Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
929
Views
0
Helpful
0
Replies

FTD API Sandbox Authentication Errors

dgoodenberger
Level 1
Level 1

‎03-15-2021 11:10 PM

I reserved and successfully connected to an FTD REST API over VPN.

 

I am using the sandbox for the FTD REST API learning lab (https://developer.cisco.com/learning/lab/fdm-api-102/step/2).  However, when attempting to use both Python and Ansible per the lab instructions, I am getting authentication errors.

 

E.g., for ansible I have modified the hosts and playbook files as per the lab guide (running this from docker image as suggested):

 

root@a946c73820c3:/ftd-ansible/playbooks# cat /etc/ansible/hosts
[ftd]
10.10.20.65 ansible_network_os=ftd ansible_user=admin ansible_password=<removed> ansible_httpapi_use_ssl=True ansible_httpapi_validate_certs=False ansible_httpapi_port=443


root@a946c73820c3:/ftd-ansible/playbooks# cat network.yml
- hosts: 10.10.20.65
connection: httpapi
tasks:
- name: Create an FQDN network for Cisco DevNet
ftd_configuration:
operation: upsertNetworkObject
data:
name: CiscoDevNetNetwork
subType: FQDN
value: developer.cisco.com
isSystemDefined: False
type: networkobject
dnsResolution: IPV4_AND_IPV6

 

However, when running the playbook I get the following error:


root@a946c73820c3:/ftd-ansible/playbooks# ansible-playbook network.yml

PLAY [10.10.20.65] *******************************************************************

TASK [Gathering Facts] ***************************************************************
fatal: [10.10.20.65]: FAILED! => {"msg": "Server returned an error during authentication request: {'message': 'Unauthorized', 'status_code': 401}"}
to retry, use: --limit @/ftd-ansible/playbooks/network.retry

PLAY RECAP ***************************************************************************
10.10.20.65 : ok=0 changed=0 unreachable=0 failed=1

 

However, from within the docker image, I can ssh to the FTD using the same credentials I entered in the ansible configuration:

 

root@a946c73820c3:/ftd-ansible/playbooks# ssh admin@10.10.20.65
The authenticity of host '10.10.20.65 (10.10.20.65)' can't be established.
ECDSA key fingerprint is SHA256:WQDnsgqj4BS2Azw101ZUJU1fRaGY1Aq+R4qfGnDA5+o.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.10.20.65' (ECDSA) to the list of known hosts.
Password:
Last login: Tue Mar 16 05:41:49 UTC 2021 from 192.168.254.11 on pts/0

Copyright 2004-2020, Cisco and/or its affiliates. All rights reserved.
Cisco is a registered trademark of Cisco Systems, Inc.
All other trademarks are property of their respective owners.

Cisco Fire Linux OS v6.6.0 (build 37)
Cisco Firepower Threat Defense for VMWare v6.6.0 (build 90)

>

 

I've also tried this on two separate reserved sandboxes and got the same errors on both.  Is there an issue with the sandobox causing these errors?

 

Thanks for any assistance!

 

0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents