cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
142
Views
2
Helpful
3
Replies

WLC9800 <client-mac> deauthenticate, via RESTCONF

WOW-it-suporte
Level 1
Level 1

Hello, 

Did someone already have this need or know how to send a restconf query to deauthenticate an mac-address in WLC9800 via RESTCONF

This give us the mac address connected, 

curl -k -X GET "https://172.17.0.52/restconf/data/Cisco-IOS-XE-wireless-client-oper:client-oper-data" \
-H "Content-Type: application/yang-data+json" \
-H "Authorization: Basic ...."

But when we try do patch or delete this mac-address

curl -k -X POST or PATCH or DELETE \
"https://172.17.0.52/restconf/data/Cisco-IOS-XE-wireless-client-oper:client-oper-data" \
-H "Content-Type: application/yang-data+json" \
-H "Accept: application/yang-data+json" \
-H "Authorization: Basic ..." \
--data '{
"input": {
"mac-address": "a2:dd:36:be:a1:92"
}

"ietf-restconf:errors": {
"error": [
{
"error-type": "application",
"error-tag": "operation-not-supported",
"error-path": "/Cisco-IOS-XE-wireless-client-oper:client-oper-data",
"error-message": "The datastore running is not writable."

The ideia of all this is to send via RESTCONF the cli command, wireless client mac-address <client-mac> deauthenticate

Thanks in advance for all the help given, 

 

3 Replies 3

I think you are getting this error due to trying to modify operational data (client-oper-data), which is read only, so you would need to
use the appropriate RPC endpoint to perform actions like deauthentication. You could try this

curl -k -X POST \
"https://hostname/restconf/operations/Cisco-IOS-XE-wireless-client-oper:deauthenticate-client" \
-H "Content-Type: application/yang-data+json" \
-H "Accept: application/yang-data+json" \
-H "Authorization: Basic ..." \
--data '{
  "Cisco-IOS-XE-wireless-client-oper:input": {
    "mac-address": "[add mac address here"
  }
}'

If this does not work it might be worth looking what your devices supports and search the output for "client" or "deauthenticate" to figure which is the right endpoint here.

Hope this helps.

Please mark this as helpful or solution accepted to help others
Connect with me https://bigevilbeard.github.io

WOW-it-suporte
Level 1
Level 1

Hello @bigevilbeard , "big" thanks but no luck with that, 

{
"error-type": "application",
"error-tag": "malformed-message",
"error-message": "invalid path"
}

nevertheless I get all the operations, 

and I can find with client, 

<wireless-client-rpc:clear-sisf-binding-state xmlns:wireless-client-rpc="http://cisco.com/ns/yang/Cisco-IOS-XE-wireless-client-rpc">/restconf/operations/Cisco-IOS-XE-wireless-client-rpc:clear-sisf-binding-state</wireless-client-rpc:clear-sisf-binding-state>
<wireless-client-rpc:clear-sisf-binding-ip xmlns:wireless-client-rpc="http://cisco.com/ns/yang/Cisco-IOS-XE-wireless-client-rpc">/restconf/operations/Cisco-IOS-XE-wireless-client-rpc:clear-sisf-binding-ip</wireless-client-rpc:clear-sisf-binding-ip>

but nothing with deauthenticate - deauth

Thanks

Marcel Zehnder
Spotlight
Spotlight

Hi, I don't know WLAN, but by looking at the modules, maybe this one could do the trick?

module: Cisco-IOS-XE-wireless-client-rpc

  rpcs:
    +---x clear-sisf-binding-state
    |  +---w input
    |     +---w entry-mac-address    yang:mac-address
    |     +---w binding-state        wireless-enum-types:enm-sisf-binding-state
    +---x clear-sisf-binding-ip
       +---w input
          +---w entry-mac-address    yang:mac-address
          +---w ip-addr              inet:ip-address

So, try do do a POST to "/operations/Cisco-IOS-XE-wireless-client-rpc:clear-sisf-binding-ip" or "/operations/Cisco-IOS-XE-wireless-client-rpc:clear-sisf-binding-state" with the following payload:

{
  "Cisco-IOS-XE-wireless-client-rpc:input":  {
      "entry-mac-address": "<MAC-ADDRESS>"
    }
}