrite: false,
        },
        radsec: {
            coaEnabled: false,
            enabled: false,
            idleTimeout: 0,
            mxclusterIds: ["string"],
            proxyHosts: ["string"],
            serverName: "string",
            servers: [{
                host: "string",
                port: 0,
            }],
            useMxedge: false,
            useSiteMxedge: false,
        },
        roamMode: "string",
        schedule: {
            enabled: false,
            hours: {
                fri: "string",
                mon: "string",
                sat: "string",
                sun: "string",
                thu: "string",
                tue: "string",
                wed: "string",
            },
        },
        sleExcluded: false,
        useEapolV1: false,
        vlanEnabled: false,
        vlanId: "string",
        vlanIds: ["string"],
        vlanPooling: false,
        wlanLimitDown: 0,
        wlanLimitDownEnabled: false,
        wlanLimitUp: 0,
        wlanLimitUpEnabled: false,
        wxtagIds: ["string"],
        wxtunnelId: "string",
        wxtunnelRemoteId: "string",
    });
    
    type: junipermist:site:Wlan
    properties:
        acctImmediateUpdate: false
        acctInterimInterval: 0
        acctServers:
            - host: string
              keywrapEnabled: false
              keywrapFormat: string
              keywrapKek: string
              keywrapMack: string
              port: 0
              secret: string
        airwatch:
            apiKey: string
            consoleUrl: string
            enabled: false
            password: string
            username: string
        allowIpv6Ndp: false
        allowMdns: false
        allowSsdp: false
        apIds:
            - string
        appLimit:
            apps:
                string: 0
            enabled: false
            wxtagIds:
                string: 0
        appQos:
            apps:
                string:
                    dscp: 0
                    dstSubnet: string
                    srcSubnet: string
            enabled: false
            others:
                - dscp: 0
                  dstSubnet: string
                  portRanges: string
                  protocol: string
                  srcSubnet: string
        applyTo: string
        arpFilter: false
        auth:
            anticlogThreshold: 0
            eapReauth: false
            enableMacAuth: false
            keyIdx: 0
            keys:
                - string
            multiPskOnly: false
            owe: string
            pairwises:
                - string
            privateWlan: false
            psk: string
            type: string
            wepAsSecondaryAuth: false
        authServerSelection: string
        authServers:
            - host: string
              keywrapEnabled: false
              keywrapFormat: string
              keywrapKek: string
              keywrapMack: string
              port: 0
              secret: string
        authServersNasId: string
        authServersNasIp: string
        authServersRetries: 0
        authServersTimeout: 0
        bandSteer: false
        bandSteerForceBand5: false
        bands:
            - string
        blockBlacklistClients: false
        bonjour:
            additionalVlanIds:
                - string
            enabled: false
            services:
                string:
                    disableLocal: false
                    radiusGroups:
                        - string
                    scope: string
        ciscoCwa:
            allowedHostnames:
                - string
            allowedSubnets:
                - string
            blockedSubnets:
                - string
            enabled: false
        clientLimitDown: 0
        clientLimitDownEnabled: false
        clientLimitUp: 0
        clientLimitUpEnabled: false
        coaServers:
            - disableEventTimestampCheck: false
              enabled: false
              ip: string
              port: 0
              secret: string
        disable11ax: false
        disableHtVhtRates: false
        disableUapsd: false
        disableV1RoamNotify: false
        disableV2RoamNotify: false
        disableWmm: false
        dnsServerRewrite:
            enabled: false
            radiusGroups:
                string: string
        dtim: 0
        dynamicPsk:
            defaultPsk: string
            defaultVlanId: string
            enabled: false
            forceLookup: false
            source: string
            vlanIds:
                - string
        dynamicVlan:
            defaultVlanIds:
                - string
            enabled: false
            localVlanIds:
                - string
            type: string
            vlans:
                string: string
        enableLocalKeycaching: false
        enableWirelessBridging: false
        enableWirelessBridgingDhcpTracking: false
        enabled: false
        fastDot1xTimers: false
        hideSsid: false
        hostnameIe: false
        hotspot20:
            domainNames:
                - string
            enabled: false
            naiRealms:
                - string
            operators:
                - string
            rcois:
                - string
            venueName: string
        injectDhcpOption82:
            circuitId: string
            enabled: false
        interface: string
        isolation: false
        l2Isolation: false
        legacyOverds: false
        limitBcast: false
        limitProbeResponse: false
        maxIdletime: 0
        mistNac:
            enabled: false
        mxtunnelIds:
            - string
        mxtunnelNames:
            - string
        noStaticDns: false
        noStaticIp: false
        portal:
            amazonClientId: string
            amazonClientSecret: string
            amazonEmailDomains:
                - string
            amazonEnabled: false
            amazonExpire: 0
            auth: string
            azureClientId: string
            azureClientSecret: string
            azureEnabled: false
            azureExpire: 0
            azureTenantId: string
            broadnetPassword: string
            broadnetSid: string
            broadnetUserId: string
            bypassWhenCloudDown: false
            clickatellApiKey: string
            crossSite: false
            emailEnabled: false
            enabled: false
            expire: 0
            externalPortalUrl: string
            facebookClientId: string
            facebookClientSecret: string
            facebookEmailDomains:
                - string
            facebookEnabled: false
            facebookExpire: 0
            forward: false
            forwardUrl: string
            googleClientId: string
            googleClientSecret: string
            googleEmailDomains:
                - string
            googleEnabled: false
            googleExpire: 0
            gupshupPassword: string
            gupshupUserid: string
            microsoftClientId: string
            microsoftClientSecret: string
            microsoftEmailDomains:
                - string
            microsoftEnabled: false
            microsoftExpire: 0
            passphraseEnabled: false
            passphraseExpire: 0
            password: string
            predefinedSponsorsEnabled: false
            predefinedSponsorsHideEmail: false
            privacy: false
            puzzelPassword: string
            puzzelServiceId: string
            puzzelUsername: string
            smsEnabled: false
            smsExpire: 0
            smsMessageFormat: string
            smsProvider: string
            sponsorAutoApprove: false
            sponsorEmailDomains:
                - string
            sponsorEnabled: false
            sponsorExpire: 0
            sponsorLinkValidityDuration: string
            sponsorNotifyAll: false
            sponsorStatusNotify: false
            sponsors:
                string: string
            ssoDefaultRole: string
            ssoForcedRole: string
            ssoIdpCert: string
            ssoIdpSignAlgo: string
            ssoIdpSsoUrl: string
            ssoIssuer: string
            ssoNameidFormat: string
            telstraClientId: string
            telstraClientSecret: string
            twilioAuthToken: string
            twilioPhoneNumber: string
            twilioSid: string
        portalAllowedHostnames:
            - string
        portalAllowedSubnets:
            - string
        portalDeniedHostnames:
            - string
        qos:
            class: string
            overwrite: false
        radsec:
            coaEnabled: false
            enabled: false
            idleTimeout: 0
            mxclusterIds:
                - string
            proxyHosts:
                - string
            serverName: string
            servers:
                - host: string
                  port: 0
            useMxedge: false
            useSiteMxedge: false
        roamMode: string
        schedule:
            enabled: false
            hours:
                fri: string
                mon: string
                sat: string
                sun: string
                thu: string
                tue: string
                wed: string
        siteId: string
        sleExcluded: false
        ssid: string
        useEapolV1: false
        vlanEnabled: false
        vlanId: string
        vlanIds:
            - string
        vlanPooling: false
        wlanLimitDown: 0
        wlanLimitDownEnabled: false
        wlanLimitUp: 0
        wlanLimitUpEnabled: false
        wxtagIds:
            - string
        wxtunnelId: string
        wxtunnelRemoteId: string
    

    Wlan Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The Wlan resource accepts the following input properties:

    SiteId string
    Ssid string
    the name of the SSID
    AcctImmediateUpdate bool
    enable coa-immediate-update and address-change-immediate-update on the access profile.
    AcctInterimInterval int
    how frequently should interim accounting be reported, 60-65535. default is 0 (use one specified in Access-Accept request from RADIUS Server). Very frequent messages can affect the performance of the radius server, 600 and up is recommended when enabled
    AcctServers List<Pulumi.JuniperMist.Site.Inputs.WlanAcctServer>
    list of RADIUS accounting servers, optional, order matters where the first one is treated as primary
    Airwatch Pulumi.JuniperMist.Site.Inputs.WlanAirwatch
    airwatch wlan settings
    AllowIpv6Ndp bool
    only applicable when limit_bcast==true, which allows or disallows ipv6 Neighbor Discovery packets to go through
    AllowMdns bool
    only applicable when limit_bcast==true, which allows mDNS / Bonjour packets to go through
    AllowSsdp bool
    only applicable when limit_bcast==true, which allows SSDP
    ApIds List<string>
    list of device ids
    AppLimit Pulumi.JuniperMist.Site.Inputs.WlanAppLimit
    bandwidth limiting for apps (applies to up/down)
    AppQos Pulumi.JuniperMist.Site.Inputs.WlanAppQos
    app qos wlan settings
    ApplyTo string
    enum: aps, site, wxtags
    ArpFilter bool
    whether to enable smart arp filter
    Auth Pulumi.JuniperMist.Site.Inputs.WlanAuth
    authentication wlan settings
    AuthServerSelection string
    When ordered, AP will prefer and go back to the first server if possible. enum: ordered, unordered
    AuthServers List<Pulumi.JuniperMist.Site.Inputs.WlanAuthServer>
    list of RADIUS authentication servers, at least one is needed if auth type==eap, order matters where the first one is treated as primary
    AuthServersNasId string
    optional, up to 48 bytes, will be dynamically generated if not provided. used only for authentication servers
    AuthServersNasIp string
    optional, NAS-IP-ADDRESS to use
    AuthServersRetries int
    radius auth session retries. Following fast timers are set if “fast_dot1x_timers” knob is enabled. ‘retries’ are set to value of auth_servers_retries. ‘max-requests’ is also set when setting auth_servers_retries and is set to default value to 3.
    AuthServersTimeout int
    radius auth session timeout. Following fast timers are set if “fast_dot1x_timers” knob is enabled. ‘quite-period’ and ‘transmit-period’ are set to half the value of auth_servers_timeout. ‘supplicant-timeout’ is also set when setting auth_servers_timeout and is set to default value of 10.
    BandSteer bool
    whether to enable band_steering, this works only when band==both
    BandSteerForceBand5 bool
    force dual_band capable client to connect to 5G
    Bands List<string>
    list of radios that the wlan should apply to. enum: 24, 5, 6
    BlockBlacklistClients bool
    whether to block the clients in the blacklist (up to first 256 macs)
    Bonjour Pulumi.JuniperMist.Site.Inputs.WlanBonjour
    bonjour gateway wlan settings
    CiscoCwa Pulumi.JuniperMist.Site.Inputs.WlanCiscoCwa
    Cisco CWA (central web authentication) required RADIUS with COA in order to work. See CWA: https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/115732-central-web-auth-00.html
    ClientLimitDown int
    kbps
    ClientLimitDownEnabled bool
    if downlink limiting per-client is enabled
    ClientLimitUp int
    kbps
    ClientLimitUpEnabled bool
    if uplink limiting per-client is enabled
    CoaServers List<Pulumi.JuniperMist.Site.Inputs.WlanCoaServer>
    list of COA (change of authorization) servers, optional
    Disable11ax bool
    some old WLAN drivers may not be compatible
    DisableHtVhtRates bool
    to disable ht or vht rates
    DisableUapsd bool
    whether to disable U-APSD
    DisableV1RoamNotify bool
    disable sending v2 roam notification messages
    DisableV2RoamNotify bool
    disable sending v2 roam notification messages
    DisableWmm bool
    whether to disable WMM
    DnsServerRewrite Pulumi.JuniperMist.Site.Inputs.WlanDnsServerRewrite
    for radius_group-based DNS server (rewrite DNS request depending on the Group RADIUS server returns)
    Dtim int
    DynamicPsk Pulumi.JuniperMist.Site.Inputs.WlanDynamicPsk
    for dynamic PSK where we get per_user PSK from Radius. dynamic_psk allows PSK to be selected at runtime depending on context (wlan/site/user/...) thus following configurations are assumed (currently) * PSK will come from RADIUS server * AP sends client MAC as username ans password (i.e. enable_mac_auth is assumed) * AP sends BSSID:SSID as Caller-Station-ID * auth_servers is required * PSK will come from cloud WLC if source is cloud_psks * default_psk will be used if cloud WLC is not available * multi_psk_only and psk is ignored * pairwise can only be wpa2-ccmp (for now, wpa3 support on the roadmap)
    DynamicVlan Pulumi.JuniperMist.Site.Inputs.WlanDynamicVlan
    for 802.1x
    EnableLocalKeycaching bool
    enable AP-AP keycaching via multicast
    EnableWirelessBridging bool
    by default, we'd inspect all DHCP packets and drop those unrelated to the wireless client itself in the case where client is a wireless bridge (DHCP packets for other MACs will need to be orwarded), wireless_bridging can be enabled
    EnableWirelessBridgingDhcpTracking bool
    if the client bridge is doing DHCP on behalf of other devices (L2-NAT), enable dhcp_tracking will cut down DHCP response packets to be forwarded to wireless
    Enabled bool
    if this wlan is enabled
    FastDot1xTimers bool
    if set to true, sets default fast-timers with values calculated from ‘auth_servers_timeout’ and ‘auth_server_retries’ .
    HideSsid bool
    whether to hide SSID in beacon
    HostnameIe bool
    include hostname inside IE in AP beacons / probe responses
    Hotspot20 Pulumi.JuniperMist.Site.Inputs.WlanHotspot20
    hostspot 2.0 wlan settings
    InjectDhcpOption82 Pulumi.JuniperMist.Site.Inputs.WlanInjectDhcpOption82
    Interface string
    where this WLAN will be connected to. enum: all, eth0, eth1, eth2, eth3, mxtunnel, site_mxedge, wxtunnel
    Isolation bool
    whether to stop clients to talk to each other
    L2Isolation bool
    if isolation is enabled, whether to deny clients to talk to L2 on the LAN
    LegacyOverds bool
    legacy devices requires the Over-DS (for Fast BSS Transition) bit set (while our chip doesn’t support it). Warning! Enabling this will cause problem for iOS devices.
    LimitBcast bool
    whether to limit broadcast packets going to wireless (i.e. only allow certain bcast packets to go through)
    LimitProbeResponse bool
    limit probe response base on some heuristic rules
    MaxIdletime int
    max idle time in seconds
    MistNac Pulumi.JuniperMist.Site.Inputs.WlanMistNac
    MxtunnelIds List<string>
    when interface=mxtunnel, id of the Mist Tunnel
    MxtunnelNames List<string>
    when interface=site_medge, name of the mxtunnel that in mxtunnels under Site Setting
    NoStaticDns bool
    whether to only allow client to use DNS that we’ve learned from DHCP response
    NoStaticIp bool
    whether to only allow client that we’ve learned from DHCP exchange to talk
    Portal Pulumi.JuniperMist.Site.Inputs.WlanPortal
    portal wlan settings
    PortalAllowedHostnames List<string>
    list of hostnames without http(s):// (matched by substring)
    PortalAllowedSubnets List<string>
    list of CIDRs
    PortalDeniedHostnames List<string>
    list of hostnames without http(s):// (matched by substring), this takes precedence over portal_allowed_hostnames
    Qos Pulumi.JuniperMist.Site.Inputs.WlanQos
    Radsec Pulumi.JuniperMist.Site.Inputs.WlanRadsec
    Radsec settings
    RoamMode string
    enum: 11r, OKC, NONE
    Schedule Pulumi.JuniperMist.Site.Inputs.WlanSchedule
    WLAN operating schedule, default is disabled
    SleExcluded bool
    whether to exclude this WLAN from SLE metrics
    UseEapolV1 bool
    if auth.type==’eap’ or ‘psk’, should only be set for legacy client, such as pre-2004, 802.11b devices
    VlanEnabled bool
    if vlan tagging is enabled
    VlanId string
    VlanIds List<string>
    vlan_ids to use when there’s no match from RA
    VlanPooling bool
    vlan pooling allows AP to place client on different VLAN using a deterministic algorithm
    WlanLimitDown int
    kbps
    WlanLimitDownEnabled bool
    if downlink limiting for whole wlan is enabled
    WlanLimitUp int
    kbps
    WlanLimitUpEnabled bool
    if uplink limiting for whole wlan is enabled
    WxtagIds List<string>
    list of wxtag_ids
    WxtunnelId string
    when interface=wxtunnel, id of the WXLAN Tunnel
    WxtunnelRemoteId string
    when interface=wxtunnel, remote tunnel identifier
    SiteId string
    Ssid string
    the name of the SSID
    AcctImmediateUpdate bool
    enable coa-immediate-update and address-change-immediate-update on the access profile.
    AcctInterimInterval int
    how frequently should interim accounting be reported, 60-65535. default is 0 (use one specified in Access-Accept request from RADIUS Server). Very frequent messages can affect the performance of the radius server, 600 and up is recommended when enabled
    AcctServers []WlanAcctServerArgs
    list of RADIUS accounting servers, optional, order matters where the first one is treated as primary
    Airwatch WlanAirwatchArgs
    airwatch wlan settings
    AllowIpv6Ndp bool
    only applicable when limit_bcast==true, which allows or disallows ipv6 Neighbor Discovery packets to go through
    AllowMdns bool
    only applicable when limit_bcast==true, which allows mDNS / Bonjour packets to go through
    AllowSsdp bool
    only applicable when limit_bcast==true, which allows SSDP
    ApIds []string
    list of device ids
    AppLimit WlanAppLimitArgs
    bandwidth limiting for apps (applies to up/down)
    AppQos WlanAppQosArgs
    app qos wlan settings
    ApplyTo string
    enum: aps, site, wxtags
    ArpFilter bool
    whether to enable smart arp filter
    Auth WlanAuthArgs
    authentication wlan settings
    AuthServerSelection string
    When ordered, AP will prefer and go back to the first server if possible. enum: ordered, unordered
    AuthServers []WlanAuthServerArgs
    list of RADIUS authentication servers, at least one is needed if auth type==eap, order matters where the first one is treated as primary
    AuthServersNasId string
    optional, up to 48 bytes, will be dynamically generated if not provided. used only for authentication servers
    AuthServersNasIp string
    optional, NAS-IP-ADDRESS to use
    AuthServersRetries int
    radius auth session retries. Following fast timers are set if “fast_dot1x_timers” knob is enabled. ‘retries’ are set to value of auth_servers_retries. ‘max-requests’ is also set when setting auth_servers_retries and is set to default value to 3.
    AuthServersTimeout int
    radius auth session timeout. Following fast timers are set if “fast_dot1x_timers” knob is enabled. ‘quite-period’ and ‘transmit-period’ are set to half the value of auth_servers_timeout. ‘supplicant-timeout’ is also set when setting auth_servers_timeout and is set to default value of 10.
    BandSteer bool
    whether to enable band_steering, this works only when band==both
    BandSteerForceBand5 bool
    force dual_band capable client to connect to 5G
    Bands []string
    list of radios that the wlan should apply to. enum: 24, 5, 6
    BlockBlacklistClients bool
    whether to block the clients in the blacklist (up to first 256 macs)
    Bonjour WlanBonjourArgs
    bonjour gateway wlan settings
    CiscoCwa WlanCiscoCwaArgs
    Cisco CWA (central web authentication) required RADIUS with COA in order to work. See CWA: https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/115732-central-web-auth-00.html
    ClientLimitDown int
    kbps
    ClientLimitDownEnabled bool
    if downlink limiting per-client is enabled
    ClientLimitUp int
    kbps
    ClientLimitUpEnabled bool
    if uplink limiting per-client is enabled
    CoaServers []WlanCoaServerArgs
    list of COA (change of authorization) servers, optional
    Disable11ax bool
    some old WLAN drivers may not be compatible
    DisableHtVhtRates bool
    to disable ht or vht rates
    DisableUapsd bool
    whether to disable U-APSD
    DisableV1RoamNotify bool
    disable sending v2 roam notification messages
    DisableV2RoamNotify bool
    disable sending v2 roam notification messages
    DisableWmm bool
    whether to disable WMM
    DnsServerRewrite WlanDnsServerRewriteArgs
    for radius_group-based DNS server (rewrite DNS request depending on the Group RADIUS server returns)
    Dtim int
    DynamicPsk WlanDynamicPskArgs
    for dynamic PSK where we get per_user PSK from Radius. dynamic_psk allows PSK to be selected at runtime depending on context (wlan/site/user/...) thus following configurations are assumed (currently) * PSK will come from RADIUS server * AP sends client MAC as username ans password (i.e. enable_mac_auth is assumed) * AP sends BSSID:SSID as Caller-Station-ID * auth_servers is required * PSK will come from cloud WLC if source is cloud_psks * default_psk will be used if cloud WLC is not available * multi_psk_only and psk is ignored * pairwise can only be wpa2-ccmp (for now, wpa3 support on the roadmap)
    DynamicVlan WlanDynamicVlanArgs
    for 802.1x
    EnableLocalKeycaching bool
    enable AP-AP keycaching via multicast
    EnableWirelessBridging bool
    by default, we'd inspect all DHCP packets and drop those unrelated to the wireless client itself in the case where client is a wireless bridge (DHCP packets for other MACs will need to be orwarded), wireless_bridging can be enabled
    EnableWirelessBridgingDhcpTracking bool
    if the client bridge is doing DHCP on behalf of other devices (L2-NAT), enable dhcp_tracking will cut down DHCP response packets to be forwarded to wireless
    Enabled bool
    if this wlan is enabled
    FastDot1xTimers bool
    if set to true, sets default fast-timers with values calculated from ‘auth_servers_timeout’ and ‘auth_server_retries’ .
    HideSsid bool
    whether to hide SSID in beacon
    HostnameIe bool
    include hostname inside IE in AP beacons / probe responses
    Hotspot20 WlanHotspot20Args
    hostspot 2.0 wlan settings
    InjectDhcpOption82 WlanInjectDhcpOption82Args
    Interface string
    where this WLAN will be connected to. enum: all, eth0, eth1, eth2, eth3, mxtunnel, site_mxedge, wxtunnel
    Isolation bool
    whether to stop clients to talk to each other
    L2Isolation bool
    if isolation is enabled, whether to deny clients to talk to L2 on the LAN
    LegacyOverds bool
    legacy devices requires the Over-DS (for Fast BSS Transition) bit set (while our chip doesn’t support it). Warning! Enabling this will cause problem for iOS devices.
    LimitBcast bool
    whether to limit broadcast packets going to wireless (i.e. only allow certain bcast packets to go through)
    LimitProbeResponse bool
    limit probe response base on some heuristic rules
    MaxIdletime int
    max idle time in seconds
    MistNac WlanMistNacArgs
    MxtunnelIds []string
    when interface=mxtunnel, id of the Mist Tunnel
    MxtunnelNames []string
    when interface=site_medge, name of the mxtunnel that in mxtunnels under Site Setting
    NoStaticDns bool
    whether to only allow client to use DNS that we’ve learned from DHCP response
    NoStaticIp bool
    whether to only allow client that we’ve learned from DHCP exchange to talk
    Portal WlanPortalArgs
    portal wlan settings
    PortalAllowedHostnames []string
    list of hostnames without http(s):// (matched by substring)
    PortalAllowedSubnets []string
    list of CIDRs
    PortalDeniedHostnames []string
    list of hostnames without http(s):// (matched by substring), this takes precedence over portal_allowed_hostnames
    Qos WlanQosArgs
    Radsec WlanRadsecArgs
    Radsec settings
    RoamMode string
    enum: 11r, OKC, NONE
    Schedule WlanScheduleArgs
    WLAN operating schedule, default is disabled
    SleExcluded bool
    whether to exclude this WLAN from SLE metrics
    UseEapolV1 bool
    if auth.type==’eap’ or ‘psk’, should only be set for legacy client, such as pre-2004, 802.11b devices
    VlanEnabled bool
    if vlan tagging is enabled
    VlanId string
    VlanIds []string
    vlan_ids to use when there’s no match from RA
    VlanPooling bool
    vlan pooling allows AP to place client on different VLAN using a deterministic algorithm
    WlanLimitDown int
    kbps
    WlanLimitDownEnabled bool
    if downlink limiting for whole wlan is enabled
    WlanLimitUp int
    kbps
    WlanLimitUpEnabled bool
    if uplink limiting for whole wlan is enabled
    WxtagIds []string
    list of wxtag_ids
    WxtunnelId string
    when interface=wxtunnel, id of the WXLAN Tunnel
    WxtunnelRemoteId string
    when interface=wxtunnel, remote tunnel identifier
    siteId String
    ssid String
    the name of the SSID
    acctImmediateUpdate Boolean
    enable coa-immediate-update and address-change-immediate-update on the access profile.
    acctInterimInterval Integer
    how frequently should interim accounting be reported, 60-65535. default is 0 (use one specified in Access-Accept request from RADIUS Server). Very frequent messages can affect the performance of the radius server, 600 and up is recommended when enabled
    acctServers List<WlanAcctServer>
    list of RADIUS accounting servers, optional, order matters where the first one is treated as primary
    airwatch WlanAirwatch
    airwatch wlan settings
    allowIpv6Ndp Boolean
    only applicable when limit_bcast==true, which allows or disallows ipv6 Neighbor Discovery packets to go through
    allowMdns Boolean
    only applicable when limit_bcast==true, which allows mDNS / Bonjour packets to go through
    allowSsdp Boolean
    only applicable when limit_bcast==true, which allows SSDP
    apIds List<String>
    list of device ids
    appLimit WlanAppLimit
    bandwidth limiting for apps (applies to up/down)
    appQos WlanAppQos
    app qos wlan settings
    applyTo String
    enum: aps, site, wxtags
    arpFilter Boolean
    whether to enable smart arp filter
    auth WlanAuth
    authentication wlan settings
    authServerSelection String
    When ordered, AP will prefer and go back to the first server if possible. enum: ordered, unordered
    authServers List<WlanAuthServer>
    list of RADIUS authentication servers, at least one is needed if auth type==eap, order matters where the first one is treated as primary
    authServersNasId String
    optional, up to 48 bytes, will be dynamically generated if not provided. used only for authentication servers
    authServersNasIp String
    optional, NAS-IP-ADDRESS to use
    authServersRetries Integer
    radius auth session retries. Following fast timers are set if “fast_dot1x_timers” knob is enabled. ‘retries’ are set to value of auth_servers_retries. ‘max-requests’ is also set when setting auth_servers_retries and is set to default value to 3.
    authServersTimeout Integer
    radius auth session timeout. Following fast timers are set if “fast_dot1x_timers” knob is enabled. ‘quite-period’ and ‘transmit-period’ are set to half the value of auth_servers_timeout. ‘supplicant-timeout’ is also set when setting auth_servers_timeout and is set to default value of 10.
    bandSteer Boolean
    whether to enable band_steering, this works only when band==both
    bandSteerForceBand5 Boolean
    force dual_band capable client to connect to 5G
    bands List<String>
    list of radios that the wlan should apply to. enum: 24, 5, 6
    blockBlacklistClients Boolean
    whether to block the clients in the blacklist (up to first 256 macs)
    bonjour WlanBonjour
    bonjour gateway wlan settings
    ciscoCwa WlanCiscoCwa
    Cisco CWA (central web authentication) required RADIUS with COA in order to work. See CWA: https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/115732-central-web-auth-00.html
    clientLimitDown Integer
    kbps
    clientLimitDownEnabled Boolean
    if downlink limiting per-client is enabled
    clientLimitUp Integer
    kbps
    clientLimitUpEnabled Boolean
    if uplink limiting per-client is enabled
    coaServers List<WlanCoaServer>
    list of COA (change of authorization) servers, optional
    disable11ax Boolean
    some old WLAN drivers may not be compatible
    disableHtVhtRates Boolean
    to disable ht or vht rates
    disableUapsd Boolean
    whether to disable U-APSD
    disableV1RoamNotify Boolean
    disable sending v2 roam notification messages
    disableV2RoamNotify Boolean
    disable sending v2 roam notification messages
    disableWmm Boolean
    whether to disable WMM
    dnsServerRewrite WlanDnsServerRewrite
    for radius_group-based DNS server (rewrite DNS request depending on the Group RADIUS server returns)
    dtim Integer
    dynamicPsk WlanDynamicPsk
    for dynamic PSK where we get per_user PSK from Radius. dynamic_psk allows PSK to be selected at runtime depending on context (wlan/site/user/...) thus following configurations are assumed (currently) * PSK will come from RADIUS server * AP sends client MAC as username ans password (i.e. enable_mac_auth is assumed) * AP sends BSSID:SSID as Caller-Station-ID * auth_servers is required * PSK will come from cloud WLC if source is cloud_psks * default_psk will be used if cloud WLC is not available * multi_psk_only and psk is ignored * pairwise can only be wpa2-ccmp (for now, wpa3 support on the roadmap)
    dynamicVlan WlanDynamicVlan
    for 802.1x
    enableLocalKeycaching Boolean
    enable AP-AP keycaching via multicast
    enableWirelessBridging Boolean
    by default, we'd inspect all DHCP packets and drop those unrelated to the wireless client itself in the case where client is a wireless bridge (DHCP packets for other MACs will need to be orwarded), wireless_bridging can be enabled
    enableWirelessBridgingDhcpTracking Boolean
    if the client bridge is doing DHCP on behalf of other devices (L2-NAT), enable dhcp_tracking will cut down DHCP response packets to be forwarded to wireless
    enabled Boolean
    if this wlan is enabled
    fastDot1xTimers Boolean
    if set to true, sets default fast-timers with values calculated from ‘auth_servers_timeout’ and ‘auth_server_retries’ .
    hideSsid Boolean
    whether to hide SSID in beacon
    hostnameIe Boolean
    include hostname inside IE in AP beacons / probe responses
    hotspot20 WlanHotspot20
    hostspot 2.0 wlan settings
    injectDhcpOption82 WlanInjectDhcpOption82
    interface_ String
    where this WLAN will be connected to. enum: all, eth0, eth1, eth2, eth3, mxtunnel, site_mxedge, wxtunnel
    isolation Boolean
    whether to stop clients to talk to each other
    l2Isolation Boolean
    if isolation is enabled, whether to deny clients to talk to L2 on the LAN
    legacyOverds Boolean
    legacy devices requires the Over-DS (for Fast BSS Transition) bit set (while our chip doesn’t support it). Warning! Enabling this will cause problem for iOS devices.
    limitBcast Boolean
    whether to limit broadcast packets going to wireless (i.e. only allow certain bcast packets to go through)
    limitProbeResponse Boolean
    limit probe response base on some heuristic rules
    maxIdletime Integer
    max idle time in seconds
    mistNac WlanMistNac
    mxtunnelIds List<String>
    when interface=mxtunnel, id of the Mist Tunnel
    mxtunnelNames List<String>
    when interface=site_medge, name of the mxtunnel that in mxtunnels under Site Setting
    noStaticDns Boolean
    whether to only allow client to use DNS that we’ve learned from DHCP response
    noStaticIp Boolean
    whether to only allow client that we’ve learned from DHCP exchange to talk
    portal WlanPortal
    portal wlan settings
    portalAllowedHostnames List<String>
    list of hostnames without http(s):// (matched by substring)
    portalAllowedSubnets List<String>
    list of CIDRs
    portalDeniedHostnames List<String>
    list of hostnames without http(s):// (matched by substring), this takes precedence over portal_allowed_hostnames
    qos WlanQos
    radsec WlanRadsec
    Radsec settings
    roamMode String
    enum: 11r, OKC, NONE
    schedule WlanSchedule
    WLAN operating schedule, default is disabled
    sleExcluded Boolean
    whether to exclude this WLAN from SLE metrics
    useEapolV1 Boolean
    if auth.type==’eap’ or ‘psk’, should only be set for legacy client, such as pre-2004, 802.11b devices
    vlanEnabled Boolean
    if vlan tagging is enabled
    vlanId String
    vlanIds List<String>
    vlan_ids to use when there’s no match from RA
    vlanPooling Boolean
    vlan pooling allows AP to place client on different VLAN using a deterministic algorithm
    wlanLimitDown Integer
    kbps
    wlanLimitDownEnabled Boolean
    if downlink limiting for whole wlan is enabled
    wlanLimitUp Integer
    kbps
    wlanLimitUpEnabled Boolean
    if uplink limiting for whole wlan is enabled
    wxtagIds List<String>
    list of wxtag_ids
    wxtunnelId String
    when interface=wxtunnel, id of the WXLAN Tunnel
    wxtunnelRemoteId String
    when interface=wxtunnel, remote tunnel identifier
    siteId string
    ssid string
    the name of the SSID
    acctImmediateUpdate boolean
    enable coa-immediate-update and address-change-immediate-update on the access profile.
    acctInterimInterval number
    how frequently should interim accounting be reported, 60-65535. default is 0 (use one specified in Access-Accept request from RADIUS Server). Very frequent messages can affect the performance of the radius server, 600 and up is recommended when enabled
    acctServers WlanAcctServer[]
    list of RADIUS accounting servers, optional, order matters where the first one is treated as primary
    airwatch WlanAirwatch
    airwatch wlan settings
    allowIpv6Ndp boolean
    only applicable when limit_bcast==true, which allows or disallows ipv6 Neighbor Discovery packets to go through
    allowMdns boolean
    only applicable when limit_bcast==true, which allows mDNS / Bonjour packets to go through
    allowSsdp boolean
    only applicable when limit_bcast==true, which allows SSDP
    apIds string[]
    list of device ids
    appLimit WlanAppLimit
    bandwidth limiting for apps (applies to up/down)
    appQos WlanAppQos
    app qos wlan settings
    applyTo string
    enum: aps, site, wxtags
    arpFilter boolean
    whether to enable smart arp filter
    auth WlanAuth
    authentication wlan settings
    authServerSelection string
    When ordered, AP will prefer and go back to the first server if possible. enum: ordered, unordered
    authServers WlanAuthServer[]
    list of RADIUS authentication servers, at least one is needed if auth type==eap, order matters where the first one is treated as primary
    authServersNasId string
    optional, up to 48 bytes, will be dynamically generated if not provided. used only for authentication servers
    authServersNasIp string
    optional, NAS-IP-ADDRESS to use
    authServersRetries number
    radius auth session retries. Following fast timers are set if “fast_dot1x_timers” knob is enabled. ‘retries’ are set to value of auth_servers_retries. ‘max-requests’ is also set when setting auth_servers_retries and is set to default value to 3.
    authServersTimeout number
    radius auth session timeout. Following fast timers are set if “fast_dot1x_timers” knob is enabled. ‘quite-period’ and ‘transmit-period’ are set to half the value of auth_servers_timeout. ‘supplicant-timeout’ is also set when setting auth_servers_timeout and is set to default value of 10.
    bandSteer boolean
    whether to enable band_steering, this works only when band==both
    bandSteerForceBand5 boolean
    force dual_band capable client to connect to 5G
    bands string[]
    list of radios that the wlan should apply to. enum: 24, 5, 6
    blockBlacklistClients boolean
    whether to block the clients in the blacklist (up to first 256 macs)
    bonjour WlanBonjour
    bonjour gateway wlan settings
    ciscoCwa WlanCiscoCwa
    Cisco CWA (central web authentication) required RADIUS with COA in order to work. See CWA: https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/115732-central-web-auth-00.html
    clientLimitDown number
    kbps
    clientLimitDownEnabled boolean
    if downlink limiting per-client is enabled
    clientLimitUp number
    kbps
    clientLimitUpEnabled boolean
    if uplink limiting per-client is enabled
    coaServers WlanCoaServer[]
    list of COA (change of authorization) servers, optional
    disable11ax boolean
    some old WLAN drivers may not be compatible
    disableHtVhtRates boolean
    to disable ht or vht rates
    disableUapsd boolean
    whether to disable U-APSD
    disableV1RoamNotify boolean
    disable sending v2 roam notification messages
    disableV2RoamNotify boolean
    disable sending v2 roam notification messages
    disableWmm boolean
    whether to disable WMM
    dnsServerRewrite WlanDnsServerRewrite
    for radius_group-based DNS server (rewrite DNS request depending on the Group RADIUS server returns)
    dtim number
    dynamicPsk WlanDynamicPsk
    for dynamic PSK where we get per_user PSK from Radius. dynamic_psk allows PSK to be selected at runtime depending on context (wlan/site/user/...) thus following configurations are assumed (currently) * PSK will come from RADIUS server * AP sends client MAC as username ans password (i.e. enable_mac_auth is assumed) * AP sends BSSID:SSID as Caller-Station-ID * auth_servers is required * PSK will come from cloud WLC if source is cloud_psks * default_psk will be used if cloud WLC is not available * multi_psk_only and psk is ignored * pairwise can only be wpa2-ccmp (for now, wpa3 support on the roadmap)
    dynamicVlan WlanDynamicVlan
    for 802.1x
    enableLocalKeycaching boolean
    enable AP-AP keycaching via multicast
    enableWirelessBridging boolean
    by default, we'd inspect all DHCP packets and drop those unrelated to the wireless client itself in the case where client is a wireless bridge (DHCP packets for other MACs will need to be orwarded), wireless_bridging can be enabled
    enableWirelessBridgingDhcpTracking boolean
    if the client bridge is doing DHCP on behalf of other devices (L2-NAT), enable dhcp_tracking will cut down DHCP response packets to be forwarded to wireless
    enabled boolean
    if this wlan is enabled
    fastDot1xTimers boolean
    if set to true, sets default fast-timers with values calculated from ‘auth_servers_timeout’ and ‘auth_server_retries’ .
    hideSsid boolean
    whether to hide SSID in beacon
    hostnameIe boolean
    include hostname inside IE in AP beacons / probe responses
    hotspot20 WlanHotspot20
    hostspot 2.0 wlan settings
    injectDhcpOption82 WlanInjectDhcpOption82
    interface string
    where this WLAN will be connected to. enum: all, eth0, eth1, eth2, eth3, mxtunnel, site_mxedge, wxtunnel
    isolation boolean
    whether to stop clients to talk to each other
    l2Isolation boolean
    if isolation is enabled, whether to deny clients to talk to L2 on the LAN
    legacyOverds boolean
    legacy devices requires the Over-DS (for Fast BSS Transition) bit set (while our chip doesn’t support it). Warning! Enabling this will cause problem for iOS devices.
    limitBcast boolean
    whether to limit broadcast packets going to wireless (i.e. only allow certain bcast packets to go through)
    limitProbeResponse boolean
    limit probe response base on some heuristic rules
    maxIdletime number
    max idle time in seconds
    mistNac WlanMistNac
    mxtunnelIds string[]
    when interface=mxtunnel, id of the Mist Tunnel
    mxtunnelNames string[]
    when interface=site_medge, name of the mxtunnel that in mxtunnels under Site Setting
    noStaticDns boolean
    whether to only allow client to use DNS that we’ve learned from DHCP response
    noStaticIp boolean
    whether to only allow client that we’ve learned from DHCP exchange to talk
    portal WlanPortal
    portal wlan settings
    portalAllowedHostnames string[]
    list of hostnames without http(s):// (matched by substring)
    portalAllowedSubnets string[]
    list of CIDRs
    portalDeniedHostnames string[]
    list of hostnames without http(s):// (matched by substring), this takes precedence over portal_allowed_hostnames
    qos WlanQos
    radsec WlanRadsec
    Radsec settings
    roamMode string
    enum: 11r, OKC, NONE
    schedule WlanSchedule
    WLAN operating schedule, default is disabled
    sleExcluded boolean
    whether to exclude this WLAN from SLE metrics
    useEapolV1 boolean
    if auth.type==’eap’ or ‘psk’, should only be set for legacy client, such as pre-2004, 802.11b devices
    vlanEnabled boolean
    if vlan tagging is enabled
    vlanId string
    vlanIds string[]
    vlan_ids to use when there’s no match from RA
    vlanPooling boolean
    vlan pooling allows AP to place client on different VLAN using a deterministic algorithm
    wlanLimitDown number
    kbps
    wlanLimitDownEnabled boolean
    if downlink limiting for whole wlan is enabled
    wlanLimitUp number
    kbps
    wlanLimitUpEnabled boolean
    if uplink limiting for whole wlan is enabled
    wxtagIds string[]
    list of wxtag_ids
    wxtunnelId string
    when interface=wxtunnel, id of the WXLAN Tunnel
    wxtunnelRemoteId string
    when interface=wxtunnel, remote tunnel identifier
    site_id str
    ssid str
    the name of the SSID
    acct_immediate_update bool
    enable coa-immediate-update and address-change-immediate-update on the access profile.
    acct_interim_interval int
    how frequently should interim accounting be reported, 60-65535. default is 0 (use one specified in Access-Accept request from RADIUS Server). Very frequent messages can affect the performance of the radius server, 600 and up is recommended when enabled
    acct_servers Sequence[WlanAcctServerArgs]
    list of RADIUS accounting servers, optional, order matters where the first one is treated as primary
    airwatch WlanAirwatchArgs
    airwatch wlan settings
    allow_ipv6_ndp bool
    only applicable when limit_bcast==true, which allows or disallows ipv6 Neighbor Discovery packets to go through
    allow_mdns bool
    only applicable when limit_bcast==true, which allows mDNS / Bonjour packets to go through
    allow_ssdp bool
    only applicable when limit_bcast==true, which allows SSDP
    ap_ids Sequence[str]
    list of device ids
    app_limit WlanAppLimitArgs
    bandwidth limiting for apps (applies to up/down)
    app_qos WlanAppQosArgs
    app qos wlan settings
    apply_to str
    enum: aps, site, wxtags
    arp_filter bool
    whether to enable smart arp filter
    auth WlanAuthArgs
    authentication wlan settings
    auth_server_selection str
    When ordered, AP will prefer and go back to the first server if possible. enum: ordered, unordered
    auth_servers Sequence[WlanAuthServerArgs]
    list of RADIUS authentication servers, at least one is needed if auth type==eap, order matters where the first one is treated as primary
    auth_servers_nas_id str
    optional, up to 48 bytes, will be dynamically generated if not provided. used only for authentication servers
    auth_servers_nas_ip str
    optional, NAS-IP-ADDRESS to use
    auth_servers_retries int
    radius auth session retries. Following fast timers are set if “fast_dot1x_timers” knob is enabled. ‘retries’ are set to value of auth_servers_retries. ‘max-requests’ is also set when setting auth_servers_retries and is set to default value to 3.
    auth_servers_timeout int
    radius auth session timeout. Following fast timers are set if “fast_dot1x_timers” knob is enabled. ‘quite-period’ and ‘transmit-period’ are set to half the value of auth_servers_timeout. ‘supplicant-timeout’ is also set when setting auth_servers_timeout and is set to default value of 10.
    band_steer bool
    whether to enable band_steering, this works only when band==both
    band_steer_force_band5 bool
    force dual_band capable client to connect to 5G
    bands Sequence[str]
    list of radios that the wlan should apply to. enum: 24, 5, 6
    block_blacklist_clients bool
    whether to block the clients in the blacklist (up to first 256 macs)
    bonjour WlanBonjourArgs
    bonjour gateway wlan settings
    cisco_cwa WlanCiscoCwaArgs
    Cisco CWA (central web authentication) required RADIUS with COA in order to work. See CWA: https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/115732-central-web-auth-00.html
    client_limit_down int
    kbps
    client_limit_down_enabled bool
    if downlink limiting per-client is enabled
    client_limit_up int
    kbps
    client_limit_up_enabled bool
    if uplink limiting per-client is enabled
    coa_servers Sequence[WlanCoaServerArgs]
    list of COA (change of authorization) servers, optional
    disable11ax bool
    some old WLAN drivers may not be compatible
    disable_ht_vht_rates bool
    to disable ht or vht rates
    disable_uapsd bool
    whether to disable U-APSD
    disable_v1_roam_notify bool
    disable sending v2 roam notification messages
    disable_v2_roam_notify bool
    disable sending v2 roam notification messages
    disable_wmm bool
    whether to disable WMM
    dns_server_rewrite WlanDnsServerRewriteArgs
    for radius_group-based DNS server (rewrite DNS request depending on the Group RADIUS server returns)
    dtim int
    dynamic_psk WlanDynamicPskArgs
    for dynamic PSK where we get per_user PSK from Radius. dynamic_psk allows PSK to be selected at runtime depending on context (wlan/site/user/...) thus following configurations are assumed (currently) * PSK will come from RADIUS server * AP sends client MAC as username ans password (i.e. enable_mac_auth is assumed) * AP sends BSSID:SSID as Caller-Station-ID * auth_servers is required * PSK will come from cloud WLC if source is cloud_psks * default_psk will be used if cloud WLC is not available * multi_psk_only and psk is ignored * pairwise can only be wpa2-ccmp (for now, wpa3 support on the roadmap)
    dynamic_vlan WlanDynamicVlanArgs
    for 802.1x
    enable_local_keycaching bool
    enable AP-AP keycaching via multicast
    enable_wireless_bridging bool
    by default, we'd inspect all DHCP packets and drop those unrelated to the wireless client itself in the case where client is a wireless bridge (DHCP packets for other MACs will need to be orwarded), wireless_bridging can be enabled
    enable_wireless_bridging_dhcp_tracking bool
    if the client bridge is doing DHCP on behalf of other devices (L2-NAT), enable dhcp_tracking will cut down DHCP response packets to be forwarded to wireless
    enabled bool
    if this wlan is enabled
    fast_dot1x_timers bool
    if set to true, sets default fast-timers with values calculated from ‘auth_servers_timeout’ and ‘auth_server_retries’ .
    hide_ssid bool
    whether to hide SSID in beacon
    hostname_ie bool
    include hostname inside IE in AP beacons / probe responses
    hotspot20 WlanHotspot20Args
    hostspot 2.0 wlan settings
    inject_dhcp_option82 WlanInjectDhcpOption82Args
    interface str
    where this WLAN will be connected to. enum: all, eth0, eth1, eth2, eth3, mxtunnel, site_mxedge, wxtunnel
    isolation bool
    whether to stop clients to talk to each other
    l2_isolation bool
    if isolation is enabled, whether to deny clients to talk to L2 on the LAN
    legacy_overds bool
    legacy devices requires the Over-DS (for Fast BSS Transition) bit set (while our chip doesn’t support it). Warning! Enabling this will cause problem for iOS devices.
    limit_bcast bool
    whether to limit broadcast packets going to wireless (i.e. only allow certain bcast packets to go through)
    limit_probe_response bool
    limit probe response base on some heuristic rules
    max_idletime int
    max idle time in seconds
    mist_nac WlanMistNacArgs
    mxtunnel_ids Sequence[str]
    when interface=mxtunnel, id of the Mist Tunnel
    mxtunnel_names Sequence[str]
    when interface=site_medge, name of the mxtunnel that in mxtunnels under Site Setting
    no_static_dns bool
    whether to only allow client to use DNS that we’ve learned from DHCP response
    no_static_ip bool
    whether to only allow client that we’ve learned from DHCP exchange to talk
    portal WlanPortalArgs
    portal wlan settings
    portal_allowed_hostnames Sequence[str]
    list of hostnames without http(s):// (matched by substring)
    portal_allowed_subnets Sequence[str]
    list of CIDRs
    portal_denied_hostnames Sequence[str]
    list of hostnames without http(s):// (matched by substring), this takes precedence over portal_allowed_hostnames
    qos WlanQosArgs
    radsec WlanRadsecArgs
    Radsec settings
    roam_mode str
    enum: 11r, OKC, NONE
    schedule WlanScheduleArgs
    WLAN operating schedule, default is disabled
    sle_excluded bool
    whether to exclude this WLAN from SLE metrics
    use_eapol_v1 bool
    if auth.type==’eap’ or ‘psk’, should only be set for legacy client, such as pre-2004, 802.11b devices
    vlan_enabled bool
    if vlan tagging is enabled
    vlan_id str
    vlan_ids Sequence[str]
    vlan_ids to use when there’s no match from RA
    vlan_pooling bool
    vlan pooling allows AP to place client on different VLAN using a deterministic algorithm
    wlan_limit_down int
    kbps
    wlan_limit_down_enabled bool
    if downlink limiting for whole wlan is enabled
    wlan_limit_up int
    kbps
    wlan_limit_up_enabled bool
    if uplink limiting for whole wlan is enabled
    wxtag_ids Sequence[str]
    list of wxtag_ids
    wxtunnel_id str
    when interface=wxtunnel, id of the WXLAN Tunnel
    wxtunnel_remote_id str
    when interface=wxtunnel, remote tunnel identifier
    siteId String
    ssid String
    the name of the SSID
    acctImmediateUpdate Boolean
    enable coa-immediate-update and address-change-immediate-update on the access profile.
    acctInterimInterval Number
    how frequently should interim accounting be reported, 60-65535. default is 0 (use one specified in Access-Accept request from RADIUS Server). Very frequent messages can affect the performance of the radius server, 600 and up is recommended when enabled
    acctServers List<Property Map>
    list of RADIUS accounting servers, optional, order matters where the first one is treated as primary
    airwatch Property Map
    airwatch wlan settings
    allowIpv6Ndp Boolean
    only applicable when limit_bcast==true, which allows or disallows ipv6 Neighbor Discovery packets to go through
    allowMdns Boolean
    only applicable when limit_bcast==true, which allows mDNS / Bonjour packets to go through
    allowSsdp Boolean
    only applicable when limit_bcast==true, which allows SSDP
    apIds List<String>
    list of device ids
    appLimit Property Map
    bandwidth limiting for apps (applies to up/down)
    appQos Property Map
    app qos wlan settings
    applyTo String
    enum: aps, site, wxtags
    arpFilter Boolean
    whether to enable smart arp filter
    auth Property Map
    authentication wlan settings
    authServerSelection String
    When ordered, AP will prefer and go back to the first server if possible. enum: ordered, unordered
    authServers List<Property Map>
    list of RADIUS authentication servers, at least one is needed if auth type==eap, order matters where the first one is treated as primary
    authServersNasId String
    optional, up to 48 bytes, will be dynamically generated if not provided. used only for authentication servers
    authServersNasIp String
    optional, NAS-IP-ADDRESS to use
    authServersRetries Number
    radius auth session retries. Following fast timers are set if “fast_dot1x_timers” knob is enabled. ‘retries’ are set to value of auth_servers_retries. ‘max-requests’ is also set when setting auth_servers_retries and is set to default value to 3.
    authServersTimeout Number
    radius auth session timeout. Following fast timers are set if “fast_dot1x_timers” knob is enabled. ‘quite-period’ and ‘transmit-period’ are set to half the value of auth_servers_timeout. ‘supplicant-timeout’ is also set when setting auth_servers_timeout and is set to default value of 10.
    bandSteer Boolean
    whether to enable band_steering, this works only when band==both
    bandSteerForceBand5 Boolean
    force dual_band capable client to connect to 5G
    bands List<String>
    list of radios that the wlan should apply to. enum: 24, 5, 6
    blockBlacklistClients Boolean
    whether to block the clients in the blacklist (up to first 256 macs)
    bonjour Property Map
    bonjour gateway wlan settings
    ciscoCwa Property Map
    Cisco CWA (central web authentication) required RADIUS with COA in order to work. See CWA: https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/115732-central-web-auth-00.html
    clientLimitDown Number
    kbps
    clientLimitDownEnabled Boolean
    if downlink limiting per-client is enabled
    clientLimitUp Number
    kbps
    clientLimitUpEnabled Boolean
    if uplink limiting per-client is enabled
    coaServers List<Property Map>
    list of COA (change of authorization) servers, optional
    disable11ax Boolean
    some old WLAN drivers may not be compatible
    disableHtVhtRates Boolean
    to disable ht or vht rates
    disableUapsd Boolean
    whether to disable U-APSD
    disableV1RoamNotify Boolean
    disable sending v2 roam notification messages
    disableV2RoamNotify Boolean
    disable sending v2 roam notification messages
    disableWmm Boolean
    whether to disable WMM
    dnsServerRewrite Property Map
    for radius_group-based DNS server (rewrite DNS request depending on the Group RADIUS server returns)
    dtim Number
    dynamicPsk Property Map
    for dynamic PSK where we get per_user PSK from Radius. dynamic_psk allows PSK to be selected at runtime depending on context (wlan/site/user/...) thus following configurations are assumed (currently) * PSK will come from RADIUS server * AP sends client MAC as username ans password (i.e. enable_mac_auth is assumed) * AP sends BSSID:SSID as Caller-Station-ID * auth_servers is required * PSK will come from cloud WLC if source is cloud_psks * default_psk will be used if cloud WLC is not available * multi_psk_only and psk is ignored * pairwise can only be wpa2-ccmp (for now, wpa3 support on the roadmap)
    dynamicVlan Property Map
    for 802.1x
    enableLocalKeycaching Boolean
    enable AP-AP keycaching via multicast
    enableWirelessBridging Boolean
    by default, we'd inspect all DHCP packets and drop those unrelated to the wireless client itself in the case where client is a wireless bridge (DHCP packets for other MACs will need to be orwarded), wireless_bridging can be enabled
    enableWirelessBridgingDhcpTracking Boolean
    if the client bridge is doing DHCP on behalf of other devices (L2-NAT), enable dhcp_tracking will cut down DHCP response packets to be forwarded to wireless
    enabled Boolean
    if this wlan is enabled
    fastDot1xTimers Boolean
    if set to true, sets default fast-timers with values calculated from ‘auth_servers_timeout’ and ‘auth_server_retries’ .
    hideSsid Boolean
    whether to hide SSID in beacon
    hostnameIe Boolean
    include hostname inside IE in AP beacons / probe responses
    hotspot20 Property Map
    hostspot 2.0 wlan settings
    injectDhcpOption82 Property Map
    interface String
    where this WLAN will be connected to. enum: all, eth0, eth1, eth2, eth3, mxtunnel, site_mxedge, wxtunnel
    isolation Boolean
    whether to stop clients to talk to each other
    l2Isolation Boolean
    if isolation is enabled, whether to deny clients to talk to L2 on the LAN
    legacyOverds Boolean
    legacy devices requires the Over-DS (for Fast BSS Transition) bit set (while our chip doesn’t support it). Warning! Enabling this will cause problem for iOS devices.
    limitBcast Boolean
    whether to limit broadcast packets going to wireless (i.e. only allow certain bcast packets to go through)
    limitProbeResponse Boolean
    limit probe response base on some heuristic rules
    maxIdletime Number
    max idle time in seconds
    mistNac Property Map
    mxtunnelIds List<String>
    when interface=mxtunnel, id of the Mist Tunnel
    mxtunnelNames List<String>
    when interface=site_medge, name of the mxtunnel that in mxtunnels under Site Setting
    noStaticDns Boolean
    whether to only allow client to use DNS that we’ve learned from DHCP response
    noStaticIp Boolean
    whether to only allow client that we’ve learned from DHCP exchange to talk
    portal Property Map
    portal wlan settings
    portalAllowedHostnames List<String>
    list of hostnames without http(s):// (matched by substring)
    portalAllowedSubnets List<String>
    list of CIDRs
    portalDeniedHostnames List<String>
    list of hostnames without http(s):// (matched by substring), this takes precedence over portal_allowed_hostnames
    qos Property Map
    radsec Property Map
    Radsec settings
    roamMode String
    enum: 11r, OKC, NONE
    schedule Property Map
    WLAN operating schedule, default is disabled
    sleExcluded Boolean
    whether to exclude this WLAN from SLE metrics
    useEapolV1 Boolean
    if auth.type==’eap’ or ‘psk’, should only be set for legacy client, such as pre-2004, 802.11b devices
    vlanEnabled Boolean
    if vlan tagging is enabled
    vlanId String
    vlanIds List<String>
    vlan_ids to use when there’s no match from RA
    vlanPooling Boolean
    vlan pooling allows AP to place client on different VLAN using a deterministic algorithm
    wlanLimitDown Number
    kbps
    wlanLimitDownEnabled Boolean
    if downlink limiting for whole wlan is enabled
    wlanLimitUp Number
    kbps
    wlanLimitUpEnabled Boolean
    if uplink limiting for whole wlan is enabled
    wxtagIds List<String>
    list of wxtag_ids
    wxtunnelId String
    when interface=wxtunnel, id of the WXLAN Tunnel
    wxtunnelRemoteId String
    when interface=wxtunnel, remote tunnel identifier

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Wlan resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    MspId string
    OrgId string
    PortalApiSecret string
    api secret (auto-generated) that can be used to sign guest authorization requests
    PortalImage string
    Url of portal background image
    PortalSsoUrl string
    PortalTemplateUrl string
    N.B portal_template will be forked out of wlan objects soon. To fetch portal_template, please query portal_template_url. To update portal_template, use Wlan Portal Template.
    Thumbnail string
    Url of portal background image thumbnail
    Id string
    The provider-assigned unique ID for this managed resource.
    MspId string
    OrgId string
    PortalApiSecret string
    api secret (auto-generated) that can be used to sign guest authorization requests
    PortalImage string
    Url of portal background image
    PortalSsoUrl string
    PortalTemplateUrl string
    N.B portal_template will be forked out of wlan objects soon. To fetch portal_template, please query portal_template_url. To update portal_template, use Wlan Portal Template.
    Thumbnail string
    Url of portal background image thumbnail
    id String
    The provider-assigned unique ID for this managed resource.
    mspId String
    orgId String
    portalApiSecret String
    api secret (auto-generated) that can be used to sign guest authorization requests
    portalImage String
    Url of portal background image
    portalSsoUrl String
    portalTemplateUrl String
    N.B portal_template will be forked out of wlan objects soon. To fetch portal_template, please query portal_template_url. To update portal_template, use Wlan Portal Template.
    thumbnail String
    Url of portal background image thumbnail
    id string
    The provider-assigned unique ID for this managed resource.
    mspId string
    orgId string
    portalApiSecret string
    api secret (auto-generated) that can be used to sign guest authorization requests
    portalImage string
    Url of portal background image
    portalSsoUrl string
    portalTemplateUrl string
    N.B portal_template will be forked out of wlan objects soon. To fetch portal_template, please query portal_template_url. To update portal_template, use Wlan Portal Template.
    thumbnail string
    Url of portal background image thumbnail
    id str
    The provider-assigned unique ID for this managed resource.
    msp_id str
    org_id str
    portal_api_secret str
    api secret (auto-generated) that can be used to sign guest authorization requests
    portal_image str
    Url of portal background image
    portal_sso_url str
    portal_template_url str
    N.B portal_template will be forked out of wlan objects soon. To fetch portal_template, please query portal_template_url. To update portal_template, use Wlan Portal Template.
    thumbnail str
    Url of portal background image thumbnail
    id String
    The provider-assigned unique ID for this managed resource.
    mspId String
    orgId String
    portalApiSecret String
    api secret (auto-generated) that can be used to sign guest authorization requests
    portalImage String
    Url of portal background image
    portalSsoUrl String
    portalTemplateUrl String
    N.B portal_template will be forked out of wlan objects soon. To fetch portal_template, please query portal_template_url. To update portal_template, use Wlan Portal Template.
    thumbnail String
    Url of portal background image thumbnail

    Look up Existing Wlan Resource

    Get an existing Wlan resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: WlanState, opts?: CustomResourceOptions): Wlan
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            acct_immediate_update: Optional[bool] = None,
            acct_interim_interval: Optional[int] = None,
            acct_servers: Optional[Sequence[WlanAcctServerArgs]] = None,
            airwatch: Optional[WlanAirwatchArgs] = None,
            allow_ipv6_ndp: Optional[bool] = None,
            allow_mdns: Optional[bool] = None,
            allow_ssdp: Optional[bool] = None,
            ap_ids: Optional[Sequence[str]] = None,
            app_limit: Optional[WlanAppLimitArgs] = None,
            app_qos: Optional[WlanAppQosArgs] = None,
            apply_to: Optional[str] = None,
            arp_filter: Optional[bool] = None,
            auth: Optional[WlanAuthArgs] = None,
            auth_server_selection: Optional[str] = None,
            auth_servers: Optional[Sequence[WlanAuthServerArgs]] = None,
            auth_servers_nas_id: Optional[str] = None,
            auth_servers_nas_ip: Optional[str] = None,
            auth_servers_retries: Optional[int] = None,
            auth_servers_timeout: Optional[int] = None,
            band_steer: Optional[bool] = None,
            band_steer_force_band5: Optional[bool] = None,
            bands: Optional[Sequence[str]] = None,
            block_blacklist_clients: Optional[bool] = None,
            bonjour: Optional[WlanBonjourArgs] = None,
            cisco_cwa: Optional[WlanCiscoCwaArgs] = None,
            client_limit_down: Optional[int] = None,
            client_limit_down_enabled: Optional[bool] = None,
            client_limit_up: Optional[int] = None,
            client_limit_up_enabled: Optional[bool] = None,
            coa_servers: Optional[Sequence[WlanCoaServerArgs]] = None,
            disable11ax: Optional[bool] = None,
            disable_ht_vht_rates: Optional[bool] = None,
            disable_uapsd: Optional[bool] = None,
            disable_v1_roam_notify: Optional[bool] = None,
            disable_v2_roam_notify: Optional[bool] = None,
            disable_wmm: Optional[bool] = None,
            dns_server_rewrite: Optional[WlanDnsServerRewriteArgs] = None,
            dtim: Optional[int] = None,
            dynamic_psk: Optional[WlanDynamicPskArgs] = None,
            dynamic_vlan: Optional[WlanDynamicVlanArgs] = None,
            enable_local_keycaching: Optional[bool] = None,
            enable_wireless_bridging: Optional[bool] = None,
            enable_wireless_bridging_dhcp_tracking: Optional[bool] = None,
            enabled: Optional[bool] = None,
            fast_dot1x_timers: Optional[bool] = None,
            hide_ssid: Optional[bool] = None,
            hostname_ie: Optional[bool] = None,
            hotspot20: Optional[WlanHotspot20Args] = None,
            inject_dhcp_option82: Optional[WlanInjectDhcpOption82Args] = None,
            interface: Optional[str] = None,
            isolation: Optional[bool] = None,
            l2_isolation: Optional[bool] = None,
            legacy_overds: Optional[bool] = None,
            limit_bcast: Optional[bool] = None,
            limit_probe_response: Optional[bool] = None,
            max_idletime: Optional[int] = None,
            mist_nac: Optional[WlanMistNacArgs] = None,
            msp_id: Optional[str] = None,
            mxtunnel_ids: Optional[Sequence[str]] = None,
            mxtunnel_names: Optional[Sequence[str]] = None,
            no_static_dns: Optional[bool] = None,
            no_static_ip: Optional[bool] = None,
            org_id: Optional[str] = None,
            portal: Optional[WlanPortalArgs] = None,
            portal_allowed_hostnames: Optional[Sequence[str]] = None,
            portal_allowed_subnets: Optional[Sequence[str]] = None,
            portal_api_secret: Optional[str] = None,
            portal_denied_hostnames: Optional[Sequence[str]] = None,
            portal_image: Optional[str] = None,
            portal_sso_url: Optional[str] = None,
            portal_template_url: Optional[str] = None,
            qos: Optional[WlanQosArgs] = None,
            radsec: Optional[WlanRadsecArgs] = None,
            roam_mode: Optional[str] = None,
            schedule: Optional[WlanScheduleArgs] = None,
            site_id: Optional[str] = None,
            sle_excluded: Optional[bool] = None,
            ssid: Optional[str] = None,
            thumbnail: Optional[str] = None,
            use_eapol_v1: Optional[bool] = None,
            vlan_enabled: Optional[bool] = None,
            vlan_id: Optional[str] = None,
            vlan_ids: Optional[Sequence[str]] = None,
            vlan_pooling: Optional[bool] = None,
            wlan_limit_down: Optional[int] = None,
            wlan_limit_down_enabled: Optional[bool] = None,
            wlan_limit_up: Optional[int] = None,
            wlan_limit_up_enabled: Optional[bool] = None,
            wxtag_ids: Optional[Sequence[str]] = None,
            wxtunnel_id: Optional[str] = None,
            wxtunnel_remote_id: Optional[str] = None) -> Wlan
    func GetWlan(ctx *Context, name string, id IDInput, state *WlanState, opts ...ResourceOption) (*Wlan, error)
    public static Wlan Get(string name, Input<string> id, WlanState? state, CustomResourceOptions? opts = null)
    public static Wlan get(String name, Output<String> id, WlanState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AcctImmediateUpdate bool
    enable coa-immediate-update and address-change-immediate-update on the access profile.
    AcctInterimInterval int
    how frequently should interim accounting be reported, 60-65535. default is 0 (use one specified in Access-Accept request from RADIUS Server). Very frequent messages can affect the performance of the radius server, 600 and up is recommended when enabled
    AcctServers List<Pulumi.JuniperMist.Site.Inputs.WlanAcctServer>
    list of RADIUS accounting servers, optional, order matters where the first one is treated as primary
    Airwatch Pulumi.JuniperMist.Site.Inputs.WlanAirwatch
    airwatch wlan settings
    AllowIpv6Ndp bool
    only applicable when limit_bcast==true, which allows or disallows ipv6 Neighbor Discovery packets to go through
    AllowMdns bool
    only applicable when limit_bcast==true, which allows mDNS / Bonjour packets to go through
    AllowSsdp bool
    only applicable when limit_bcast==true, which allows SSDP
    ApIds List<string>
    list of device ids
    AppLimit Pulumi.JuniperMist.Site.Inputs.WlanAppLimit
    bandwidth limiting for apps (applies to up/down)
    AppQos Pulumi.JuniperMist.Site.Inputs.WlanAppQos
    app qos wlan settings
    ApplyTo string
    enum: aps, site, wxtags
    ArpFilter bool
    whether to enable smart arp filter
    Auth Pulumi.JuniperMist.Site.Inputs.WlanAuth
    authentication wlan settings
    AuthServerSelection string
    When ordered, AP will prefer and go back to the first server if possible. enum: ordered, unordered
    AuthServers List<Pulumi.JuniperMist.Site.Inputs.WlanAuthServer>
    list of RADIUS authentication servers, at least one is needed if auth type==eap, order matters where the first one is treated as primary
    AuthServersNasId string
    optional, up to 48 bytes, will be dynamically generated if not provided. used only for authentication servers
    AuthServersNasIp string
    optional, NAS-IP-ADDRESS to use
    AuthServersRetries int
    radius auth session retries. Following fast timers are set if “fast_dot1x_timers” knob is enabled. ‘retries’ are set to value of auth_servers_retries. ‘max-requests’ is also set when setting auth_servers_retries and is set to default value to 3.
    AuthServersTimeout int
    radius auth session timeout. Following fast timers are set if “fast_dot1x_timers” knob is enabled. ‘quite-period’ and ‘transmit-period’ are set to half the value of auth_servers_timeout. ‘supplicant-timeout’ is also set when setting auth_servers_timeout and is set to default value of 10.
    BandSteer bool
    whether to enable band_steering, this works only when band==both
    BandSteerForceBand5 bool
    force dual_band capable client to connect to 5G
    Bands List<string>
    list of radios that the wlan should apply to. enum: 24, 5, 6
    BlockBlacklistClients bool
    whether to block the clients in the blacklist (up to first 256 macs)
    Bonjour Pulumi.JuniperMist.Site.Inputs.WlanBonjour
    bonjour gateway wlan settings
    CiscoCwa Pulumi.JuniperMist.Site.Inputs.WlanCiscoCwa
    Cisco CWA (central web authentication) required RADIUS with COA in order to work. See CWA: https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/115732-central-web-auth-00.html
    ClientLimitDown int
    kbps
    ClientLimitDownEnabled bool
    if downlink limiting per-client is enabled
    ClientLimitUp int
    kbps
    ClientLimitUpEnabled bool
    if uplink limiting per-client is enabled
    CoaServers List<Pulumi.JuniperMist.Site.Inputs.WlanCoaServer>
    list of COA (change of authorization) servers, optional
    Disable11ax bool
    some old WLAN drivers may not be compatible
    DisableHtVhtRates bool
    to disable ht or vht rates
    DisableUapsd bool
    whether to disable U-APSD
    DisableV1RoamNotify bool
    disable sending v2 roam notification messages
    DisableV2RoamNotify bool
    disable sending v2 roam notification messages
    DisableWmm bool
    whether to disable WMM
    DnsServerRewrite Pulumi.JuniperMist.Site.Inputs.WlanDnsServerRewrite
    for radius_group-based DNS server (rewrite DNS request depending on the Group RADIUS server returns)
    Dtim int
    DynamicPsk Pulumi.JuniperMist.Site.Inputs.WlanDynamicPsk
    for dynamic PSK where we get per_user PSK from Radius. dynamic_psk allows PSK to be selected at runtime depending on context (wlan/site/user/...) thus following configurations are assumed (currently) * PSK will come from RADIUS server * AP sends client MAC as username ans password (i.e. enable_mac_auth is assumed) * AP sends BSSID:SSID as Caller-Station-ID * auth_servers is required * PSK will come from cloud WLC if source is cloud_psks * default_psk will be used if cloud WLC is not available * multi_psk_only and psk is ignored * pairwise can only be wpa2-ccmp (for now, wpa3 support on the roadmap)
    DynamicVlan Pulumi.JuniperMist.Site.Inputs.WlanDynamicVlan
    for 802.1x
    EnableLocalKeycaching bool
    enable AP-AP keycaching via multicast
    EnableWirelessBridging bool
    by default, we'd inspect all DHCP packets and drop those unrelated to the wireless client itself in the case where client is a wireless bridge (DHCP packets for other MACs will need to be orwarded), wireless_bridging can be enabled
    EnableWirelessBridgingDhcpTracking bool
    if the client bridge is doing DHCP on behalf of other devices (L2-NAT), enable dhcp_tracking will cut down DHCP response packets to be forwarded to wireless
    Enabled bool
    if this wlan is enabled
    FastDot1xTimers bool
    if set to true, sets default fast-timers with values calculated from ‘auth_servers_timeout’ and ‘auth_server_retries’ .
    HideSsid bool
    whether to hide SSID in beacon
    HostnameIe bool
    include hostname inside IE in AP beacons / probe responses
    Hotspot20 Pulumi.JuniperMist.Site.Inputs.WlanHotspot20
    hostspot 2.0 wlan settings
    InjectDhcpOption82 Pulumi.JuniperMist.Site.Inputs.WlanInjectDhcpOption82
    Interface string
    where this WLAN will be connected to. enum: all, eth0, eth1, eth2, eth3, mxtunnel, site_mxedge, wxtunnel
    Isolation bool
    whether to stop clients to talk to each other
    L2Isolation bool
    if isolation is enabled, whether to deny clients to talk to L2 on the LAN
    LegacyOverds bool
    legacy devices requires the Over-DS (for Fast BSS Transition) bit set (while our chip doesn’t support it). Warning! Enabling this will cause problem for iOS devices.
    LimitBcast bool
    whether to limit broadcast packets going to wireless (i.e. only allow certain bcast packets to go through)
    LimitProbeResponse bool
    limit probe response base on some heuristic rules
    MaxIdletime int
    max idle time in seconds
    MistNac Pulumi.JuniperMist.Site.Inputs.WlanMistNac
    MspId string
    MxtunnelIds List<string>
    when interface=mxtunnel, id of the Mist Tunnel
    MxtunnelNames List<string>
    when interface=site_medge, name of the mxtunnel that in mxtunnels under Site Setting
    NoStaticDns bool
    whether to only allow client to use DNS that we’ve learned from DHCP response
    NoStaticIp bool
    whether to only allow client that we’ve learned from DHCP exchange to talk
    OrgId string
    Portal Pulumi.JuniperMist.Site.Inputs.WlanPortal
    portal wlan settings
    PortalAllowedHostnames List<string>
    list of hostnames without http(s):// (matched by substring)
    PortalAllowedSubnets List<string>
    list of CIDRs
    PortalApiSecret string
    api secret (auto-generated) that can be used to sign guest authorization requests
    PortalDeniedHostnames List<string>
    list of hostnames without http(s):// (matched by substring), this takes precedence over portal_allowed_hostnames
    PortalImage string
    Url of portal background image
    PortalSsoUrl string
    PortalTemplateUrl string
    N.B portal_template will be forked out of wlan objects soon. To fetch portal_template, please query portal_template_url. To update portal_template, use Wlan Portal Template.
    Qos Pulumi.JuniperMist.Site.Inputs.WlanQos
    Radsec Pulumi.JuniperMist.Site.Inputs.WlanRadsec
    Radsec settings
    RoamMode string
    enum: 11r, OKC, NONE
    Schedule Pulumi.JuniperMist.Site.Inputs.WlanSchedule
    WLAN operating schedule, default is disabled
    SiteId string
    SleExcluded bool
    whether to exclude this WLAN from SLE metrics
    Ssid string
    the name of the SSID
    Thumbnail string
    Url of portal background image thumbnail
    UseEapolV1 bool
    if auth.type==’eap’ or ‘psk’, should only be set for legacy client, such as pre-2004, 802.11b devices
    VlanEnabled bool
    if vlan tagging is enabled
    VlanId string
    VlanIds List<string>
    vlan_ids to use when there’s no match from RA
    VlanPooling bool
    vlan pooling allows AP to place client on different VLAN using a deterministic algorithm
    WlanLimitDown int
    kbps
    WlanLimitDownEnabled bool
    if downlink limiting for whole wlan is enabled
    WlanLimitUp int
    kbps
    WlanLimitUpEnabled bool
    if uplink limiting for whole wlan is enabled
    WxtagIds List<string>
    list of wxtag_ids
    WxtunnelId string
    when interface=wxtunnel, id of the WXLAN Tunnel
    WxtunnelRemoteId string
    when interface=wxtunnel, remote tunnel identifier
    AcctImmediateUpdate bool
    enable coa-immediate-update and address-change-immediate-update on the access profile.
    AcctInterimInterval int
    how frequently should interim accounting be reported, 60-65535. default is 0 (use one specified in Access-Accept request from RADIUS Server). Very frequent messages can affect the performance of the radius server, 600 and up is recommended when enabled
    AcctServers []WlanAcctServerArgs
    list of RADIUS accounting servers, optional, order matters where the first one is treated as primary
    Airwatch WlanAirwatchArgs
    airwatch wlan settings
    AllowIpv6Ndp bool
    only applicable when limit_bcast==true, which allows or disallows ipv6 Neighbor Discovery packets to go through
    AllowMdns bool
    only applicable when limit_bcast==true, which allows mDNS / Bonjour packets to go through
    AllowSsdp bool
    only applicable when limit_bcast==true, which allows SSDP
    ApIds []string
    list of device ids
    AppLimit WlanAppLimitArgs
    bandwidth limiting for apps (applies to up/down)
    AppQos WlanAppQosArgs
    app qos wlan settings
    ApplyTo string
    enum: aps, site, wxtags
    ArpFilter bool
    whether to enable smart arp filter
    Auth WlanAuthArgs
    authentication wlan settings
    AuthServerSelection string
    When ordered, AP will prefer and go back to the first server if possible. enum: ordered, unordered
    AuthServers []WlanAuthServerArgs
    list of RADIUS authentication servers, at least one is needed if auth type==eap, order matters where the first one is treated as primary
    AuthServersNasId string
    optional, up to 48 bytes, will be dynamically generated if not provided. used only for authentication servers
    AuthServersNasIp string
    optional, NAS-IP-ADDRESS to use
    AuthServersRetries int
    radius auth session retries. Following fast timers are set if “fast_dot1x_timers” knob is enabled. ‘retries’ are set to value of auth_servers_retries. ‘max-requests’ is also set when setting auth_servers_retries and is set to default value to 3.
    AuthServersTimeout int
    radius auth session timeout. Following fast timers are set if “fast_dot1x_timers” knob is enabled. ‘quite-period’ and ‘transmit-period’ are set to half the value of auth_servers_timeout. ‘supplicant-timeout’ is also set when setting auth_servers_timeout and is set to default value of 10.
    BandSteer bool
    whether to enable band_steering, this works only when band==both
    BandSteerForceBand5 bool
    force dual_band capable client to connect to 5G
    Bands []string
    list of radios that the wlan should apply to. enum: 24, 5, 6
    BlockBlacklistClients bool
    whether to block the clients in the blacklist (up to first 256 macs)
    Bonjour WlanBonjourArgs
    bonjour gateway wlan settings
    CiscoCwa WlanCiscoCwaArgs
    Cisco CWA (central web authentication) required RADIUS with COA in order to work. See CWA: https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/115732-central-web-auth-00.html
    ClientLimitDown int
    kbps
    ClientLimitDownEnabled bool
    if downlink limiting per-client is enabled
    ClientLimitUp int
    kbps
    ClientLimitUpEnabled bool
    if uplink limiting per-client is enabled
    CoaServers []WlanCoaServerArgs
    list of COA (change of authorization) servers, optional
    Disable11ax bool
    some old WLAN drivers may not be compatible
    DisableHtVhtRates bool
    to disable ht or vht rates
    DisableUapsd bool
    whether to disable U-APSD
    DisableV1RoamNotify bool
    disable sending v2 roam notification messages
    DisableV2RoamNotify bool
    disable sending v2 roam notification messages
    DisableWmm bool
    whether to disable WMM
    DnsServerRewrite WlanDnsServerRewriteArgs
    for radius_group-based DNS server (rewrite DNS request depending on the Group RADIUS server returns)
    Dtim int
    DynamicPsk WlanDynamicPskArgs
    for dynamic PSK where we get per_user PSK from Radius. dynamic_psk allows PSK to be selected at runtime depending on context (wlan/site/user/...) thus following configurations are assumed (currently) * PSK will come from RADIUS server * AP sends client MAC as username ans password (i.e. enable_mac_auth is assumed) * AP sends BSSID:SSID as Caller-Station-ID * auth_servers is required * PSK will come from cloud WLC if source is cloud_psks * default_psk will be used if cloud WLC is not available * multi_psk_only and psk is ignored * pairwise can only be wpa2-ccmp (for now, wpa3 support on the roadmap)
    DynamicVlan WlanDynamicVlanArgs
    for 802.1x
    EnableLocalKeycaching bool
    enable AP-AP keycaching via multicast
    EnableWirelessBridging bool
    by default, we'd inspect all DHCP packets and drop those unrelated to the wireless client itself in the case where client is a wireless bridge (DHCP packets for other MACs will need to be orwarded), wireless_bridging can be enabled
    EnableWirelessBridgingDhcpTracking bool
    if the client bridge is doing DHCP on behalf of other devices (L2-NAT), enable dhcp_tracking will cut down DHCP response packets to be forwarded to wireless
    Enabled bool
    if this wlan is enabled
    FastDot1xTimers bool
    if set to true, sets default fast-timers with values calculated from ‘auth_servers_timeout’ and ‘auth_server_retries’ .
    HideSsid bool
    whether to hide SSID in beacon
    HostnameIe bool
    include hostname inside IE in AP beacons / probe responses
    Hotspot20 WlanHotspot20Args
    hostspot 2.0 wlan settings
    InjectDhcpOption82 WlanInjectDhcpOption82Args
    Interface string
    where this WLAN will be connected to. enum: all, eth0, eth1, eth2, eth3, mxtunnel, site_mxedge, wxtunnel
    Isolation bool
    whether to stop clients to talk to each other
    L2Isolation bool
    if isolation is enabled, whether to deny clients to talk to L2 on the LAN
    LegacyOverds bool
    legacy devices requires the Over-DS (for Fast BSS Transition) bit set (while our chip doesn’t support it). Warning! Enabling this will cause problem for iOS devices.
    LimitBcast bool
    whether to limit broadcast packets going to wireless (i.e. only allow certain bcast packets to go through)
    LimitProbeResponse bool
    limit probe response base on some heuristic rules
    MaxIdletime int
    max idle time in seconds
    MistNac WlanMistNacArgs
    MspId string
    MxtunnelIds []string
    when interface=mxtunnel, id of the Mist Tunnel
    MxtunnelNames []string
    when interface=site_medge, name of the mxtunnel that in mxtunnels under Site Setting
    NoStaticDns bool
    whether to only allow client to use DNS that we’ve learned from DHCP response
    NoStaticIp bool
    whether to only allow client that we’ve learned from DHCP exchange to talk
    OrgId string
    Portal WlanPortalArgs
    portal wlan settings
    PortalAllowedHostnames []string
    list of hostnames without http(s):// (matched by substring)
    PortalAllowedSubnets []string
    list of CIDRs
    PortalApiSecret string
    api secret (auto-generated) that can be used to sign guest authorization requests
    PortalDeniedHostnames []string
    list of hostnames without http(s):// (matched by substring), this takes precedence over portal_allowed_hostnames
    PortalImage string
    Url of portal background image
    PortalSsoUrl string
    PortalTemplateUrl string
    N.B portal_template will be forked out of wlan objects soon. To fetch portal_template, please query portal_template_url. To update portal_template, use Wlan Portal Template.
    Qos WlanQosArgs
    Radsec WlanRadsecArgs
    Radsec settings
    RoamMode string
    enum: 11r, OKC, NONE
    Schedule WlanScheduleArgs
    WLAN operating schedule, default is disabled
    SiteId string
    SleExcluded bool
    whether to exclude this WLAN from SLE metrics
    Ssid string
    the name of the SSID
    Thumbnail string
    Url of portal background image thumbnail
    UseEapolV1 bool
    if auth.type==’eap’ or ‘psk’, should only be set for legacy client, such as pre-2004, 802.11b devices
    VlanEnabled bool
    if vlan tagging is enabled
    VlanId string
    VlanIds []string
    vlan_ids to use when there’s no match from RA
    VlanPooling bool
    vlan pooling allows AP to place client on different VLAN using a deterministic algorithm
    WlanLimitDown int
    kbps
    WlanLimitDownEnabled bool
    if downlink limiting for whole wlan is enabled
    WlanLimitUp int
    kbps
    WlanLimitUpEnabled bool
    if uplink limiting for whole wlan is enabled
    WxtagIds []string
    list of wxtag_ids
    WxtunnelId string
    when interface=wxtunnel, id of the WXLAN Tunnel
    WxtunnelRemoteId string
    when interface=wxtunnel, remote tunnel identifier
    acctImmediateUpdate Boolean
    enable coa-immediate-update and address-change-immediate-update on the access profile.
    acctInterimInterval Integer
    how frequently should interim accounting be reported, 60-65535. default is 0 (use one specified in Access-Accept request from RADIUS Server). Very frequent messages can affect the performance of the radius server, 600 and up is recommended when enabled
    acctServers List<WlanAcctServer>
    list of RADIUS accounting servers, optional, order matters where the first one is treated as primary
    airwatch WlanAirwatch
    airwatch wlan settings
    allowIpv6Ndp Boolean
    only applicable when limit_bcast==true, which allows or disallows ipv6 Neighbor Discovery packets to go through
    allowMdns Boolean
    only applicable when limit_bcast==true, which allows mDNS / Bonjour packets to go through
    allowSsdp Boolean
    only applicable when limit_bcast==true, which allows SSDP
    apIds List<String>
    list of device ids
    appLimit WlanAppLimit
    bandwidth limiting for apps (applies to up/down)
    appQos WlanAppQos
    app qos wlan settings
    applyTo String
    enum: aps, site, wxtags
    arpFilter Boolean
    whether to enable smart arp filter
    auth WlanAuth
    authentication wlan settings
    authServerSelection String
    When ordered, AP will prefer and go back to the first server if possible. enum: ordered, unordered
    authServers List<WlanAuthServer>
    list of RADIUS authentication servers, at least one is needed if auth type==eap, order matters where the first one is treated as primary
    authServersNasId String
    optional, up to 48 bytes, will be dynamically generated if not provided. used only for authentication servers
    authServersNasIp String
    optional, NAS-IP-ADDRESS to use
    authServersRetries Integer
    radius auth session retries. Following fast timers are set if “fast_dot1x_timers” knob is enabled. ‘retries’ are set to value of auth_servers_retries. ‘max-requests’ is also set when setting auth_servers_retries and is set to default value to 3.
    authServersTimeout Integer
    radius auth session timeout. Following fast timers are set if “fast_dot1x_timers” knob is enabled. ‘quite-period’ and ‘transmit-period’ are set to half the value of auth_servers_timeout. ‘supplicant-timeout’ is also set when setting auth_servers_timeout and is set to default value of 10.
    bandSteer Boolean
    whether to enable band_steering, this works only when band==both
    bandSteerForceBand5 Boolean
    force dual_band capable client to connect to 5G
    bands List<String>
    list of radios that the wlan should apply to. enum: 24, 5, 6
    blockBlacklistClients Boolean
    whether to block the clients in the blacklist (up to first 256 macs)
    bonjour WlanBonjour
    bonjour gateway wlan settings
    ciscoCwa WlanCiscoCwa
    Cisco CWA (central web authentication) required RADIUS with COA in order to work. See CWA: https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/115732-central-web-auth-00.html
    clientLimitDown Integer
    kbps
    clientLimitDownEnabled Boolean
    if downlink limiting per-client is enabled
    clientLimitUp Integer
    kbps
    clientLimitUpEnabled Boolean
    if uplink limiting per-client is enabled
    coaServers List<WlanCoaServer>
    list of COA (change of authorization) servers, optional
    disable11ax Boolean
    some old WLAN drivers may not be compatible
    disableHtVhtRates Boolean
    to disable ht or vht rates
    disableUapsd Boolean
    whether to disable U-APSD
    disableV1RoamNotify Boolean
    disable sending v2 roam notification messages
    disableV2RoamNotify Boolean
    disable sending v2 roam notification messages
    disableWmm Boolean
    whether to disable WMM
    dnsServerRewrite WlanDnsServerRewrite
    for radius_group-based DNS server (rewrite DNS request depending on the Group RADIUS server returns)
    dtim Integer
    dynamicPsk WlanDynamicPsk
    for dynamic PSK where we get per_user PSK from Radius. dynamic_psk allows PSK to be selected at runtime depending on context (wlan/site/user/...) thus following configurations are assumed (currently) * PSK will come from RADIUS server * AP sends client MAC as username ans password (i.e. enable_mac_auth is assumed) * AP sends BSSID:SSID as Caller-Station-ID * auth_servers is required * PSK will come from cloud WLC if source is cloud_psks * default_psk will be used if cloud WLC is not available * multi_psk_only and psk is ignored * pairwise can only be wpa2-ccmp (for now, wpa3 support on the roadmap)
    dynamicVlan WlanDynamicVlan
    for 802.1x
    enableLocalKeycaching Boolean
    enable AP-AP keycaching via multicast
    enableWirelessBridging Boolean
    by default, we'd inspect all DHCP packets and drop those unrelated to the wireless client itself in the case where client is a wireless bridge (DHCP packets for other MACs will need to be orwarded), wireless_bridging can be enabled
    enableWirelessBridgingDhcpTracking Boolean
    if the client bridge is doing DHCP on behalf of other devices (L2-NAT), enable dhcp_tracking will cut down DHCP response packets to be forwarded to wireless
    enabled Boolean
    if this wlan is enabled
    fastDot1xTimers Boolean
    if set to true, sets default fast-timers with values calculated from ‘auth_servers_timeout’ and ‘auth_server_retries’ .
    hideSsid Boolean
    whether to hide SSID in beacon
    hostnameIe Boolean
    include hostname inside IE in AP beacons / probe responses
    hotspot20 WlanHotspot20
    hostspot 2.0 wlan settings
    injectDhcpOption82 WlanInjectDhcpOption82
    interface_ String
    where this WLAN will be connected to. enum: all, eth0, eth1, eth2, eth3, mxtunnel, site_mxedge, wxtunnel
    isolation Boolean
    whether to stop clients to talk to each other
    l2Isolation Boolean
    if isolation is enabled, whether to deny clients to talk to L2 on the LAN
    legacyOverds Boolean
    legacy devices requires the Over-DS (for Fast BSS Transition) bit set (while our chip doesn’t support it). Warning! Enabling this will cause problem for iOS devices.
    limitBcast Boolean
    whether to limit broadcast packets going to wireless (i.e. only allow certain bcast packets to go through)
    limitProbeResponse Boolean
    limit probe response base on some heuristic rules
    maxIdletime Integer
    max idle time in seconds
    mistNac WlanMistNac
    mspId String
    mxtunnelIds List<String>
    when interface=mxtunnel, id of the Mist Tunnel
    mxtunnelNames List<String>
    when interface=site_medge, name of the mxtunnel that in mxtunnels under Site Setting
    noStaticDns Boolean
    whether to only allow client to use DNS that we’ve learned from DHCP response
    noStaticIp Boolean
    whether to only allow client that we’ve learned from DHCP exchange to talk
    orgId String
    portal WlanPortal
    portal wlan settings
    portalAllowedHostnames List<String>
    list of hostnames without http(s):// (matched by substring)
    portalAllowedSubnets List<String>
    list of CIDRs
    portalApiSecret String
    api secret (auto-generated) that can be used to sign guest authorization requests
    portalDeniedHostnames List<String>
    list of hostnames without http(s):// (matched by substring), this takes precedence over portal_allowed_hostnames
    portalImage String
    Url of portal background image
    portalSsoUrl String
    portalTemplateUrl String
    N.B portal_template will be forked out of wlan objects soon. To fetch portal_template, please query portal_template_url. To update portal_template, use Wlan Portal Template.
    qos WlanQos
    radsec WlanRadsec
    Radsec settings
    roamMode String
    enum: 11r, OKC, NONE
    schedule WlanSchedule
    WLAN operating schedule, default is disabled
    siteId String
    sleExcluded Boolean
    whether to exclude this WLAN from SLE metrics
    ssid String
    the name of the SSID
    thumbnail String
    Url of portal background image thumbnail
    useEapolV1 Boolean
    if auth.type==’eap’ or ‘psk’, should only be set for legacy client, such as pre-2004, 802.11b devices
    vlanEnabled Boolean
    if vlan tagging is enabled
    vlanId String
    vlanIds List<String>
    vlan_ids to use when there’s no match from RA
    vlanPooling Boolean
    vlan pooling allows AP to place client on different VLAN using a deterministic algorithm
    wlanLimitDown Integer
    kbps
    wlanLimitDownEnabled Boolean
    if downlink limiting for whole wlan is enabled
    wlanLimitUp Integer
    kbps
    wlanLimitUpEnabled Boolean
    if uplink limiting for whole wlan is enabled
    wxtagIds List<String>
    list of wxtag_ids
    wxtunnelId String
    when interface=wxtunnel, id of the WXLAN Tunnel
    wxtunnelRemoteId String
    when interface=wxtunnel, remote tunnel identifier
    acctImmediateUpdate boolean
    enable coa-immediate-update and address-change-immediate-update on the access profile.
    acctInterimInterval number
    how frequently should interim accounting be reported, 60-65535. default is 0 (use one specified in Access-Accept request from RADIUS Server). Very frequent messages can affect the performance of the radius server, 600 and up is recommended when enabled
    acctServers WlanAcctServer[]
    list of RADIUS accounting servers, optional, order matters where the first one is treated as primary
    airwatch WlanAirwatch
    airwatch wlan settings
    allowIpv6Ndp boolean
    only applicable when limit_bcast==true, which allows or disallows ipv6 Neighbor Discovery packets to go through
    allowMdns boolean
    only applicable when limit_bcast==true, which allows mDNS / Bonjour packets to go through
    allowSsdp boolean
    only applicable when limit_bcast==true, which allows SSDP
    apIds string[]
    list of device ids
    appLimit WlanAppLimit
    bandwidth limiting for apps (applies to up/down)
    appQos WlanAppQos
    app qos wlan settings
    applyTo string
    enum: aps, site, wxtags
    arpFilter boolean
    whether to enable smart arp filter
    auth WlanAuth
    authentication wlan settings
    authServerSelection string
    When ordered, AP will prefer and go back to the first server if possible. enum: ordered, unordered
    authServers WlanAuthServer[]
    list of RADIUS authentication servers, at least one is needed if auth type==eap, order matters where the first one is treated as primary
    authServersNasId string
    optional, up to 48 bytes, will be dynamically generated if not provided. used only for authentication servers
    authServersNasIp string
    optional, NAS-IP-ADDRESS to use
    authServersRetries number
    radius auth session retries. Following fast timers are set if “fast_dot1x_timers” knob is enabled. ‘retries’ are set to value of auth_servers_retries. ‘max-requests’ is also set when setting auth_servers_retries and is set to default value to 3.
    authServersTimeout number
    radius auth session timeout. Following fast timers are set if “fast_dot1x_timers” knob is enabled. ‘quite-period’ and ‘transmit-period’ are set to half the value of auth_servers_timeout. ‘supplicant-timeout’ is also set when setting auth_servers_timeout and is set to default value of 10.
    bandSteer boolean
    whether to enable band_steering, this works only when band==both
    bandSteerForceBand5 boolean
    force dual_band capable client to connect to 5G
    bands string[]
    list of radios that the wlan should apply to. enum: 24, 5, 6
    blockBlacklistClients boolean
    whether to block the clients in the blacklist (up to first 256 macs)
    bonjour WlanBonjour
    bonjour gateway wlan settings
    ciscoCwa WlanCiscoCwa
    Cisco CWA (central web authentication) required RADIUS with COA in order to work. See CWA: https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/115732-central-web-auth-00.html
    clientLimitDown number
    kbps
    clientLimitDownEnabled boolean
    if downlink limiting per-client is enabled
    clientLimitUp number
    kbps
    clientLimitUpEnabled boolean
    if uplink limiting per-client is enabled
    coaServers WlanCoaServer[]
    list of COA (change of authorization) servers, optional
    disable11ax boolean
    some old WLAN drivers may not be compatible
    disableHtVhtRates boolean
    to disable ht or vht rates
    disableUapsd boolean
    whether to disable U-APSD
    disableV1RoamNotify boolean
    disable sending v2 roam notification messages
    disableV2RoamNotify boolean
    disable sending v2 roam notification messages
    disableWmm boolean
    whether to disable WMM
    dnsServerRewrite WlanDnsServerRewrite
    for radius_group-based DNS server (rewrite DNS request depending on the Group RADIUS server returns)
    dtim number
    dynamicPsk WlanDynamicPsk
    for dynamic PSK where we get per_user PSK from Radius. dynamic_psk allows PSK to be selected at runtime depending on context (wlan/site/user/...) thus following configurations are assumed (currently) * PSK will come from RADIUS server * AP sends client MAC as username ans password (i.e. enable_mac_auth is assumed) * AP sends BSSID:SSID as Caller-Station-ID * auth_servers is required * PSK will come from cloud WLC if source is cloud_psks * default_psk will be used if cloud WLC is not available * multi_psk_only and psk is ignored * pairwise can only be wpa2-ccmp (for now, wpa3 support on the roadmap)
    dynamicVlan WlanDynamicVlan
    for 802.1x
    enableLocalKeycaching boolean
    enable AP-AP keycaching via multicast
    enableWirelessBridging boolean
    by default, we'd inspect all DHCP packets and drop those unrelated to the wireless client itself in the case where client is a wireless bridge (DHCP packets for other MACs will need to be orwarded), wireless_bridging can be enabled
    enableWirelessBridgingDhcpTracking boolean
    if the client bridge is doing DHCP on behalf of other devices (L2-NAT), enable dhcp_tracking will cut down DHCP response packets to be forwarded to wireless
    enabled boolean
    if this wlan is enabled
    fastDot1xTimers boolean
    if set to true, sets default fast-timers with values calculated from ‘auth_servers_timeout’ and ‘auth_server_retries’ .
    hideSsid boolean
    whether to hide SSID in beacon
    hostnameIe boolean
    include hostname inside IE in AP beacons / probe responses
    hotspot20 WlanHotspot20
    hostspot 2.0 wlan settings
    injectDhcpOption82 WlanInjectDhcpOption82
    interface string
    where this WLAN will be connected to. enum: all, eth0, eth1, eth2, eth3, mxtunnel, site_mxedge, wxtunnel
    isolation boolean
    whether to stop clients to talk to each other
    l2Isolation boolean
    if isolation is enabled, whether to deny clients to talk to L2 on the LAN
    legacyOverds boolean
    legacy devices requires the Over-DS (for Fast BSS Transition) bit set (while our chip doesn’t support it). Warning! Enabling this will cause problem for iOS devices.
    limitBcast boolean
    whether to limit broadcast packets going to wireless (i.e. only allow certain bcast packets to go through)
    limitProbeResponse boolean
    limit probe response base on some heuristic rules
    maxIdletime number
    max idle time in seconds
    mistNac WlanMistNac
    mspId string
    mxtunnelIds string[]
    when interface=mxtunnel, id of the Mist Tunnel
    mxtunnelNames string[]
    when interface=site_medge, name of the mxtunnel that in mxtunnels under Site Setting
    noStaticDns boolean
    whether to only allow client to use DNS that we’ve learned from DHCP response
    noStaticIp boolean
    whether to only allow client that we’ve learned from DHCP exchange to talk
    orgId string
    portal WlanPortal
    portal wlan settings
    portalAllowedHostnames string[]
    list of hostnames without http(s):// (matched by substring)
    portalAllowedSubnets string[]
    list of CIDRs
    portalApiSecret string
    api secret (auto-generated) that can be used to sign guest authorization requests
    portalDeniedHostnames string[]
    list of hostnames without http(s):// (matched by substring), this takes precedence over portal_allowed_hostnames
    portalImage string
    Url of portal background image
    portalSsoUrl string
    portalTemplateUrl string
    N.B portal_template will be forked out of wlan objects soon. To fetch portal_template, please query portal_template_url. To update portal_template, use Wlan Portal Template.
    qos WlanQos
    radsec WlanRadsec
    Radsec settings
    roamMode string
    enum: 11r, OKC, NONE
    schedule WlanSchedule
    WLAN operating schedule, default is disabled
    siteId string
    sleExcluded boolean
    whether to exclude this WLAN from SLE metrics
    ssid string
    the name of the SSID
    thumbnail string
    Url of portal background image thumbnail
    useEapolV1 boolean
    if auth.type==’eap’ or ‘psk’, should only be set for legacy client, such as pre-2004, 802.11b devices
    vlanEnabled boolean
    if vlan tagging is enabled
    vlanId string
    vlanIds string[]
    vlan_ids to use when there’s no match from RA
    vlanPooling boolean
    vlan pooling allows AP to place client on different VLAN using a deterministic algorithm
    wlanLimitDown number
    kbps
    wlanLimitDownEnabled boolean
    if downlink limiting for whole wlan is enabled
    wlanLimitUp number
    kbps
    wlanLimitUpEnabled boolean
    if uplink limiting for whole wlan is enabled
    wxtagIds string[]
    list of wxtag_ids
    wxtunnelId string
    when interface=wxtunnel, id of the WXLAN Tunnel
    wxtunnelRemoteId string
    when interface=wxtunnel, remote tunnel identifier
    acct_immediate_update bool
    enable coa-immediate-update and address-change-immediate-update on the access profile.
    acct_interim_interval int
    how frequently should interim accounting be reported, 60-65535. default is 0 (use one specified in Access-Accept request from RADIUS Server). Very frequent messages can affect the performance of the radius server, 600 and up is recommended when enabled
    acct_servers Sequence[WlanAcctServerArgs]
    list of RADIUS accounting servers, optional, order matters where the first one is treated as primary
    airwatch WlanAirwatchArgs
    airwatch wlan settings
    allow_ipv6_ndp bool
    only applicable when limit_bcast==true, which allows or disallows ipv6 Neighbor Discovery packets to go through
    allow_mdns bool
    only applicable when limit_bcast==true, which allows mDNS / Bonjour packets to go through
    allow_ssdp bool
    only applicable when limit_bcast==true, which allows SSDP
    ap_ids Sequence[str]
    list of device ids
    app_limit WlanAppLimitArgs
    bandwidth limiting for apps (applies to up/down)
    app_qos WlanAppQosArgs
    app qos wlan settings
    apply_to str
    enum: aps, site, wxtags
    arp_filter bool
    whether to enable smart arp filter
    auth WlanAuthArgs
    authentication wlan settings
    auth_server_selection str
    When ordered, AP will prefer and go back to the first server if possible. enum: ordered, unordered
    auth_servers Sequence[WlanAuthServerArgs]
    list of RADIUS authentication servers, at least one is needed if auth type==eap, order matters where the first one is treated as primary
    auth_servers_nas_id str
    optional, up to 48 bytes, will be dynamically generated if not provided. used only for authentication servers
    auth_servers_nas_ip str
    optional, NAS-IP-ADDRESS to use
    auth_servers_retries int
    radius auth session retries. Following fast timers are set if “fast_dot1x_timers” knob is enabled. ‘retries’ are set to value of auth_servers_retries. ‘max-requests’ is also set when setting auth_servers_retries and is set to default value to 3.
    auth_servers_timeout int
    radius auth session timeout. Following fast timers are set if “fast_dot1x_timers” knob is enabled. ‘quite-period’ and ‘transmit-period’ are set to half the value of auth_servers_timeout. ‘supplicant-timeout’ is also set when setting auth_servers_timeout and is set to default value of 10.
    band_steer bool
    whether to enable band_steering, this works only when band==both
    band_steer_force_band5 bool
    force dual_band capable client to connect to 5G
    bands Sequence[str]
    list of radios that the wlan should apply to. enum: 24, 5, 6
    block_blacklist_clients bool
    whether to block the clients in the blacklist (up to first 256 macs)
    bonjour WlanBonjourArgs
    bonjour gateway wlan settings
    cisco_cwa WlanCiscoCwaArgs
    Cisco CWA (central web authentication) required RADIUS with COA in order to work. See CWA: https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/115732-central-web-auth-00.html
    client_limit_down int
    kbps
    client_limit_down_enabled bool
    if downlink limiting per-client is enabled
    client_limit_up int
    kbps
    client_limit_up_enabled bool
    if uplink limiting per-client is enabled
    coa_servers Sequence[WlanCoaServerArgs]
    list of COA (change of authorization) servers, optional
    disable11ax bool
    some old WLAN drivers may not be compatible
    disable_ht_vht_rates bool
    to disable ht or vht rates
    disable_uapsd bool
    whether to disable U-APSD
    disable_v1_roam_notify bool
    disable sending v2 roam notification messages
    disable_v2_roam_notify bool
    disable sending v2 roam notification messages
    disable_wmm bool
    whether to disable WMM
    dns_server_rewrite WlanDnsServerRewriteArgs
    for radius_group-based DNS server (rewrite DNS request depending on the Group RADIUS server returns)
    dtim int
    dynamic_psk WlanDynamicPskArgs
    for dynamic PSK where we get per_user PSK from Radius. dynamic_psk allows PSK to be selected at runtime depending on context (wlan/site/user/...) thus following configurations are assumed (currently) * PSK will come from RADIUS server * AP sends client MAC as username ans password (i.e. enable_mac_auth is assumed) * AP sends BSSID:SSID as Caller-Station-ID * auth_servers is required * PSK will come from cloud WLC if source is cloud_psks * default_psk will be used if cloud WLC is not available * multi_psk_only and psk is ignored * pairwise can only be wpa2-ccmp (for now, wpa3 support on the roadmap)
    dynamic_vlan WlanDynamicVlanArgs
    for 802.1x
    enable_local_keycaching bool
    enable AP-AP keycaching via multicast
    enable_wireless_bridging bool
    by default, we'd inspect all DHCP packets and drop those unrelated to the wireless client itself in the case where client is a wireless bridge (DHCP packets for other MACs will need to be orwarded), wireless_bridging can be enabled
    enable_wireless_bridging_dhcp_tracking bool
    if the client bridge is doing DHCP on behalf of other devices (L2-NAT), enable dhcp_tracking will cut down DHCP response packets to be forwarded to wireless
    enabled bool
    if this wlan is enabled
    fast_dot1x_timers bool
    if set to true, sets default fast-timers with values calculated from ‘auth_servers_timeout’ and ‘auth_server_retries’ .
    hide_ssid bool
    whether to hide SSID in beacon
    hostname_ie bool
    include hostname inside IE in AP beacons / probe responses
    hotspot20 WlanHotspot20Args
    hostspot 2.0 wlan settings
    inject_dhcp_option82 WlanInjectDhcpOption82Args
    interface str
    where this WLAN will be connected to. enum: all, eth0, eth1, eth2, eth3, mxtunnel, site_mxedge, wxtunnel
    isolation bool
    whether to stop clients to talk to each other
    l2_isolation bool
    if isolation is enabled, whether to deny clients to talk to L2 on the LAN
    legacy_overds bool
    legacy devices requires the Over-DS (for Fast BSS Transition) bit set (while our chip doesn’t support it). Warning! Enabling this will cause problem for iOS devices.
    limit_bcast bool
    whether to limit broadcast packets going to wireless (i.e. only allow certain bcast packets to go through)
    limit_probe_response bool
    limit probe response base on some heuristic rules
    max_idletime int
    max idle time in seconds
    mist_nac WlanMistNacArgs
    msp_id str
    mxtunnel_ids Sequence[str]
    when interface=mxtunnel, id of the Mist Tunnel
    mxtunnel_names Sequence[str]
    when interface=site_medge, name of the mxtunnel that in mxtunnels under Site Setting
    no_static_dns bool
    whether to only allow client to use DNS that we’ve learned from DHCP response
    no_static_ip bool
    whether to only allow client that we’ve learned from DHCP exchange to talk
    org_id str
    portal WlanPortalArgs
    portal wlan settings
    portal_allowed_hostnames Sequence[str]
    list of hostnames without http(s):// (matched by substring)
    portal_allowed_subnets Sequence[str]
    list of CIDRs
    portal_api_secret str
    api secret (auto-generated) that can be used to sign guest authorization requests
    portal_denied_hostnames Sequence[str]
    list of hostnames without http(s):// (matched by substring), this takes precedence over portal_allowed_hostnames
    portal_image str
    Url of portal background image
    portal_sso_url str
    portal_template_url str
    N.B portal_template will be forked out of wlan objects soon. To fetch portal_template, please query portal_template_url. To update portal_template, use Wlan Portal Template.
    qos WlanQosArgs
    radsec WlanRadsecArgs
    Radsec settings
    roam_mode str
    enum: 11r, OKC, NONE
    schedule WlanScheduleArgs
    WLAN operating schedule, default is disabled
    site_id str
    sle_excluded bool
    whether to exclude this WLAN from SLE metrics
    ssid str
    the name of the SSID
    thumbnail str
    Url of portal background image thumbnail
    use_eapol_v1 bool
    if auth.type==’eap’ or ‘psk’, should only be set for legacy client, such as pre-2004, 802.11b devices
    vlan_enabled bool
    if vlan tagging is enabled
    vlan_id str
    vlan_ids Sequence[str]
    vlan_ids to use when there’s no match from RA
    vlan_pooling bool
    vlan pooling allows AP to place client on different VLAN using a deterministic algorithm
    wlan_limit_down int
    kbps
    wlan_limit_down_enabled bool
    if downlink limiting for whole wlan is enabled
    wlan_limit_up int
    kbps
    wlan_limit_up_enabled bool
    if uplink limiting for whole wlan is enabled
    wxtag_ids Sequence[str]
    list of wxtag_ids
    wxtunnel_id str
    when interface=wxtunnel, id of the WXLAN Tunnel
    wxtunnel_remote_id str
    when interface=wxtunnel, remote tunnel identifier
    acctImmediateUpdate Boolean
    enable coa-immediate-update and address-change-immediate-update on the access profile.
    acctInterimInterval Number
    how frequently should interim accounting be reported, 60-65535. default is 0 (use one specified in Access-Accept request from RADIUS Server). Very frequent messages can affect the performance of the radius server, 600 and up is recommended when enabled
    acctServers List<Property Map>
    list of RADIUS accounting servers, optional, order matters where the first one is treated as primary
    airwatch Property Map
    airwatch wlan settings
    allowIpv6Ndp Boolean
    only applicable when limit_bcast==true, which allows or disallows ipv6 Neighbor Discovery packets to go through
    allowMdns Boolean
    only applicable when limit_bcast==true, which allows mDNS / Bonjour packets to go through
    allowSsdp Boolean
    only applicable when limit_bcast==true, which allows SSDP
    apIds List<String>
    list of device ids
    appLimit Property Map
    bandwidth limiting for apps (applies to up/down)
    appQos Property Map
    app qos wlan settings
    applyTo String
    enum: aps, site, wxtags
    arpFilter Boolean
    whether to enable smart arp filter
    auth Property Map
    authentication wlan settings
    authServerSelection String
    When ordered, AP will prefer and go back to the first server if possible. enum: ordered, unordered
    authServers List<Property Map>
    list of RADIUS authentication servers, at least one is needed if auth type==eap, order matters where the first one is treated as primary
    authServersNasId String
    optional, up to 48 bytes, will be dynamically generated if not provided. used only for authentication servers
    authServersNasIp String
    optional, NAS-IP-ADDRESS to use
    authServersRetries Number
    radius auth session retries. Following fast timers are set if “fast_dot1x_timers” knob is enabled. ‘retries’ are set to value of auth_servers_retries. ‘max-requests’ is also set when setting auth_servers_retries and is set to default value to 3.
    authServersTimeout Number
    radius auth session timeout. Following fast timers are set if “fast_dot1x_timers” knob is enabled. ‘quite-period’ and ‘transmit-period’ are set to half the value of auth_servers_timeout. ‘supplicant-timeout’ is also set when setting auth_servers_timeout and is set to default value of 10.
    bandSteer Boolean
    whether to enable band_steering, this works only when band==both
    bandSteerForceBand5 Boolean
    force dual_band capable client to connect to 5G
    bands List<String>
    list of radios that the wlan should apply to. enum: 24, 5, 6
    blockBlacklistClients Boolean
    whether to block the clients in the blacklist (up to first 256 macs)
    bonjour Property Map
    bonjour gateway wlan settings
    ciscoCwa Property Map
    Cisco CWA (central web authentication) required RADIUS with COA in order to work. See CWA: https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/115732-central-web-auth-00.html
    clientLimitDown Number
    kbps
    clientLimitDownEnabled Boolean
    if downlink limiting per-client is enabled
    clientLimitUp Number
    kbps
    clientLimitUpEnabled Boolean
    if uplink limiting per-client is enabled
    coaServers List<Property Map>
    list of COA (change of authorization) servers, optional
    disable11ax Boolean
    some old WLAN drivers may not be compatible
    disableHtVhtRates Boolean
    to disable ht or vht rates
    disableUapsd Boolean
    whether to disable U-APSD
    disableV1RoamNotify Boolean
    disable sending v2 roam notification messages
    disableV2RoamNotify Boolean
    disable sending v2 roam notification messages
    disableWmm Boolean
    whether to disable WMM
    dnsServerRewrite Property Map
    for radius_group-based DNS server (rewrite DNS request depending on the Group RADIUS server returns)
    dtim Number
    dynamicPsk Property Map
    for dynamic PSK where we get per_user PSK from Radius. dynamic_psk allows PSK to be selected at runtime depending on context (wlan/site/user/...) thus following configurations are assumed (currently) * PSK will come from RADIUS server * AP sends client MAC as username ans password (i.e. enable_mac_auth is assumed) * AP sends BSSID:SSID as Caller-Station-ID * auth_servers is required * PSK will come from cloud WLC if source is cloud_psks * default_psk will be used if cloud WLC is not available * multi_psk_only and psk is ignored * pairwise can only be wpa2-ccmp (for now, wpa3 support on the roadmap)
    dynamicVlan Property Map
    for 802.1x
    enableLocalKeycaching Boolean
    enable AP-AP keycaching via multicast
    enableWirelessBridging Boolean
    by default, we'd inspect all DHCP packets and drop those unrelated to the wireless client itself in the case where client is a wireless bridge (DHCP packets for other MACs will need to be orwarded), wireless_bridging can be enabled
    enableWirelessBridgingDhcpTracking Boolean
    if the client bridge is doing DHCP on behalf of other devices (L2-NAT), enable dhcp_tracking will cut down DHCP response packets to be forwarded to wireless
    enabled Boolean
    if this wlan is enabled
    fastDot1xTimers Boolean
    if set to true, sets default fast-timers with values calculated from ‘auth_servers_timeout’ and ‘auth_server_retries’ .
    hideSsid Boolean
    whether to hide SSID in beacon
    hostnameIe Boolean
    include hostname inside IE in AP beacons / probe responses
    hotspot20 Property Map
    hostspot 2.0 wlan settings
    injectDhcpOption82 Property Map
    interface String
    where this WLAN will be connected to. enum: all, eth0, eth1, eth2, eth3, mxtunnel, site_mxedge, wxtunnel
    isolation Boolean
    whether to stop clients to talk to each other
    l2Isolation Boolean
    if isolation is enabled, whether to deny clients to talk to L2 on the LAN
    legacyOverds Boolean
    legacy devices requires the Over-DS (for Fast BSS Transition) bit set (while our chip doesn’t support it). Warning! Enabling this will cause problem for iOS devices.
    limitBcast Boolean
    whether to limit broadcast packets going to wireless (i.e. only allow certain bcast packets to go through)
    limitProbeResponse Boolean
    limit probe response base on some heuristic rules
    maxIdletime Number
    max idle time in seconds
    mistNac Property Map
    mspId String
    mxtunnelIds List<String>
    when interface=mxtunnel, id of the Mist Tunnel
    mxtunnelNames List<String>
    when interface=site_medge, name of the mxtunnel that in mxtunnels under Site Setting
    noStaticDns Boolean
    whether to only allow client to use DNS that we’ve learned from DHCP response
    noStaticIp Boolean
    whether to only allow client that we’ve learned from DHCP exchange to talk
    orgId String
    portal Property Map
    portal wlan settings
    portalAllowedHostnames List<String>
    list of hostnames without http(s):// (matched by substring)
    portalAllowedSubnets List<String>
    list of CIDRs
    portalApiSecret String
    api secret (auto-generated) that can be used to sign guest authorization requests
    portalDeniedHostnames List<String>
    list of hostnames without http(s):// (matched by substring), this takes precedence over portal_allowed_hostnames
    portalImage String
    Url of portal background image
    portalSsoUrl String
    portalTemplateUrl String
    N.B portal_template will be forked out of wlan objects soon. To fetch portal_template, please query portal_template_url. To update portal_template, use Wlan Portal Template.
    qos Property Map
    radsec Property Map
    Radsec settings
    roamMode String
    enum: 11r, OKC, NONE
    schedule Property Map
    WLAN operating schedule, default is disabled
    siteId String
    sleExcluded Boolean
    whether to exclude this WLAN from SLE metrics
    ssid String
    the name of the SSID
    thumbnail String
    Url of portal background image thumbnail
    useEapolV1 Boolean
    if auth.type==’eap’ or ‘psk’, should only be set for legacy client, such as pre-2004, 802.11b devices
    vlanEnabled Boolean
    if vlan tagging is enabled
    vlanId String
    vlanIds List<String>
    vlan_ids to use when there’s no match from RA
    vlanPooling Boolean
    vlan pooling allows AP to place client on different VLAN using a deterministic algorithm
    wlanLimitDown Number
    kbps
    wlanLimitDownEnabled Boolean
    if downlink limiting for whole wlan is enabled
    wlanLimitUp Number
    kbps
    wlanLimitUpEnabled Boolean
    if uplink limiting for whole wlan is enabled
    wxtagIds List<String>
    list of wxtag_ids
    wxtunnelId String
    when interface=wxtunnel, id of the WXLAN Tunnel
    wxtunnelRemoteId String
    when interface=wxtunnel, remote tunnel identifier

    Supporting Types

    WlanAcctServer, WlanAcctServerArgs

    Host string
    ip / hostname of RADIUS server
    Secret string
    secret of RADIUS server
    KeywrapEnabled bool
    KeywrapFormat string
    enum: ascii, hex
    KeywrapKek string
    KeywrapMack string
    Port int
    Acct port of RADIUS server
    Host string
    ip / hostname of RADIUS server
    Secret string
    secret of RADIUS server
    KeywrapEnabled bool
    KeywrapFormat string
    enum: ascii, hex
    KeywrapKek string
    KeywrapMack string
    Port int
    Acct port of RADIUS server
    host String
    ip / hostname of RADIUS server
    secret String
    secret of RADIUS server
    keywrapEnabled Boolean
    keywrapFormat String
    enum: ascii, hex
    keywrapKek String
    keywrapMack String
    port Integer
    Acct port of RADIUS server
    host string
    ip / hostname of RADIUS server
    secret string
    secret of RADIUS server
    keywrapEnabled boolean
    keywrapFormat string
    enum: ascii, hex
    keywrapKek string
    keywrapMack string
    port number
    Acct port of RADIUS server
    host str
    ip / hostname of RADIUS server
    secret str
    secret of RADIUS server
    keywrap_enabled bool
    keywrap_format str
    enum: ascii, hex
    keywrap_kek str
    keywrap_mack str
    port int
    Acct port of RADIUS server
    host String
    ip / hostname of RADIUS server
    secret String
    secret of RADIUS server
    keywrapEnabled Boolean
    keywrapFormat String
    enum: ascii, hex
    keywrapKek String
    keywrapMack String
    port Number
    Acct port of RADIUS server

    WlanAirwatch, WlanAirwatchArgs

    ApiKey string
    API Key
    ConsoleUrl string
    console URL
    Password string
    password
    Username string
    username
    Enabled bool
    ApiKey string
    API Key
    ConsoleUrl string
    console URL
    Password string
    password
    Username string
    username
    Enabled bool
    apiKey String
    API Key
    consoleUrl String
    console URL
    password String
    password
    username String
    username
    enabled Boolean
    apiKey string
    API Key
    consoleUrl string
    console URL
    password string
    password
    username string
    username
    enabled boolean
    api_key str
    API Key
    console_url str
    console URL
    password str
    password
    username str
    username
    enabled bool
    apiKey String
    API Key
    consoleUrl String
    console URL
    password String
    password
    username String
    username
    enabled Boolean

    WlanAppLimit, WlanAppLimitArgs

    Apps Dictionary<string, int>
    Map from app key to bandwidth in kbps. Property key is the app key, defined in Get Application List
    Enabled bool
    WxtagIds Dictionary<string, int>
    Map from wxtag_id of Hostname Wxlan Tags to bandwidth in kbps Property key is the wxtag id
    Apps map[string]int
    Map from app key to bandwidth in kbps. Property key is the app key, defined in Get Application List
    Enabled bool
    WxtagIds map[string]int
    Map from wxtag_id of Hostname Wxlan Tags to bandwidth in kbps Property key is the wxtag id
    apps Map<String,Integer>
    Map from app key to bandwidth in kbps. Property key is the app key, defined in Get Application List
    enabled Boolean
    wxtagIds Map<String,Integer>
    Map from wxtag_id of Hostname Wxlan Tags to bandwidth in kbps Property key is the wxtag id
    apps {[key: string]: number}
    Map from app key to bandwidth in kbps. Property key is the app key, defined in Get Application List
    enabled boolean
    wxtagIds {[key: string]: number}
    Map from wxtag_id of Hostname Wxlan Tags to bandwidth in kbps Property key is the wxtag id
    apps Mapping[str, int]
    Map from app key to bandwidth in kbps. Property key is the app key, defined in Get Application List
    enabled bool
    wxtag_ids Mapping[str, int]
    Map from wxtag_id of Hostname Wxlan Tags to bandwidth in kbps Property key is the wxtag id
    apps Map<Number>
    Map from app key to bandwidth in kbps. Property key is the app key, defined in Get Application List
    enabled Boolean
    wxtagIds Map<Number>
    Map from wxtag_id of Hostname Wxlan Tags to bandwidth in kbps Property key is the wxtag id

    WlanAppQos, WlanAppQosArgs

    Apps Dictionary<string, Pulumi.JuniperMist.Site.Inputs.WlanAppQosApps>
    Enabled bool
    Others List<Pulumi.JuniperMist.Site.Inputs.WlanAppQosOther>
    Apps map[string]WlanAppQosApps
    Enabled bool
    Others []WlanAppQosOther
    apps Map<String,WlanAppQosApps>
    enabled Boolean
    others List<WlanAppQosOther>
    apps {[key: string]: WlanAppQosApps}
    enabled boolean
    others WlanAppQosOther[]
    apps Mapping[str, WlanAppQosApps]
    enabled bool
    others Sequence[WlanAppQosOther]
    apps Map<Property Map>
    enabled Boolean
    others List<Property Map>

    WlanAppQosApps, WlanAppQosAppsArgs

    Dscp int
    DstSubnet string
    subnet filter is not required but helps AP to only inspect certain traffic (thus reducing AP load)
    SrcSubnet string
    subnet filter is not required but helps AP to only inspect certain traffic (thus reducing AP load)
    Dscp int
    DstSubnet string
    subnet filter is not required but helps AP to only inspect certain traffic (thus reducing AP load)
    SrcSubnet string
    subnet filter is not required but helps AP to only inspect certain traffic (thus reducing AP load)
    dscp Integer
    dstSubnet String
    subnet filter is not required but helps AP to only inspect certain traffic (thus reducing AP load)
    srcSubnet String
    subnet filter is not required but helps AP to only inspect certain traffic (thus reducing AP load)
    dscp number
    dstSubnet string
    subnet filter is not required but helps AP to only inspect certain traffic (thus reducing AP load)
    srcSubnet string
    subnet filter is not required but helps AP to only inspect certain traffic (thus reducing AP load)
    dscp int
    dst_subnet str
    subnet filter is not required but helps AP to only inspect certain traffic (thus reducing AP load)
    src_subnet str
    subnet filter is not required but helps AP to only inspect certain traffic (thus reducing AP load)
    dscp Number
    dstSubnet String
    subnet filter is not required but helps AP to only inspect certain traffic (thus reducing AP load)
    srcSubnet String
    subnet filter is not required but helps AP to only inspect certain traffic (thus reducing AP load)

    WlanAppQosOther, WlanAppQosOtherArgs

    Dscp int
    DstSubnet string
    PortRanges string
    Protocol string
    SrcSubnet string
    Dscp int
    DstSubnet string
    PortRanges string
    Protocol string
    SrcSubnet string
    dscp Integer
    dstSubnet String
    portRanges String
    protocol String
    srcSubnet String
    dscp number
    dstSubnet string
    portRanges string
    protocol string
    srcSubnet string
    dscp Number
    dstSubnet String
    portRanges String
    protocol String
    srcSubnet String

    WlanAuth, WlanAuthArgs

    AnticlogThreshold int
    SAE anti-clogging token threshold
    EapReauth bool
    whether to trigger EAP reauth when the session ends
    EnableMacAuth bool
    whether to enable MAC Auth, uses the same auth_servers
    KeyIdx int
    when type==wep
    Keys List<string>
    when type=wep, four 10-character or 26-character hex string, null can be used. All keys, if provided, have to be in the same length
    MultiPskOnly bool
    when type==psk, whether to only use multi_psk
    Owe string
    if type==open. enum: disabled, enabled (means transition mode), required
    Pairwises List<string>
    when type=psk or type=eap, one or more of wpa1-ccmp, wpa1-tkip, wpa2-ccmp, wpa2-tkip, wpa3
    PrivateWlan bool
    when multi_psk_only==true, whether private wlan is enabled
    Psk string
    when type==psk, 8-64 characters, or 64 hex characters
    Type string
    enum: eap, eap192, open, psk, psk-tkip, psk-wpa2-tkip, wep
    WepAsSecondaryAuth bool
    enable WEP as secondary auth
    AnticlogThreshold int
    SAE anti-clogging token threshold
    EapReauth bool
    whether to trigger EAP reauth when the session ends
    EnableMacAuth bool
    whether to enable MAC Auth, uses the same auth_servers
    KeyIdx int
    when type==wep
    Keys []string
    when type=wep, four 10-character or 26-character hex string, null can be used. All keys, if provided, have to be in the same length
    MultiPskOnly bool
    when type==psk, whether to only use multi_psk
    Owe string
    if type==open. enum: disabled, enabled (means transition mode), required
    Pairwises []string
    when type=psk or type=eap, one or more of wpa1-ccmp, wpa1-tkip, wpa2-ccmp, wpa2-tkip, wpa3
    PrivateWlan bool
    when multi_psk_only==true, whether private wlan is enabled
    Psk string
    when type==psk, 8-64 characters, or 64 hex characters
    Type string
    enum: eap, eap192, open, psk, psk-tkip, psk-wpa2-tkip, wep
    WepAsSecondaryAuth bool
    enable WEP as secondary auth
    anticlogThreshold Integer
    SAE anti-clogging token threshold
    eapReauth Boolean
    whether to trigger EAP reauth when the session ends
    enableMacAuth Boolean
    whether to enable MAC Auth, uses the same auth_servers
    keyIdx Integer
    when type==wep
    keys List<String>
    when type=wep, four 10-character or 26-character hex string, null can be used. All keys, if provided, have to be in the same length
    multiPskOnly Boolean
    when type==psk, whether to only use multi_psk
    owe String
    if type==open. enum: disabled, enabled (means transition mode), required
    pairwises List<String>
    when type=psk or type=eap, one or more of wpa1-ccmp, wpa1-tkip, wpa2-ccmp, wpa2-tkip, wpa3
    privateWlan Boolean
    when multi_psk_only==true, whether private wlan is enabled
    psk String
    when type==psk, 8-64 characters, or 64 hex characters
    type String
    enum: eap, eap192, open, psk, psk-tkip, psk-wpa2-tkip, wep
    wepAsSecondaryAuth Boolean
    enable WEP as secondary auth
    anticlogThreshold number
    SAE anti-clogging token threshold
    eapReauth boolean
    whether to trigger EAP reauth when the session ends
    enableMacAuth boolean
    whether to enable MAC Auth, uses the same auth_servers
    keyIdx number
    when type==wep
    keys string[]
    when type=wep, four 10-character or 26-character hex string, null can be used. All keys, if provided, have to be in the same length
    multiPskOnly boolean
    when type==psk, whether to only use multi_psk
    owe string
    if type==open. enum: disabled, enabled (means transition mode), required
    pairwises string[]
    when type=psk or type=eap, one or more of wpa1-ccmp, wpa1-tkip, wpa2-ccmp, wpa2-tkip, wpa3
    privateWlan boolean
    when multi_psk_only==true, whether private wlan is enabled
    psk string
    when type==psk, 8-64 characters, or 64 hex characters
    type string
    enum: eap, eap192, open, psk, psk-tkip, psk-wpa2-tkip, wep
    wepAsSecondaryAuth boolean
    enable WEP as secondary auth
    anticlog_threshold int
    SAE anti-clogging token threshold
    eap_reauth bool
    whether to trigger EAP reauth when the session ends
    enable_mac_auth bool
    whether to enable MAC Auth, uses the same auth_servers
    key_idx int
    when type==wep
    keys Sequence[str]
    when type=wep, four 10-character or 26-character hex string, null can be used. All keys, if provided, have to be in the same length
    multi_psk_only bool
    when type==psk, whether to only use multi_psk
    owe str
    if type==open. enum: disabled, enabled (means transition mode), required
    pairwises Sequence[str]
    when type=psk or type=eap, one or more of wpa1-ccmp, wpa1-tkip, wpa2-ccmp, wpa2-tkip, wpa3
    private_wlan bool
    when multi_psk_only==true, whether private wlan is enabled
    psk str
    when type==psk, 8-64 characters, or 64 hex characters
    type str
    enum: eap, eap192, open, psk, psk-tkip, psk-wpa2-tkip, wep
    wep_as_secondary_auth bool
    enable WEP as secondary auth
    anticlogThreshold Number
    SAE anti-clogging token threshold
    eapReauth Boolean
    whether to trigger EAP reauth when the session ends
    enableMacAuth Boolean
    whether to enable MAC Auth, uses the same auth_servers
    keyIdx Number
    when type==wep
    keys List<String>
    when type=wep, four 10-character or 26-character hex string, null can be used. All keys, if provided, have to be in the same length
    multiPskOnly Boolean
    when type==psk, whether to only use multi_psk
    owe String
    if type==open. enum: disabled, enabled (means transition mode), required
    pairwises List<String>
    when type=psk or type=eap, one or more of wpa1-ccmp, wpa1-tkip, wpa2-ccmp, wpa2-tkip, wpa3
    privateWlan Boolean
    when multi_psk_only==true, whether private wlan is enabled
    psk String
    when type==psk, 8-64 characters, or 64 hex characters
    type String
    enum: eap, eap192, open, psk, psk-tkip, psk-wpa2-tkip, wep
    wepAsSecondaryAuth Boolean
    enable WEP as secondary auth

    WlanAuthServer, WlanAuthServerArgs

    Host string
    ip / hostname of RADIUS server
    Secret string
    secret of RADIUS server
    KeywrapEnabled bool
    KeywrapFormat string
    enum: ascii, hex
    KeywrapKek string
    KeywrapMack string
    Port int
    Auth port of RADIUS server
    Host string
    ip / hostname of RADIUS server
    Secret string
    secret of RADIUS server
    KeywrapEnabled bool
    KeywrapFormat string
    enum: ascii, hex
    KeywrapKek string
    KeywrapMack string
    Port int
    Auth port of RADIUS server
    host String
    ip / hostname of RADIUS server
    secret String
    secret of RADIUS server
    keywrapEnabled Boolean
    keywrapFormat String
    enum: ascii, hex
    keywrapKek String
    keywrapMack String
    port Integer
    Auth port of RADIUS server
    host string
    ip / hostname of RADIUS server
    secret string
    secret of RADIUS server
    keywrapEnabled boolean
    keywrapFormat string
    enum: ascii, hex
    keywrapKek string
    keywrapMack string
    port number
    Auth port of RADIUS server
    host str
    ip / hostname of RADIUS server
    secret str
    secret of RADIUS server
    keywrap_enabled bool
    keywrap_format str
    enum: ascii, hex
    keywrap_kek str
    keywrap_mack str
    port int
    Auth port of RADIUS server
    host String
    ip / hostname of RADIUS server
    secret String
    secret of RADIUS server
    keywrapEnabled Boolean
    keywrapFormat String
    enum: ascii, hex
    keywrapKek String
    keywrapMack String
    port Number
    Auth port of RADIUS server

    WlanBonjour, WlanBonjourArgs

    AdditionalVlanIds List<string>
    additional VLAN IDs (on the LAN side or from other WLANs) should we be forwarding bonjour queries/responses
    Services Dictionary<string, Pulumi.JuniperMist.Site.Inputs.WlanBonjourServices>
    what services are allowed. Property key is the service name
    Enabled bool
    whether to enable bonjour for this WLAN. Once enabled, limit_bcast is assumed true, allow_mdns is assumed false
    AdditionalVlanIds []string
    additional VLAN IDs (on the LAN side or from other WLANs) should we be forwarding bonjour queries/responses
    Services map[string]WlanBonjourServices
    what services are allowed. Property key is the service name
    Enabled bool
    whether to enable bonjour for this WLAN. Once enabled, limit_bcast is assumed true, allow_mdns is assumed false
    additionalVlanIds List<String>
    additional VLAN IDs (on the LAN side or from other WLANs) should we be forwarding bonjour queries/responses
    services Map<String,WlanBonjourServices>
    what services are allowed. Property key is the service name
    enabled Boolean
    whether to enable bonjour for this WLAN. Once enabled, limit_bcast is assumed true, allow_mdns is assumed false
    additionalVlanIds string[]
    additional VLAN IDs (on the LAN side or from other WLANs) should we be forwarding bonjour queries/responses
    services {[key: string]: WlanBonjourServices}
    what services are allowed. Property key is the service name
    enabled boolean
    whether to enable bonjour for this WLAN. Once enabled, limit_bcast is assumed true, allow_mdns is assumed false
    additional_vlan_ids Sequence[str]
    additional VLAN IDs (on the LAN side or from other WLANs) should we be forwarding bonjour queries/responses
    services Mapping[str, WlanBonjourServices]
    what services are allowed. Property key is the service name
    enabled bool
    whether to enable bonjour for this WLAN. Once enabled, limit_bcast is assumed true, allow_mdns is assumed false
    additionalVlanIds List<String>
    additional VLAN IDs (on the LAN side or from other WLANs) should we be forwarding bonjour queries/responses
    services Map<Property Map>
    what services are allowed. Property key is the service name
    enabled Boolean
    whether to enable bonjour for this WLAN. Once enabled, limit_bcast is assumed true, allow_mdns is assumed false

    WlanBonjourServices, WlanBonjourServicesArgs

    DisableLocal bool
    whether to prevent wireless clients to discover bonjour devices on the same WLAN
    RadiusGroups List<string>
    optional, if the service is further restricted for certain RADIUS groups
    Scope string
    how bonjour services should be discovered for the same WLAN. enum: same_ap, same_map, same_site
    DisableLocal bool
    whether to prevent wireless clients to discover bonjour devices on the same WLAN
    RadiusGroups []string
    optional, if the service is further restricted for certain RADIUS groups
    Scope string
    how bonjour services should be discovered for the same WLAN. enum: same_ap, same_map, same_site
    disableLocal Boolean
    whether to prevent wireless clients to discover bonjour devices on the same WLAN
    radiusGroups List<String>
    optional, if the service is further restricted for certain RADIUS groups
    scope String
    how bonjour services should be discovered for the same WLAN. enum: same_ap, same_map, same_site
    disableLocal boolean
    whether to prevent wireless clients to discover bonjour devices on the same WLAN
    radiusGroups string[]
    optional, if the service is further restricted for certain RADIUS groups
    scope string
    how bonjour services should be discovered for the same WLAN. enum: same_ap, same_map, same_site
    disable_local bool
    whether to prevent wireless clients to discover bonjour devices on the same WLAN
    radius_groups Sequence[str]
    optional, if the service is further restricted for certain RADIUS groups
    scope str
    how bonjour services should be discovered for the same WLAN. enum: same_ap, same_map, same_site
    disableLocal Boolean
    whether to prevent wireless clients to discover bonjour devices on the same WLAN
    radiusGroups List<String>
    optional, if the service is further restricted for certain RADIUS groups
    scope String
    how bonjour services should be discovered for the same WLAN. enum: same_ap, same_map, same_site

    WlanCiscoCwa, WlanCiscoCwaArgs

    AllowedHostnames List<string>
    list of hostnames without http(s):// (matched by substring)
    AllowedSubnets List<string>
    list of CIDRs
    BlockedSubnets List<string>
    list of blocked CIDRs
    Enabled bool
    AllowedHostnames []string
    list of hostnames without http(s):// (matched by substring)
    AllowedSubnets []string
    list of CIDRs
    BlockedSubnets []string
    list of blocked CIDRs
    Enabled bool
    allowedHostnames List<String>
    list of hostnames without http(s):// (matched by substring)
    allowedSubnets List<String>
    list of CIDRs
    blockedSubnets List<String>
    list of blocked CIDRs
    enabled Boolean
    allowedHostnames string[]
    list of hostnames without http(s):// (matched by substring)
    allowedSubnets string[]
    list of CIDRs
    blockedSubnets string[]
    list of blocked CIDRs
    enabled boolean
    allowed_hostnames Sequence[str]
    list of hostnames without http(s):// (matched by substring)
    allowed_subnets Sequence[str]
    list of CIDRs
    blocked_subnets Sequence[str]
    list of blocked CIDRs
    enabled bool
    allowedHostnames List<String>
    list of hostnames without http(s):// (matched by substring)
    allowedSubnets List<String>
    list of CIDRs
    blockedSubnets List<String>
    list of blocked CIDRs
    enabled Boolean

    WlanCoaServer, WlanCoaServerArgs

    Ip string
    Secret string
    DisableEventTimestampCheck bool
    whether to disable Event-Timestamp Check
    Enabled bool
    Port int
    Ip string
    Secret string
    DisableEventTimestampCheck bool
    whether to disable Event-Timestamp Check
    Enabled bool
    Port int
    ip String
    secret String
    disableEventTimestampCheck Boolean
    whether to disable Event-Timestamp Check
    enabled Boolean
    port Integer
    ip string
    secret string
    disableEventTimestampCheck boolean
    whether to disable Event-Timestamp Check
    enabled boolean
    port number
    ip str
    secret str
    disable_event_timestamp_check bool
    whether to disable Event-Timestamp Check
    enabled bool
    port int
    ip String
    secret String
    disableEventTimestampCheck Boolean
    whether to disable Event-Timestamp Check
    enabled Boolean
    port Number

    WlanDnsServerRewrite, WlanDnsServerRewriteArgs

    Enabled bool
    RadiusGroups Dictionary<string, string>
    map between radius_group and the desired DNS server (IPv4 only) Property key is the RADIUS group, property value is the desired DNS Server
    Enabled bool
    RadiusGroups map[string]string
    map between radius_group and the desired DNS server (IPv4 only) Property key is the RADIUS group, property value is the desired DNS Server
    enabled Boolean
    radiusGroups Map<String,String>
    map between radius_group and the desired DNS server (IPv4 only) Property key is the RADIUS group, property value is the desired DNS Server
    enabled boolean
    radiusGroups {[key: string]: string}
    map between radius_group and the desired DNS server (IPv4 only) Property key is the RADIUS group, property value is the desired DNS Server
    enabled bool
    radius_groups Mapping[str, str]
    map between radius_group and the desired DNS server (IPv4 only) Property key is the RADIUS group, property value is the desired DNS Server
    enabled Boolean
    radiusGroups Map<String>
    map between radius_group and the desired DNS server (IPv4 only) Property key is the RADIUS group, property value is the desired DNS Server

    WlanDynamicPsk, WlanDynamicPskArgs

    DefaultPsk string
    default PSK to use if cloud WLC is not available, 8-63 characters
    DefaultVlanId string
    Enabled bool
    ForceLookup bool
    when 11r is enabled, we'll try to use the cached PMK, this can be disabled false means auto
    Source string
    enum: cloud_psks, radius
    VlanIds List<string>
    DefaultPsk string
    default PSK to use if cloud WLC is not available, 8-63 characters
    DefaultVlanId string
    Enabled bool
    ForceLookup bool
    when 11r is enabled, we'll try to use the cached PMK, this can be disabled false means auto
    Source string
    enum: cloud_psks, radius
    VlanIds []string
    defaultPsk String
    default PSK to use if cloud WLC is not available, 8-63 characters
    defaultVlanId String
    enabled Boolean
    forceLookup Boolean
    when 11r is enabled, we'll try to use the cached PMK, this can be disabled false means auto
    source String
    enum: cloud_psks, radius
    vlanIds List<String>
    defaultPsk string
    default PSK to use if cloud WLC is not available, 8-63 characters
    defaultVlanId string
    enabled boolean
    forceLookup boolean
    when 11r is enabled, we'll try to use the cached PMK, this can be disabled false means auto
    source string
    enum: cloud_psks, radius
    vlanIds string[]
    default_psk str
    default PSK to use if cloud WLC is not available, 8-63 characters
    default_vlan_id str
    enabled bool
    force_lookup bool
    when 11r is enabled, we'll try to use the cached PMK, this can be disabled false means auto
    source str
    enum: cloud_psks, radius
    vlan_ids Sequence[str]
    defaultPsk String
    default PSK to use if cloud WLC is not available, 8-63 characters
    defaultVlanId String
    enabled Boolean
    forceLookup Boolean
    when 11r is enabled, we'll try to use the cached PMK, this can be disabled false means auto
    source String
    enum: cloud_psks, radius
    vlanIds List<String>

    WlanDynamicVlan, WlanDynamicVlanArgs

    DefaultVlanIds List<string>
    Default VLAN ID(s) can be a number, a range of VLAN IDs, a variable or multiple numbers, ranges or variables as a VLAN pool. Default VLAN as a pool of VLANS requires 0.14.x or newer firmware
    Enabled bool
    whether to enable dynamic vlan
    LocalVlanIds List<string>
    vlan_ids to be locally bridged
    Type string
    standard (using Tunnel-Private-Group-ID, widely supported), airespace-interface-name (Airespace/Cisco). enum: airespace-interface-name, standard
    Vlans Dictionary<string, string>
    map between vlan_id (as string) to airespace interface names (comma-separated) or null for stndard mapping

    • if dynamic_vlan.type==standard, property key is the Vlan ID and property value is ""
    • if dynamic_vlan.type==airespace-interface-name, property key is the Vlan ID and property value is the Airespace Interface Name
    DefaultVlanIds []string
    Default VLAN ID(s) can be a number, a range of VLAN IDs, a variable or multiple numbers, ranges or variables as a VLAN pool. Default VLAN as a pool of VLANS requires 0.14.x or newer firmware
    Enabled bool
    whether to enable dynamic vlan
    LocalVlanIds []string
    vlan_ids to be locally bridged
    Type string
    standard (using Tunnel-Private-Group-ID, widely supported), airespace-interface-name (Airespace/Cisco). enum: airespace-interface-name, standard
    Vlans map[string]string
    map between vlan_id (as string) to airespace interface names (comma-separated) or null for stndard mapping

    • if dynamic_vlan.type==standard, property key is the Vlan ID and property value is ""
    • if dynamic_vlan.type==airespace-interface-name, property key is the Vlan ID and property value is the Airespace Interface Name
    defaultVlanIds List<String>
    Default VLAN ID(s) can be a number, a range of VLAN IDs, a variable or multiple numbers, ranges or variables as a VLAN pool. Default VLAN as a pool of VLANS requires 0.14.x or newer firmware
    enabled Boolean
    whether to enable dynamic vlan
    localVlanIds List<String>
    vlan_ids to be locally bridged
    type String
    standard (using Tunnel-Private-Group-ID, widely supported), airespace-interface-name (Airespace/Cisco). enum: airespace-interface-name, standard
    vlans Map<String,String>
    map between vlan_id (as string) to airespace interface names (comma-separated) or null for stndard mapping

    • if dynamic_vlan.type==standard, property key is the Vlan ID and property value is ""
    • if dynamic_vlan.type==airespace-interface-name, property key is the Vlan ID and property value is the Airespace Interface Name
    defaultVlanIds string[]
    Default VLAN ID(s) can be a number, a range of VLAN IDs, a variable or multiple numbers, ranges or variables as a VLAN pool. Default VLAN as a pool of VLANS requires 0.14.x or newer firmware
    enabled boolean
    whether to enable dynamic vlan
    localVlanIds string[]
    vlan_ids to be locally bridged
    type string
    standard (using Tunnel-Private-Group-ID, widely supported), airespace-interface-name (Airespace/Cisco). enum: airespace-interface-name, standard
    vlans {[key: string]: string}
    map between vlan_id (as string) to airespace interface names (comma-separated) or null for stndard mapping

    • if dynamic_vlan.type==standard, property key is the Vlan ID and property value is ""
    • if dynamic_vlan.type==airespace-interface-name, property key is the Vlan ID and property value is the Airespace Interface Name
    default_vlan_ids Sequence[str]
    Default VLAN ID(s) can be a number, a range of VLAN IDs, a variable or multiple numbers, ranges or variables as a VLAN pool. Default VLAN as a pool of VLANS requires 0.14.x or newer firmware
    enabled bool
    whether to enable dynamic vlan
    local_vlan_ids Sequence[str]
    vlan_ids to be locally bridged
    type str
    standard (using Tunnel-Private-Group-ID, widely supported), airespace-interface-name (Airespace/Cisco). enum: airespace-interface-name, standard
    vlans Mapping[str, str]
    map between vlan_id (as string) to airespace interface names (comma-separated) or null for stndard mapping

    • if dynamic_vlan.type==standard, property key is the Vlan ID and property value is ""
    • if dynamic_vlan.type==airespace-interface-name, property key is the Vlan ID and property value is the Airespace Interface Name
    defaultVlanIds List<String>
    Default VLAN ID(s) can be a number, a range of VLAN IDs, a variable or multiple numbers, ranges or variables as a VLAN pool. Default VLAN as a pool of VLANS requires 0.14.x or newer firmware
    enabled Boolean
    whether to enable dynamic vlan
    localVlanIds List<String>
    vlan_ids to be locally bridged
    type String
    standard (using Tunnel-Private-Group-ID, widely supported), airespace-interface-name (Airespace/Cisco). enum: airespace-interface-name, standard
    vlans Map<String>
    map between vlan_id (as string) to airespace interface names (comma-separated) or null for stndard mapping

    • if dynamic_vlan.type==standard, property key is the Vlan ID and property value is ""
    • if dynamic_vlan.type==airespace-interface-name, property key is the Vlan ID and property value is the Airespace Interface Name

    WlanHotspot20, WlanHotspot20Args

    DomainNames List<string>
    Enabled bool
    whether to enable hotspot 2.0 config
    NaiRealms List<string>
    Operators List<string>
    list of operators to support
    Rcois List<string>
    VenueName string
    venue name, default is site name
    DomainNames []string
    Enabled bool
    whether to enable hotspot 2.0 config
    NaiRealms []string
    Operators []string
    list of operators to support
    Rcois []string
    VenueName string
    venue name, default is site name
    domainNames List<String>
    enabled Boolean
    whether to enable hotspot 2.0 config
    naiRealms List<String>
    operators List<String>
    list of operators to support
    rcois List<String>
    venueName String
    venue name, default is site name
    domainNames string[]
    enabled boolean
    whether to enable hotspot 2.0 config
    naiRealms string[]
    operators string[]
    list of operators to support
    rcois string[]
    venueName string
    venue name, default is site name
    domain_names Sequence[str]
    enabled bool
    whether to enable hotspot 2.0 config
    nai_realms Sequence[str]
    operators Sequence[str]
    list of operators to support
    rcois Sequence[str]
    venue_name str
    venue name, default is site name
    domainNames List<String>
    enabled Boolean
    whether to enable hotspot 2.0 config
    naiRealms List<String>
    operators List<String>
    list of operators to support
    rcois List<String>
    venueName String
    venue name, default is site name

    WlanInjectDhcpOption82, WlanInjectDhcpOption82Args

    CircuitId string
    Enabled bool
    whether to inject option 82 when forwarding DHCP packets
    CircuitId string
    Enabled bool
    whether to inject option 82 when forwarding DHCP packets
    circuitId String
    enabled Boolean
    whether to inject option 82 when forwarding DHCP packets
    circuitId string
    enabled boolean
    whether to inject option 82 when forwarding DHCP packets
    circuit_id str
    enabled bool
    whether to inject option 82 when forwarding DHCP packets
    circuitId String
    enabled Boolean
    whether to inject option 82 when forwarding DHCP packets

    WlanMistNac, WlanMistNacArgs

    Enabled bool
    when enabled:

    • auth_servers is ignored
    • acct_servers is ignored
    • auth_servers_* are ignored
    • coa_servers is ignored
    • radsec is ignored
    • coa_enabled is assumed'
    Enabled bool
    when enabled:

    • auth_servers is ignored
    • acct_servers is ignored
    • auth_servers_* are ignored
    • coa_servers is ignored
    • radsec is ignored
    • coa_enabled is assumed'
    enabled Boolean
    when enabled:

    • auth_servers is ignored
    • acct_servers is ignored
    • auth_servers_* are ignored
    • coa_servers is ignored
    • radsec is ignored
    • coa_enabled is assumed'
    enabled boolean
    when enabled:

    • auth_servers is ignored
    • acct_servers is ignored
    • auth_servers_* are ignored
    • coa_servers is ignored
    • radsec is ignored
    • coa_enabled is assumed'
    enabled bool
    when enabled:

    • auth_servers is ignored
    • acct_servers is ignored
    • auth_servers_* are ignored
    • coa_servers is ignored
    • radsec is ignored
    • coa_enabled is assumed'
    enabled Boolean
    when enabled:

    • auth_servers is ignored
    • acct_servers is ignored
    • auth_servers_* are ignored
    • coa_servers is ignored
    • radsec is ignored
    • coa_enabled is assumed'

    WlanPortal, WlanPortalArgs

    AmazonClientId string
    amazon OAuth2 client id. This is optional. If not provided, it will use a default one.
    AmazonClientSecret string
    amazon OAuth2 client secret. If amazon_client_id was provided, provide a correspoinding value. Else leave blank.
    AmazonEmailDomains List<string>
    Matches authenticated user email against provided domains. If null or [], all authenticated emails will be allowed.
    AmazonEnabled bool
    whether amazon is enabled as a login method
    AmazonExpire double
    interval for which guest remains authorized using amazon auth (in minutes), if not provided, uses expire`
    Auth string
    authentication scheme. enum: external, none, sso
    AzureClientId string
    Required if azure_enabled==true. Azure active directory app client id
    AzureClientSecret string
    Required if azure_enabled==true. Azure active directory app client secret
    AzureEnabled bool
    whether Azure Active Directory is enabled as a login method
    AzureExpire double
    interval for which guest remains authorized using azure auth (in minutes), if not provided, uses expire`
    AzureTenantId string
    Required if azure_enabled==true. Azure active directory tenant id.
    BroadnetPassword string
    when sms_provider==broadnet
    BroadnetSid string
    when sms_provider==broadnet
    BroadnetUserId string
    when sms_provider==broadnet
    BypassWhenCloudDown bool
    whether to bypass the guest portal when cloud not reachable (and apply the default policies)
    ClickatellApiKey string
    when sms_provider==clickatell
    CrossSite bool
    whether to allow guest to roam between WLANs (with same WLAN.ssid, regardless of variables) of different sites of same org without reauthentication (disable random_mac for seamless roaming)
    EmailEnabled bool
    whether email (access code verification) is enabled as a login method
    Enabled bool
    whether guest portal is enabled
    Expire double
    how long to remain authorized, in minutes
    ExternalPortalUrl string
    external portal URL (e.g. https://host/url) where we can append our query parameters to
    FacebookClientId string
    Required if facebook_enabled==true. Facebook OAuth2 app id. This is optional. If not provided, it will use a default one.
    FacebookClientSecret string
    Required if facebook_enabled==true. Facebook OAuth2 app secret. If facebook_client_id was provided, provide a correspoinding value. Else leave blank.
    FacebookEmailDomains List<string>
    Matches authenticated user email against provided domains. If null or [], all authenticated emails will be allowed.
    FacebookEnabled bool
    whether facebook is enabled as a login method
    FacebookExpire double
    interval for which guest remains authorized using facebook auth (in minutes), if not provided, uses expire`
    Forward bool
    whether to forward the user to another URL after authorized
    ForwardUrl string
    the URL to forward the user to
    GoogleClientId string
    Google OAuth2 app id. This is optional. If not provided, it will use a default one.
    GoogleClientSecret string
    Google OAuth2 app secret. If google_client_id was provided, provide a correspoinding value. Else leave blank.
    GoogleEmailDomains List<string>
    Matches authenticated user email against provided domains. If null or [], all authenticated emails will be allowed.
    GoogleEnabled bool
    whether google is enabled as login method
    GoogleExpire double
    interval for which guest remains authorized using google auth (in minutes), if not provided, uses expire`
    GupshupPassword string
    when sms_provider==gupshup
    GupshupUserid string
    when sms_provider==gupshup
    MicrosoftClientId string
    microsoft 365 OAuth2 client id. This is optional. If not provided, it will use a default one.
    MicrosoftClientSecret string
    microsoft 365 OAuth2 client secret. If microsoft_client_id was provided, provide a correspoinding value. Else leave blank.
    MicrosoftEmailDomains List<string>
    Matches authenticated user email against provided domains. If null or [], all authenticated emails will be allowed.
    MicrosoftEnabled bool
    whether microsoft 365 is enabled as a login method
    MicrosoftExpire double
    interval for which guest remains authorized using microsoft auth (in minutes), if not provided, uses expire`
    PassphraseEnabled bool
    whether password is enabled
    PassphraseExpire double
    interval for which guest remains authorized using passphrase auth (in minutes), if not provided, uses expire
    Password string
    passphrase
    PredefinedSponsorsEnabled bool
    whether to show list of sponsor emails mentioned in sponsors object as a dropdown. If both sponsor_notify_all and predefined_sponsors_enabled are false, behaviour is acc to sponsor_email_domains
    PredefinedSponsorsHideEmail bool
    whether to hide sponsor’s email from list of sponsors
    Privacy bool
    PuzzelPassword string
    when sms_provider==puzzel
    PuzzelServiceId string
    when sms_provider==puzzel
    PuzzelUsername string
    when sms_provider==puzzel
    SmsEnabled bool
    whether sms is enabled as a login method
    SmsExpire double
    interval for which guest remains authorized using sms auth (in minutes), if not provided, uses expire`
    SmsMessageFormat string
    SmsProvider string
    enum: broadnet, clickatell, gupshup, manual, puzzel, telstra, twilio
    SponsorAutoApprove bool
    whether to automatically approve guest and allow sponsor to revoke guest access, needs predefined_sponsors_enabled enabled and sponsor_notify_all disabled
    SponsorEmailDomains List<string>
    list of domain allowed for sponsor email. Required if sponsor_enabled is true and sponsors is empty.
    SponsorEnabled bool
    whether sponsor is enabled
    SponsorExpire double
    interval for which guest remains authorized using sponsor auth (in minutes), if not provided, uses expire`
    SponsorLinkValidityDuration string
    how long to remain valid sponsored guest request approve/deny link received in email, in minutes.
    SponsorNotifyAll bool
    whether to notify all sponsors that are mentioned in sponsors object. Both sponsor_notify_all and predefined_sponsors_enabled should be true in order to notify sponsors. If true, email sent to 10 sponsors in no particular order.
    SponsorStatusNotify bool
    if enabled, guest will get email about sponsor's action (approve/deny)
    Sponsors Dictionary<string, string>
    object of allowed sponsors email with name. Required if sponsor_enabled is true and sponsor_email_domains is empty.

            Property key is the sponsor email, Property value is the sponsor name
    
    SsoDefaultRole string
    default role to assign if there’s no match. By default, an assertion is treated as invalid when there’s no role matched
    SsoForcedRole string
    SsoIdpCert string
    IDP Cert (used to verify the signed response)
    SsoIdpSignAlgo string
    signing algorithm for SAML Assertion
    SsoIdpSsoUrl string
    IDP Single-Sign-On URL
    SsoIssuer string
    IDP issuer URL
    SsoNameidFormat string
    enum: email, unspecified
    TelstraClientId string
    when sms_provider==telstra, Client ID provided by Telstra
    TelstraClientSecret string
    when sms_provider==telstra, Client secret provided by Telstra
    TwilioAuthToken string
    when sms_provider==twilio, Auth token account with twilio account
    TwilioPhoneNumber string
    when sms_provider==twilio, Twilio phone number associated with the account. See example for accepted format.
    TwilioSid string
    when sms_provider==twilio, Account SID provided by Twilio
    AmazonClientId string
    amazon OAuth2 client id. This is optional. If not provided, it will use a default one.
    AmazonClientSecret string
    amazon OAuth2 client secret. If amazon_client_id was provided, provide a correspoinding value. Else leave blank.
    AmazonEmailDomains []string
    Matches authenticated user email against provided domains. If null or [], all authenticated emails will be allowed.
    AmazonEnabled bool
    whether amazon is enabled as a login method
    AmazonExpire float64
    interval for which guest remains authorized using amazon auth (in minutes), if not provided, uses expire`
    Auth string
    authentication scheme. enum: external, none, sso
    AzureClientId string
    Required if azure_enabled==true. Azure active directory app client id
    AzureClientSecret string
    Required if azure_enabled==true. Azure active directory app client secret
    AzureEnabled bool
    whether Azure Active Directory is enabled as a login method
    AzureExpire float64
    interval for which guest remains authorized using azure auth (in minutes), if not provided, uses expire`
    AzureTenantId string
    Required if azure_enabled==true. Azure active directory tenant id.
    BroadnetPassword string
    when sms_provider==broadnet
    BroadnetSid string
    when sms_provider==broadnet
    BroadnetUserId string
    when sms_provider==broadnet
    BypassWhenCloudDown bool
    whether to bypass the guest portal when cloud not reachable (and apply the default policies)
    ClickatellApiKey string
    when sms_provider==clickatell
    CrossSite bool
    whether to allow guest to roam between WLANs (with same WLAN.ssid, regardless of variables) of different sites of same org without reauthentication (disable random_mac for seamless roaming)
    EmailEnabled bool
    whether email (access code verification) is enabled as a login method
    Enabled bool
    whether guest portal is enabled
    Expire float64
    how long to remain authorized, in minutes
    ExternalPortalUrl string
    external portal URL (e.g. https://host/url) where we can append our query parameters to
    FacebookClientId string
    Required if facebook_enabled==true. Facebook OAuth2 app id. This is optional. If not provided, it will use a default one.
    FacebookClientSecret string
    Required if facebook_enabled==true. Facebook OAuth2 app secret. If facebook_client_id was provided, provide a correspoinding value. Else leave blank.
    FacebookEmailDomains []string
    Matches authenticated user email against provided domains. If null or [], all authenticated emails will be allowed.
    FacebookEnabled bool
    whether facebook is enabled as a login method
    FacebookExpire float64
    interval for which guest remains authorized using facebook auth (in minutes), if not provided, uses expire`
    Forward bool
    whether to forward the user to another URL after authorized
    ForwardUrl string
    the URL to forward the user to
    GoogleClientId string
    Google OAuth2 app id. This is optional. If not provided, it will use a default one.
    GoogleClientSecret string
    Google OAuth2 app secret. If google_client_id was provided, provide a correspoinding value. Else leave blank.
    GoogleEmailDomains []string
    Matches authenticated user email against provided domains. If null or [], all authenticated emails will be allowed.
    GoogleEnabled bool
    whether google is enabled as login method
    GoogleExpire float64
    interval for which guest remains authorized using google auth (in minutes), if not provided, uses expire`
    GupshupPassword string
    when sms_provider==gupshup
    GupshupUserid string
    when sms_provider==gupshup
    MicrosoftClientId string
    microsoft 365 OAuth2 client id. This is optional. If not provided, it will use a default one.
    MicrosoftClientSecret string
    microsoft 365 OAuth2 client secret. If microsoft_client_id was provided, provide a correspoinding value. Else leave blank.
    MicrosoftEmailDomains []string
    Matches authenticated user email against provided domains. If null or [], all authenticated emails will be allowed.
    MicrosoftEnabled bool
    whether microsoft 365 is enabled as a login method
    MicrosoftExpire float64
    interval for which guest remains authorized using microsoft auth (in minutes), if not provided, uses expire`
    PassphraseEnabled bool
    whether password is enabled
    PassphraseExpire float64
    interval for which guest remains authorized using passphrase auth (in minutes), if not provided, uses expire
    Password string
    passphrase
    PredefinedSponsorsEnabled bool
    whether to show list of sponsor emails mentioned in sponsors object as a dropdown. If both sponsor_notify_all and predefined_sponsors_enabled are false, behaviour is acc to sponsor_email_domains
    PredefinedSponsorsHideEmail bool
    whether to hide sponsor’s email from list of sponsors
    Privacy bool
    PuzzelPassword string
    when sms_provider==puzzel
    PuzzelServiceId string
    when sms_provider==puzzel
    PuzzelUsername string
    when sms_provider==puzzel
    SmsEnabled bool
    whether sms is enabled as a login method
    SmsExpire float64
    interval for which guest remains authorized using sms auth (in minutes), if not provided, uses expire`
    SmsMessageFormat string
    SmsProvider string
    enum: broadnet, clickatell, gupshup, manual, puzzel, telstra, twilio
    SponsorAutoApprove bool
    whether to automatically approve guest and allow sponsor to revoke guest access, needs predefined_sponsors_enabled enabled and sponsor_notify_all disabled
    SponsorEmailDomains []string
    list of domain allowed for sponsor email. Required if sponsor_enabled is true and sponsors is empty.
    SponsorEnabled bool
    whether sponsor is enabled
    SponsorExpire float64
    interval for which guest remains authorized using sponsor auth (in minutes), if not provided, uses expire`
    SponsorLinkValidityDuration string
    how long to remain valid sponsored guest request approve/deny link received in email, in minutes.
    SponsorNotifyAll bool
    whether to notify all sponsors that are mentioned in sponsors object. Both sponsor_notify_all and predefined_sponsors_enabled should be true in order to notify sponsors. If true, email sent to 10 sponsors in no particular order.
    SponsorStatusNotify bool
    if enabled, guest will get email about sponsor's action (approve/deny)
    Sponsors map[string]string
    object of allowed sponsors email with name. Required if sponsor_enabled is true and sponsor_email_domains is empty.

            Property key is the sponsor email, Property value is the sponsor name
    
    SsoDefaultRole string
    default role to assign if there’s no match. By default, an assertion is treated as invalid when there’s no role matched
    SsoForcedRole string
    SsoIdpCert string
    IDP Cert (used to verify the signed response)
    SsoIdpSignAlgo string
    signing algorithm for SAML Assertion
    SsoIdpSsoUrl string
    IDP Single-Sign-On URL
    SsoIssuer string
    IDP issuer URL
    SsoNameidFormat string
    enum: email, unspecified
    TelstraClientId string
    when sms_provider==telstra, Client ID provided by Telstra
    TelstraClientSecret string
    when sms_provider==telstra, Client secret provided by Telstra
    TwilioAuthToken string
    when sms_provider==twilio, Auth token account with twilio account
    TwilioPhoneNumber string
    when sms_provider==twilio, Twilio phone number associated with the account. See example for accepted format.
    TwilioSid string
    when sms_provider==twilio, Account SID provided by Twilio
    amazonClientId String
    amazon OAuth2 client id. This is optional. If not provided, it will use a default one.
    amazonClientSecret String
    amazon OAuth2 client secret. If amazon_client_id was provided, provide a correspoinding value. Else leave blank.
    amazonEmailDomains List<String>
    Matches authenticated user email against provided domains. If null or [], all authenticated emails will be allowed.
    amazonEnabled Boolean
    whether amazon is enabled as a login method
    amazonExpire Double
    interval for which guest remains authorized using amazon auth (in minutes), if not provided, uses expire`
    auth String
    authentication scheme. enum: external, none, sso
    azureClientId String
    Required if azure_enabled==true. Azure active directory app client id
    azureClientSecret String
    Required if azure_enabled==true. Azure active directory app client secret
    azureEnabled Boolean
    whether Azure Active Directory is enabled as a login method
    azureExpire Double
    interval for which guest remains authorized using azure auth (in minutes), if not provided, uses expire`
    azureTenantId String
    Required if azure_enabled==true. Azure active directory tenant id.
    broadnetPassword String
    when sms_provider==broadnet
    broadnetSid String
    when sms_provider==broadnet
    broadnetUserId String
    when sms_provider==broadnet
    bypassWhenCloudDown Boolean
    whether to bypass the guest portal when cloud not reachable (and apply the default policies)
    clickatellApiKey String
    when sms_provider==clickatell
    crossSite Boolean
    whether to allow guest to roam between WLANs (with same WLAN.ssid, regardless of variables) of different sites of same org without reauthentication (disable random_mac for seamless roaming)
    emailEnabled Boolean
    whether email (access code verification) is enabled as a login method
    enabled Boolean
    whether guest portal is enabled
    expire Double
    how long to remain authorized, in minutes
    externalPortalUrl String
    external portal URL (e.g. https://host/url) where we can append our query parameters to
    facebookClientId String
    Required if facebook_enabled==true. Facebook OAuth2 app id. This is optional. If not provided, it will use a default one.
    facebookClientSecret String
    Required if facebook_enabled==true. Facebook OAuth2 app secret. If facebook_client_id was provided, provide a correspoinding value. Else leave blank.
    facebookEmailDomains List<String>
    Matches authenticated user email against provided domains. If null or [], all authenticated emails will be allowed.
    facebookEnabled Boolean
    whether facebook is enabled as a login method
    facebookExpire Double
    interval for which guest remains authorized using facebook auth (in minutes), if not provided, uses expire`
    forward Boolean
    whether to forward the user to another URL after authorized
    forwardUrl String
    the URL to forward the user to
    googleClientId String
    Google OAuth2 app id. This is optional. If not provided, it will use a default one.
    googleClientSecret String
    Google OAuth2 app secret. If google_client_id was provided, provide a correspoinding value. Else leave blank.
    googleEmailDomains List<String>
    Matches authenticated user email against provided domains. If null or [], all authenticated emails will be allowed.
    googleEnabled Boolean
    whether google is enabled as login method
    googleExpire Double
    interval for which guest remains authorized using google auth (in minutes), if not provided, uses expire`
    gupshupPassword String
    when sms_provider==gupshup
    gupshupUserid String
    when sms_provider==gupshup
    microsoftClientId String
    microsoft 365 OAuth2 client id. This is optional. If not provided, it will use a default one.
    microsoftClientSecret String
    microsoft 365 OAuth2 client secret. If microsoft_client_id was provided, provide a correspoinding value. Else leave blank.
    microsoftEmailDomains List<String>
    Matches authenticated user email against provided domains. If null or [], all authenticated emails will be allowed.
    microsoftEnabled Boolean
    whether microsoft 365 is enabled as a login method
    microsoftExpire Double
    interval for which guest remains authorized using microsoft auth (in minutes), if not provided, uses expire`
    passphraseEnabled Boolean
    whether password is enabled
    passphraseExpire Double
    interval for which guest remains authorized using passphrase auth (in minutes), if not provided, uses expire
    password String
    passphrase
    predefinedSponsorsEnabled Boolean
    whether to show list of sponsor emails mentioned in sponsors object as a dropdown. If both sponsor_notify_all and predefined_sponsors_enabled are false, behaviour is acc to sponsor_email_domains
    predefinedSponsorsHideEmail Boolean
    whether to hide sponsor’s email from list of sponsors
    privacy Boolean
    puzzelPassword String
    when sms_provider==puzzel
    puzzelServiceId String
    when sms_provider==puzzel
    puzzelUsername String
    when sms_provider==puzzel
    smsEnabled Boolean
    whether sms is enabled as a login method
    smsExpire Double
    interval for which guest remains authorized using sms auth (in minutes), if not provided, uses expire`
    smsMessageFormat String
    smsProvider String
    enum: broadnet, clickatell, gupshup, manual, puzzel, telstra, twilio
    sponsorAutoApprove Boolean
    whether to automatically approve guest and allow sponsor to revoke guest access, needs predefined_sponsors_enabled enabled and sponsor_notify_all disabled
    sponsorEmailDomains List<String>
    list of domain allowed for sponsor email. Required if sponsor_enabled is true and sponsors is empty.
    sponsorEnabled Boolean
    whether sponsor is enabled
    sponsorExpire Double
    interval for which guest remains authorized using sponsor auth (in minutes), if not provided, uses expire`
    sponsorLinkValidityDuration String
    how long to remain valid sponsored guest request approve/deny link received in email, in minutes.
    sponsorNotifyAll Boolean
    whether to notify all sponsors that are mentioned in sponsors object. Both sponsor_notify_all and predefined_sponsors_enabled should be true in order to notify sponsors. If true, email sent to 10 sponsors in no particular order.
    sponsorStatusNotify Boolean
    if enabled, guest will get email about sponsor's action (approve/deny)
    sponsors Map<String,String>
    object of allowed sponsors email with name. Required if sponsor_enabled is true and sponsor_email_domains is empty.

            Property key is the sponsor email, Property value is the sponsor name
    
    ssoDefaultRole String
    default role to assign if there’s no match. By default, an assertion is treated as invalid when there’s no role matched
    ssoForcedRole String
    ssoIdpCert String
    IDP Cert (used to verify the signed response)
    ssoIdpSignAlgo String
    signing algorithm for SAML Assertion
    ssoIdpSsoUrl String
    IDP Single-Sign-On URL
    ssoIssuer String
    IDP issuer URL
    ssoNameidFormat String
    enum: email, unspecified
    telstraClientId String
    when sms_provider==telstra, Client ID provided by Telstra
    telstraClientSecret String
    when sms_provider==telstra, Client secret provided by Telstra
    twilioAuthToken String
    when sms_provider==twilio, Auth token account with twilio account
    twilioPhoneNumber String
    when sms_provider==twilio, Twilio phone number associated with the account. See example for accepted format.
    twilioSid String
    when sms_provider==twilio, Account SID provided by Twilio
    amazonClientId string
    amazon OAuth2 client id. This is optional. If not provided, it will use a default one.
    amazonClientSecret string
    amazon OAuth2 client secret. If amazon_client_id was provided, provide a correspoinding value. Else leave blank.
    amazonEmailDomains string[]
    Matches authenticated user email against provided domains. If null or [], all authenticated emails will be allowed.
    amazonEnabled boolean
    whether amazon is enabled as a login method
    amazonExpire number
    interval for which guest remains authorized using amazon auth (in minutes), if not provided, uses expire`
    auth string
    authentication scheme. enum: external, none, sso
    azureClientId string
    Required if azure_enabled==true. Azure active directory app client id
    azureClientSecret string
    Required if azure_enabled==true. Azure active directory app client secret
    azureEnabled boolean
    whether Azure Active Directory is enabled as a login method
    azureExpire number
    interval for which guest remains authorized using azure auth (in minutes), if not provided, uses expire`
    azureTenantId string
    Required if azure_enabled==true. Azure active directory tenant id.
    broadnetPassword string
    when sms_provider==broadnet
    broadnetSid string
    when sms_provider==broadnet
    broadnetUserId string
    when sms_provider==broadnet
    bypassWhenCloudDown boolean
    whether to bypass the guest portal when cloud not reachable (and apply the default policies)
    clickatellApiKey string
    when sms_provider==clickatell
    crossSite boolean
    whether to allow guest to roam between WLANs (with same WLAN.ssid, regardless of variables) of different sites of same org without reauthentication (disable random_mac for seamless roaming)
    emailEnabled boolean
    whether email (access code verification) is enabled as a login method
    enabled boolean
    whether guest portal is enabled
    expire number
    how long to remain authorized, in minutes
    externalPortalUrl string
    external portal URL (e.g. https://host/url) where we can append our query parameters to
    facebookClientId string
    Required if facebook_enabled==true. Facebook OAuth2 app id. This is optional. If not provided, it will use a default one.
    facebookClientSecret string
    Required if facebook_enabled==true. Facebook OAuth2 app secret. If facebook_client_id was provided, provide a correspoinding value. Else leave blank.
    facebookEmailDomains string[]
    Matches authenticated user email against provided domains. If null or [], all authenticated emails will be allowed.
    facebookEnabled boolean
    whether facebook is enabled as a login method
    facebookExpire number
    interval for which guest remains authorized using facebook auth (in minutes), if not provided, uses expire`
    forward boolean
    whether to forward the user to another URL after authorized
    forwardUrl string
    the URL to forward the user to
    googleClientId string
    Google OAuth2 app id. This is optional. If not provided, it will use a default one.
    googleClientSecret string
    Google OAuth2 app secret. If google_client_id was provided, provide a correspoinding value. Else leave blank.
    googleEmailDomains string[]
    Matches authenticated user email against provided domains. If null or [], all authenticated emails will be allowed.
    googleEnabled boolean
    whether google is enabled as login method
    googleExpire number
    interval for which guest remains authorized using google auth (in minutes), if not provided, uses expire`
    gupshupPassword string
    when sms_provider==gupshup
    gupshupUserid string
    when sms_provider==gupshup
    microsoftClientId string
    microsoft 365 OAuth2 client id. This is optional. If not provided, it will use a default one.
    microsoftClientSecret string
    microsoft 365 OAuth2 client secret. If microsoft_client_id was provided, provide a correspoinding value. Else leave blank.
    microsoftEmailDomains string[]
    Matches authenticated user email against provided domains. If null or [], all authenticated emails will be allowed.
    microsoftEnabled boolean
    whether microsoft 365 is enabled as a login method
    microsoftExpire number
    interval for which guest remains authorized using microsoft auth (in minutes), if not provided, uses expire`
    passphraseEnabled boolean
    whether password is enabled
    passphraseExpire number
    interval for which guest remains authorized using passphrase auth (in minutes), if not provided, uses expire
    password string
    passphrase
    predefinedSponsorsEnabled boolean
    whether to show list of sponsor emails mentioned in sponsors object as a dropdown. If both sponsor_notify_all and predefined_sponsors_enabled are false, behaviour is acc to sponsor_email_domains
    predefinedSponsorsHideEmail boolean
    whether to hide sponsor’s email from list of sponsors
    privacy boolean
    puzzelPassword string
    when sms_provider==puzzel
    puzzelServiceId string
    when sms_provider==puzzel
    puzzelUsername string
    when sms_provider==puzzel
    smsEnabled boolean
    whether sms is enabled as a login method
    smsExpire number
    interval for which guest remains authorized using sms auth (in minutes), if not provided, uses expire`
    smsMessageFormat string
    smsProvider string
    enum: broadnet, clickatell, gupshup, manual, puzzel, telstra, twilio
    sponsorAutoApprove boolean
    whether to automatically approve guest and allow sponsor to revoke guest access, needs predefined_sponsors_enabled enabled and sponsor_notify_all disabled
    sponsorEmailDomains string[]
    list of domain allowed for sponsor email. Required if sponsor_enabled is true and sponsors is empty.
    sponsorEnabled boolean
    whether sponsor is enabled
    sponsorExpire number
    interval for which guest remains authorized using sponsor auth (in minutes), if not provided, uses expire`
    sponsorLinkValidityDuration string
    how long to remain valid sponsored guest request approve/deny link received in email, in minutes.
    sponsorNotifyAll boolean
    whether to notify all sponsors that are mentioned in sponsors object. Both sponsor_notify_all and predefined_sponsors_enabled should be true in order to notify sponsors. If true, email sent to 10 sponsors in no particular order.
    sponsorStatusNotify boolean
    if enabled, guest will get email about sponsor's action (approve/deny)
    sponsors {[key: string]: string}
    object of allowed sponsors email with name. Required if sponsor_enabled is true and sponsor_email_domains is empty.

            Property key is the sponsor email, Property value is the sponsor name
    
    ssoDefaultRole string
    default role to assign if there’s no match. By default, an assertion is treated as invalid when there’s no role matched
    ssoForcedRole string
    ssoIdpCert string
    IDP Cert (used to verify the signed response)
    ssoIdpSignAlgo string
    signing algorithm for SAML Assertion
    ssoIdpSsoUrl string
    IDP Single-Sign-On URL
    ssoIssuer string
    IDP issuer URL
    ssoNameidFormat string
    enum: email, unspecified
    telstraClientId string
    when sms_provider==telstra, Client ID provided by Telstra
    telstraClientSecret string
    when sms_provider==telstra, Client secret provided by Telstra
    twilioAuthToken string
    when sms_provider==twilio, Auth token account with twilio account
    twilioPhoneNumber string
    when sms_provider==twilio, Twilio phone number associated with the account. See example for accepted format.
    twilioSid string
    when sms_provider==twilio, Account SID provided by Twilio
    amazon_client_id str
    amazon OAuth2 client id. This is optional. If not provided, it will use a default one.
    amazon_client_secret str
    amazon OAuth2 client secret. If amazon_client_id was provided, provide a correspoinding value. Else leave blank.
    amazon_email_domains Sequence[str]
    Matches authenticated user email against provided domains. If null or [], all authenticated emails will be allowed.
    amazon_enabled bool
    whether amazon is enabled as a login method
    amazon_expire float
    interval for which guest remains authorized using amazon auth (in minutes), if not provided, uses expire`
    auth str
    authentication scheme. enum: external, none, sso
    azure_client_id str
    Required if azure_enabled==true. Azure active directory app client id
    azure_client_secret str
    Required if azure_enabled==true. Azure active directory app client secret
    azure_enabled bool
    whether Azure Active Directory is enabled as a login method
    azure_expire float
    interval for which guest remains authorized using azure auth (in minutes), if not provided, uses expire`
    azure_tenant_id str
    Required if azure_enabled==true. Azure active directory tenant id.
    broadnet_password str
    when sms_provider==broadnet
    broadnet_sid str
    when sms_provider==broadnet
    broadnet_user_id str
    when sms_provider==broadnet
    bypass_when_cloud_down bool
    whether to bypass the guest portal when cloud not reachable (and apply the default policies)
    clickatell_api_key str
    when sms_provider==clickatell
    cross_site bool
    whether to allow guest to roam between WLANs (with same WLAN.ssid, regardless of variables) of different sites of same org without reauthentication (disable random_mac for seamless roaming)
    email_enabled bool
    whether email (access code verification) is enabled as a login method
    enabled bool
    whether guest portal is enabled
    expire float
    how long to remain authorized, in minutes
    external_portal_url str
    external portal URL (e.g. https://host/url) where we can append our query parameters to
    facebook_client_id str
    Required if facebook_enabled==true. Facebook OAuth2 app id. This is optional. If not provided, it will use a default one.
    facebook_client_secret str
    Required if facebook_enabled==true. Facebook OAuth2 app secret. If facebook_client_id was provided, provide a correspoinding value. Else leave blank.
    facebook_email_domains Sequence[str]
    Matches authenticated user email against provided domains. If null or [], all authenticated emails will be allowed.
    facebook_enabled bool
    whether facebook is enabled as a login method
    facebook_expire float
    interval for which guest remains authorized using facebook auth (in minutes), if not provided, uses expire`
    forward bool
    whether to forward the user to another URL after authorized
    forward_url str
    the URL to forward the user to
    google_client_id str
    Google OAuth2 app id. This is optional. If not provided, it will use a default one.
    google_client_secret str
    Google OAuth2 app secret. If google_client_id was provided, provide a correspoinding value. Else leave blank.
    google_email_domains Sequence[str]
    Matches authenticated user email against provided domains. If null or [], all authenticated emails will be allowed.
    google_enabled bool
    whether google is enabled as login method
    google_expire float
    interval for which guest remains authorized using google auth (in minutes), if not provided, uses expire`
    gupshup_password str
    when sms_provider==gupshup
    gupshup_userid str
    when sms_provider==gupshup
    microsoft_client_id str
    microsoft 365 OAuth2 client id. This is optional. If not provided, it will use a default one.
    microsoft_client_secret str
    microsoft 365 OAuth2 client secret. If microsoft_client_id was provided, provide a correspoinding value. Else leave blank.
    microsoft_email_domains Sequence[str]
    Matches authenticated user email against provided domains. If null or [], all authenticated emails will be allowed.
    microsoft_enabled bool
    whether microsoft 365 is enabled as a login method
    microsoft_expire float
    interval for which guest remains authorized using microsoft auth (in minutes), if not provided, uses expire`
    passphrase_enabled bool
    whether password is enabled
    passphrase_expire float
    interval for which guest remains authorized using passphrase auth (in minutes), if not provided, uses expire
    password str
    passphrase
    predefined_sponsors_enabled bool
    whether to show list of sponsor emails mentioned in sponsors object as a dropdown. If both sponsor_notify_all and predefined_sponsors_enabled are false, behaviour is acc to sponsor_email_domains
    predefined_sponsors_hide_email bool
    whether to hide sponsor’s email from list of sponsors
    privacy bool
    puzzel_password str
    when sms_provider==puzzel
    puzzel_service_id str
    when sms_provider==puzzel
    puzzel_username str
    when sms_provider==puzzel
    sms_enabled bool
    whether sms is enabled as a login method
    sms_expire float
    interval for which guest remains authorized using sms auth (in minutes), if not provided, uses expire`
    sms_message_format str
    sms_provider str
    enum: broadnet, clickatell, gupshup, manual, puzzel, telstra, twilio
    bool
    whether to automatically approve guest and allow sponsor to revoke guest access, needs predefined_sponsors_enabled enabled and sponsor_notify_all disabled
    Sequence[str]
    list of domain allowed for sponsor email. Required if sponsor_enabled is true and sponsors is empty.
    bool
    whether sponsor is enabled
    float
    interval for which guest remains authorized using sponsor auth (in minutes), if not provided, uses expire`
    str
    how long to remain valid sponsored guest request approve/deny link received in email, in minutes.
    bool
    whether to notify all sponsors that are mentioned in sponsors object. Both sponsor_notify_all and predefined_sponsors_enabled should be true in order to notify sponsors. If true, email sent to 10 sponsors in no particular order.
    bool
    if enabled, guest will get email about sponsor's action (approve/deny)
    sponsors Mapping[str, str]
    object of allowed sponsors email with name. Required if sponsor_enabled is true and sponsor_email_domains is empty.

            Property key is the sponsor email, Property value is the sponsor name
    
    sso_default_role str
    default role to assign if there’s no match. By default, an assertion is treated as invalid when there’s no role matched
    sso_forced_role str
    sso_idp_cert str
    IDP Cert (used to verify the signed response)
    sso_idp_sign_algo str
    signing algorithm for SAML Assertion
    sso_idp_sso_url str
    IDP Single-Sign-On URL
    sso_issuer str
    IDP issuer URL
    sso_nameid_format str
    enum: email, unspecified
    telstra_client_id str
    when sms_provider==telstra, Client ID provided by Telstra
    telstra_client_secret str
    when sms_provider==telstra, Client secret provided by Telstra
    twilio_auth_token str
    when sms_provider==twilio, Auth token account with twilio account
    twilio_phone_number str
    when sms_provider==twilio, Twilio phone number associated with the account. See example for accepted format.
    twilio_sid str
    when sms_provider==twilio, Account SID provided by Twilio
    amazonClientId String
    amazon OAuth2 client id. This is optional. If not provided, it will use a default one.
    amazonClientSecret String
    amazon OAuth2 client secret. If amazon_client_id was provided, provide a correspoinding value. Else leave blank.
    amazonEmailDomains List<String>
    Matches authenticated user email against provided domains. If null or [], all authenticated emails will be allowed.
    amazonEnabled Boolean
    whether amazon is enabled as a login method
    amazonExpire Number
    interval for which guest remains authorized using amazon auth (in minutes), if not provided, uses expire`
    auth String
    authentication scheme. enum: external, none, sso
    azureClientId String
    Required if azure_enabled==true. Azure active directory app client id
    azureClientSecret String
    Required if azure_enabled==true. Azure active directory app client secret
    azureEnabled Boolean
    whether Azure Active Directory is enabled as a login method
    azureExpire Number
    interval for which guest remains authorized using azure auth (in minutes), if not provided, uses expire`
    azureTenantId String
    Required if azure_enabled==true. Azure active directory tenant id.
    broadnetPassword String
    when sms_provider==broadnet
    broadnetSid String
    when sms_provider==broadnet
    broadnetUserId String
    when sms_provider==broadnet
    bypassWhenCloudDown Boolean
    whether to bypass the guest portal when cloud not reachable (and apply the default policies)
    clickatellApiKey String
    when sms_provider==clickatell
    crossSite Boolean
    whether to allow guest to roam between WLANs (with same WLAN.ssid, regardless of variables) of different sites of same org without reauthentication (disable random_mac for seamless roaming)
    emailEnabled Boolean
    whether email (access code verification) is enabled as a login method
    enabled Boolean
    whether guest portal is enabled
    expire Number
    how long to remain authorized, in minutes
    externalPortalUrl String
    external portal URL (e.g. https://host/url) where we can append our query parameters to
    facebookClientId String
    Required if facebook_enabled==true. Facebook OAuth2 app id. This is optional. If not provided, it will use a default one.
    facebookClientSecret String
    Required if facebook_enabled==true. Facebook OAuth2 app secret. If facebook_client_id was provided, provide a correspoinding value. Else leave blank.
    facebookEmailDomains List<String>
    Matches authenticated user email against provided domains. If null or [], all authenticated emails will be allowed.
    facebookEnabled Boolean
    whether facebook is enabled as a login method
    facebookExpire Number
    interval for which guest remains authorized using facebook auth (in minutes), if not provided, uses expire`
    forward Boolean
    whether to forward the user to another URL after authorized
    forwardUrl String
    the URL to forward the user to
    googleClientId String
    Google OAuth2 app id. This is optional. If not provided, it will use a default one.
    googleClientSecret String
    Google OAuth2 app secret. If google_client_id was provided, provide a correspoinding value. Else leave blank.
    googleEmailDomains List<String>
    Matches authenticated user email against provided domains. If null or [], all authenticated emails will be allowed.
    googleEnabled Boolean
    whether google is enabled as login method
    googleExpire Number
    interval for which guest remains authorized using google auth (in minutes), if not provided, uses expire`
    gupshupPassword String
    when sms_provider==gupshup
    gupshupUserid String
    when sms_provider==gupshup
    microsoftClientId String
    microsoft 365 OAuth2 client id. This is optional. If not provided, it will use a default one.
    microsoftClientSecret String
    microsoft 365 OAuth2 client secret. If microsoft_client_id was provided, provide a correspoinding value. Else leave blank.
    microsoftEmailDomains List<String>
    Matches authenticated user email against provided domains. If null or [], all authenticated emails will be allowed.
    microsoftEnabled Boolean
    whether microsoft 365 is enabled as a login method
    microsoftExpire Number
    interval for which guest remains authorized using microsoft auth (in minutes), if not provided, uses expire`
    passphraseEnabled Boolean
    whether password is enabled
    passphraseExpire Number
    interval for which guest remains authorized using passphrase auth (in minutes), if not provided, uses expire
    password String
    passphrase
    predefinedSponsorsEnabled Boolean
    whether to show list of sponsor emails mentioned in sponsors object as a dropdown. If both sponsor_notify_all and predefined_sponsors_enabled are false, behaviour is acc to sponsor_email_domains
    predefinedSponsorsHideEmail Boolean
    whether to hide sponsor’s email from list of sponsors
    privacy Boolean
    puzzelPassword String
    when sms_provider==puzzel
    puzzelServiceId String
    when sms_provider==puzzel
    puzzelUsername String
    when sms_provider==puzzel
    smsEnabled Boolean
    whether sms is enabled as a login method
    smsExpire Number
    interval for which guest remains authorized using sms auth (in minutes), if not provided, uses expire`
    smsMessageFormat String
    smsProvider String
    enum: broadnet, clickatell, gupshup, manual, puzzel, telstra, twilio
    sponsorAutoApprove Boolean
    whether to automatically approve guest and allow sponsor to revoke guest access, needs predefined_sponsors_enabled enabled and sponsor_notify_all disabled
    sponsorEmailDomains List<String>
    list of domain allowed for sponsor email. Required if sponsor_enabled is true and sponsors is empty.
    sponsorEnabled Boolean
    whether sponsor is enabled
    sponsorExpire Number
    interval for which guest remains authorized using sponsor auth (in minutes), if not provided, uses expire`
    sponsorLinkValidityDuration String
    how long to remain valid sponsored guest request approve/deny link received in email, in minutes.
    sponsorNotifyAll Boolean
    whether to notify all sponsors that are mentioned in sponsors object. Both sponsor_notify_all and predefined_sponsors_enabled should be true in order to notify sponsors. If true, email sent to 10 sponsors in no particular order.
    sponsorStatusNotify Boolean
    if enabled, guest will get email about sponsor's action (approve/deny)
    sponsors Map<String>
    object of allowed sponsors email with name. Required if sponsor_enabled is true and sponsor_email_domains is empty.

            Property key is the sponsor email, Property value is the sponsor name
    
    ssoDefaultRole String
    default role to assign if there’s no match. By default, an assertion is treated as invalid when there’s no role matched
    ssoForcedRole String
    ssoIdpCert String
    IDP Cert (used to verify the signed response)
    ssoIdpSignAlgo String
    signing algorithm for SAML Assertion
    ssoIdpSsoUrl String
    IDP Single-Sign-On URL
    ssoIssuer String
    IDP issuer URL
    ssoNameidFormat String
    enum: email, unspecified
    telstraClientId String
    when sms_provider==telstra, Client ID provided by Telstra
    telstraClientSecret String
    when sms_provider==telstra, Client secret provided by Telstra
    twilioAuthToken String
    when sms_provider==twilio, Auth token account with twilio account
    twilioPhoneNumber String
    when sms_provider==twilio, Twilio phone number associated with the account. See example for accepted format.
    twilioSid String
    when sms_provider==twilio, Account SID provided by Twilio

    WlanQos, WlanQosArgs

    Class string
    enum: background, best_effort, video, voice
    Overwrite bool
    whether to overwrite QoS
    Class string
    enum: background, best_effort, video, voice
    Overwrite bool
    whether to overwrite QoS
    class_ String
    enum: background, best_effort, video, voice
    overwrite Boolean
    whether to overwrite QoS
    class string
    enum: background, best_effort, video, voice
    overwrite boolean
    whether to overwrite QoS
    class_ str
    enum: background, best_effort, video, voice
    overwrite bool
    whether to overwrite QoS
    class String
    enum: background, best_effort, video, voice
    overwrite Boolean
    whether to overwrite QoS

    WlanRadsec, WlanRadsecArgs

    CoaEnabled bool
    Enabled bool
    IdleTimeout int
    MxclusterIds List<string>
    To use Org mxedges when this WLAN does not use mxtunnel, specify their mxcluster_ids. Org mxedge(s) identified by mxcluster_ids
    ProxyHosts List<string>
    default is site.mxedge.radsec.proxy_hosts which must be a superset of all wlans[*].radsec.proxy_hosts when radsec.proxy_hosts are not used, tunnel peers (org or site mxedges) are used irrespective of use_site_mxedge
    ServerName string
    name of the server to verify (against the cacerts in Org Setting). Only if not Mist Edge.
    Servers List<Pulumi.JuniperMist.Site.Inputs.WlanRadsecServer>
    List of Radsec Servers. Only if not Mist Edge.
    UseMxedge bool
    use mxedge(s) as radsecproxy
    UseSiteMxedge bool
    To use Site mxedges when this WLAN does not use mxtunnel
    CoaEnabled bool
    Enabled bool
    IdleTimeout int
    MxclusterIds []string
    To use Org mxedges when this WLAN does not use mxtunnel, specify their mxcluster_ids. Org mxedge(s) identified by mxcluster_ids
    ProxyHosts []string
    default is site.mxedge.radsec.proxy_hosts which must be a superset of all wlans[*].radsec.proxy_hosts when radsec.proxy_hosts are not used, tunnel peers (org or site mxedges) are used irrespective of use_site_mxedge
    ServerName string
    name of the server to verify (against the cacerts in Org Setting). Only if not Mist Edge.
    Servers []WlanRadsecServer
    List of Radsec Servers. Only if not Mist Edge.
    UseMxedge bool
    use mxedge(s) as radsecproxy
    UseSiteMxedge bool
    To use Site mxedges when this WLAN does not use mxtunnel
    coaEnabled Boolean
    enabled Boolean
    idleTimeout Integer
    mxclusterIds List<String>
    To use Org mxedges when this WLAN does not use mxtunnel, specify their mxcluster_ids. Org mxedge(s) identified by mxcluster_ids
    proxyHosts List<String>
    default is site.mxedge.radsec.proxy_hosts which must be a superset of all wlans[*].radsec.proxy_hosts when radsec.proxy_hosts are not used, tunnel peers (org or site mxedges) are used irrespective of use_site_mxedge
    serverName String
    name of the server to verify (against the cacerts in Org Setting). Only if not Mist Edge.
    servers List<WlanRadsecServer>
    List of Radsec Servers. Only if not Mist Edge.
    useMxedge Boolean
    use mxedge(s) as radsecproxy
    useSiteMxedge Boolean
    To use Site mxedges when this WLAN does not use mxtunnel
    coaEnabled boolean
    enabled boolean
    idleTimeout number
    mxclusterIds string[]
    To use Org mxedges when this WLAN does not use mxtunnel, specify their mxcluster_ids. Org mxedge(s) identified by mxcluster_ids
    proxyHosts string[]
    default is site.mxedge.radsec.proxy_hosts which must be a superset of all wlans[*].radsec.proxy_hosts when radsec.proxy_hosts are not used, tunnel peers (org or site mxedges) are used irrespective of use_site_mxedge
    serverName string
    name of the server to verify (against the cacerts in Org Setting). Only if not Mist Edge.
    servers WlanRadsecServer[]
    List of Radsec Servers. Only if not Mist Edge.
    useMxedge boolean
    use mxedge(s) as radsecproxy
    useSiteMxedge boolean
    To use Site mxedges when this WLAN does not use mxtunnel
    coa_enabled bool
    enabled bool
    idle_timeout int
    mxcluster_ids Sequence[str]
    To use Org mxedges when this WLAN does not use mxtunnel, specify their mxcluster_ids. Org mxedge(s) identified by mxcluster_ids
    proxy_hosts Sequence[str]
    default is site.mxedge.radsec.proxy_hosts which must be a superset of all wlans[*].radsec.proxy_hosts when radsec.proxy_hosts are not used, tunnel peers (org or site mxedges) are used irrespective of use_site_mxedge
    server_name str
    name of the server to verify (against the cacerts in Org Setting). Only if not Mist Edge.
    servers Sequence[WlanRadsecServer]
    List of Radsec Servers. Only if not Mist Edge.
    use_mxedge bool
    use mxedge(s) as radsecproxy
    use_site_mxedge bool
    To use Site mxedges when this WLAN does not use mxtunnel
    coaEnabled Boolean
    enabled Boolean
    idleTimeout Number
    mxclusterIds List<String>
    To use Org mxedges when this WLAN does not use mxtunnel, specify their mxcluster_ids. Org mxedge(s) identified by mxcluster_ids
    proxyHosts List<String>
    default is site.mxedge.radsec.proxy_hosts which must be a superset of all wlans[*].radsec.proxy_hosts when radsec.proxy_hosts are not used, tunnel peers (org or site mxedges) are used irrespective of use_site_mxedge
    serverName String
    name of the server to verify (against the cacerts in Org Setting). Only if not Mist Edge.
    servers List<Property Map>
    List of Radsec Servers. Only if not Mist Edge.
    useMxedge Boolean
    use mxedge(s) as radsecproxy
    useSiteMxedge Boolean
    To use Site mxedges when this WLAN does not use mxtunnel

    WlanRadsecServer, WlanRadsecServerArgs

    Host string
    Port int
    Host string
    Port int
    host String
    port Integer
    host string
    port number
    host str
    port int
    host String
    port Number

    WlanSchedule, WlanScheduleArgs

    Enabled bool
    Hours Pulumi.JuniperMist.Site.Inputs.WlanScheduleHours

    hours of operation filter, the available days (mon, tue, wed, thu, fri, sat, sun).

    Note: If the dow is not defined then it\u2019\ s treated as 00:00-23:59.

    Enabled bool
    Hours WlanScheduleHours

    hours of operation filter, the available days (mon, tue, wed, thu, fri, sat, sun).

    Note: If the dow is not defined then it\u2019\ s treated as 00:00-23:59.

    enabled Boolean
    hours WlanScheduleHours

    hours of operation filter, the available days (mon, tue, wed, thu, fri, sat, sun).

    Note: If the dow is not defined then it\u2019\ s treated as 00:00-23:59.

    enabled boolean
    hours WlanScheduleHours

    hours of operation filter, the available days (mon, tue, wed, thu, fri, sat, sun).

    Note: If the dow is not defined then it\u2019\ s treated as 00:00-23:59.

    enabled bool
    hours WlanScheduleHours

    hours of operation filter, the available days (mon, tue, wed, thu, fri, sat, sun).

    Note: If the dow is not defined then it\u2019\ s treated as 00:00-23:59.

    enabled Boolean
    hours Property Map

    hours of operation filter, the available days (mon, tue, wed, thu, fri, sat, sun).

    Note: If the dow is not defined then it\u2019\ s treated as 00:00-23:59.

    WlanScheduleHours, WlanScheduleHoursArgs

    Fri string
    Mon string
    Sat string
    Sun string
    Thu string
    Tue string
    Wed string
    Fri string
    Mon string
    Sat string
    Sun string
    Thu string
    Tue string
    Wed string
    fri String
    mon String
    sat String
    sun String
    thu String
    tue String
    wed String
    fri string
    mon string
    sat string
    sun string
    thu string
    tue string
    wed string
    fri str
    mon str
    sat str
    sun str
    thu str
    tue str
    wed str
    fri String
    mon String
    sat String
    sun String
    thu String
    tue String
    wed String

    Import

    Using pulumi import, import mist_site_wlan with:

    Site WLAN can be imported by specifying the site_id and the wlan_id

    $ pulumi import junipermist:site/wlan:Wlan wlan_one 17b46405-3a6d-4715-8bb4-6bb6d06f316a.d3c42998-9012-4859-9743-6b9bee475309
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    junipermist pulumi/pulumi-junipermist
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the mist Terraform Provider.
    junipermist logo
    Juniper Mist v0.1.1 published on Monday, Nov 4, 2024 by Pulumi