Automatic rotating PSK for wireless

CMDRTucker
Here to help

Automatic rotating PSK for wireless

I know this has been asked before 🙂 but I believe the thread went stale.  Has anyone created a script that will create a random PSK, have it configure the Access Control Configuration via an API, and created a web page with the passcode or email to an email address.

I am testing out Splash Access which has this feature, but they have many features related to marketing, and I am just looking for some administration automation.  From what I can tell, they are limited to one SSID and do not have the email notification feature when it changes.

 

Thanks and I appreciate your responses.

-Steve

6 REPLIES 6
Network-dad
A model citizen

We change our WiFi passwords quarterly... right now we touch every network and every SSID but I'm looking to apply a template so I can just enter this once and be done. 

Dakota Snow | Network-dad Linkdedin
CMNO | A+ | ECMS2
Check out The Bearded I.T. Dad onThe Bearded I.T. DadThe Bearded I.T. Dad

Well... this should get you going:

 

 

import requests
import random
import string
import smtplib
import ssl
from email.mime.text import MIMEText
from email.mime.multipart import MIMEMultipart


api_key = "your_api_key" # enter your meraki api key here
network_id = "L_123456789123456789" # enter the network id of the network you 
want to change here
ssid_number = 1 # enter the number of the ssid you want to change here 0 - 14
password_length = 15  # enter the desired length of the new PSK min 8 max 63
character_types = string.ascii_lowercase + string.ascii_uppercase + string.digits # remove or change according to needs
gmail_password = "gmail_app_password" # enter a gmail app password here
sender_email = "jane.doe@gmail.com" # sending gmail address
receiver_email = "john.doe@doeville.com" # receiving address(es)

def random_string(stringlength=password_length):
    return ''.join(random.choice(character_types) for i in range(stringlength))


def set_new_psk(new_psk, ssid=ssid_number):
    url = "h t t p s://api.meraki.com/api/v0/networks/" + network_id + "/ssids/" + str(ssid)  #remove the spaces the I inserted to get around a community bug
    payload = "{\r\n    \"psk\": \""+str(new_psk)+"\"\r\n}"
    headers = {
        'Accept': "*/*",
        'Content-Type': "application/json",
        'cache-control': "no-cache",
        'X-Cisco-Meraki-API-Key': api_key
    }

    response = requests.request("PUT", url, data=payload, headers=headers)

    print(str(response.status_code) + " - " + response.text)
    return(response.status_code)


def send_password_email(new_psk_param):

    message = MIMEMultipart("alternative")
    message["Subject"] = "New Wi-Fi PSK"
    message["From"] = sender_email
    message["To"] = receiver_email

    # Create the plain-text and HTML version of your message
    text = """\
    Hi,
    We've changed the Wi-Fi password to: {new_psk}
    Kind regards,
    pskscript""".format(new_psk=new_psk_param)
    html = """\
    <html>
      <body>
        <div>Hi,<br>
           <br>
           We've changed the Wi-Fi password to: <br>
           <h1>{new_psk}</h1>
           Kind regards,<br>
           pskscript
        </div>
      </body>
    </html>
    """.format(new_psk=new_psk_param)

    # Turn these into plain/html MIMEText objects
    part1 = MIMEText(text, "plain")
    part2 = MIMEText(html, "html")

    # Add HTML/plain-text parts to MIMEMultipart message
    # The email client will try to render the last part first
    message.attach(part1)
    message.attach(part2)

    # Create secure connection with server and send email
    context = ssl.create_default_context()
    with smtplib.SMTP_SSL("smtp.gmail.com", 465, context=context) as server:
        server.login(sender_email, gmail_password)
        server.sendmail(
            sender_email, receiver_email, message.as_string()
        )


new_psk = random_string(password_length)
if set_new_psk(new_psk) == 200:
    send_password_email(new_psk)

 

 

You could run the script on a schedule.

 

Note: I'm not a professional programmer, so use at your own risk.

 

Props to https://realpython.com/python-send-email/ and https://pynative.com/python-generate-random-string/ for some of the source.

Hiya
Am new bee to API, please could you help (advise the steps) how to integrate/use this code with Meraki API
Thank you in advance
Regards
Kash
BrechtSchamp
Kind of a big deal

@Kash The code is actually using the requests library to interact with the Meraki API. There are other ways to interact with the Meraki API too.

 

To get started with python, have a look online, there are many "python for beginners" trainings out there. I learned it using this back in the day: https://developers.google.com/edu/python. But it's probably a bit dated now, there may be better ones out there. To get started with the Meraki API's, I'd first do some playing around in Postman.https://developer.cisco.com/meraki/build/meraki-postman-collection-getting-started/.

 

Then when you've familiarized yourself with how the APIs work and python, you can start coding: https://developer.cisco.com/meraki/build/automation-with-python-api-lab/

 

Good luck! If you need any further help it's probably better to start your own topic.

The post in this link https://community.meraki.com/t5/Wireless-LAN/Automated-password-for-Guest-wireless-user/m-p/67536#M1... by nealgs worked for me.  I just ran it from a windows 10 machine that I will put on a schedule and it generates the password for me.

-Steve

 

nealgs
Building a reputation

Good to hear that it's working for someone else CMDRTucker 👍

 

We've been running it since August last year, scheduled to change password for guest wifi on site every friday at 4pm with an email sent out to reception and our support team.

Reception print email out ready for visitors to site over weekend and following week.

 

Has worked very will since with only a couple of hiccups which where down to the machine the scheduled task was running on rather than the script itself 🙂

 

Any questions about the script - give me a shout.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels