Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5611
Views
15
Helpful
7
Replies

Help with Python Part 3 request.get Access Denied Why ?

Go to solution
lowfell
Level 3
Level 3

‎01-09-2021 02:48 AM

hello all. i'm a total newby to python/json etc and  to I am trying to learn programming through 

https://developer.cisco.com/video/net-prog-basics/

 

In lesson in Python Part3 trying to use the request.get

Now in the video he uses 10.10.20.21 however in the info for the lesson it say to reference the always on sandbox. The router there has an ip address of 10.10.20.48 so this is the ip address I've used. so i enter all the correct info and get the cert warning, which i expect, but when I run the print command to get the interface info I'm getting errors for access denied and protocol, why is this ?  Is it to do with the headers I' using in my request?

Firstly you can see i make it as far as the router as i get a cert warning regarding the self certs

router = {“ip”: “10.10.20.48” ,
… “port”:“443”,
… “user”:“XXXX”,
… “pass”:“XXXXX”}

headers = {“Accept”: “application/yang-data+json”}
u = “https://{}:{}/restconf/data/interfaces/interface=Gigabitethernet1”
u = u.format(router[“ip”], router[“port”])
print(u)
https://10.10.20.48:443/restconf/data/interfaces/interface=Gigabitethernet1

r = requests.get(u,
… headers = headers,
… auth=(router[“user”], router[“pass”]),
… verify=False)
C:\Users\M7551873\AppData\Local\Programs\Python\Python38\lib\site-packages\urllib3\connectionpool.py:1013: InsecureRequestWarning: Unverified HTTPS request is being made to host ‘10.10.20.48’.
Adding certificate verification is strongly advised. See: Advanced Usage - urllib3 2.0.0.dev0 documentation

I then run pprint and expect it to return the interface information but i get access denied. I expect this is because I’m being given the wrong credentials? Or is it the request headers? this is what i get when running the print command

pprint(r.text)
Traceback (most recent call last):
File “”, line 1, in
NameError: name ‘pprint’ is not defined

from pprint import pprint
pprint(r.text)
(’{\n’
’ “errors”: {\n’
’ “error”: [\n’
’ {\n’
’ “error-tag”: “access-denied”,\n’
’ “error-type”: “protocol”\n’
’ }\n’
’ ]\n’
’ }\n’
‘}\n’)

print(r.text)
{
“errors”: {
“error”: [
{
“error-tag”: “access-denied”,
“error-type”: “protocol”
}
]
}
}

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
bigevilbeard
VIP
VIP
In response to lowfell

‎01-10-2021 09:08 AM - edited ‎01-10-2021 09:10 AM

@lowfell no need to apologise,  I under this can be frustrating when new to a subject and you are not getting the desired results in your very first try.

 

RESTCONF is not enabled by default in IOS-XE, as part of the structure, it might be a requirement to show users how to enable this. We have multiple sandbox's for image versions, availability, redundancy mostly. Sandbox comes in two flavours, `always-on` (which is an open and shared resource) and `reservable` and single-user use (which is the one you provided the link to from the course, these have private IP addresses as you are using the Any-Connect VPN). Sometimes when testing code I will not have a reservation and will test this on the Always-On, plus when testing code if I can I test against another device to see if the device is at fault.

 

We have an Always-On sandbox which is running the code train/version you mentioned. Can you test your code using this sandbox please and share the full code you are using? If we test your code on this always-on sandbox, we are using the same testbed and router. This is the link HERE - you will need to update your code to the following details per the sandbox instructions, please not the port is 9433, not the standard 443 as you had before.

 

CSR1000V Host: ios-xe-mgmt.cisco.com
RESTCONF Ports: 9443 (HTTPS)
Username: developer
Password: C1sco12345

 

It should look like this.

 

import requests
from pprint import pprint
router = {
    'ip': 'ios-xe-mgmt.cisco.com',
    'port': '9443',
    'user': 'developer',
    'pass': 'C1sco12345',
    }

headers = {'Accept': 'application/yang-data+json'}

u = 'https://{}:{}/restconf/data/interfaces/interface=GigabitEthernet1'

u = u.format(router['ip'], router['port'])

r = requests.get(u, headers=headers, auth=(router['user'], router['pass'
                 ]), verify=False)

pprint(r.text)

api_data = r.json()
interface_name = api_data['Cisco-IOS-XE-interfaces-oper:interface'
                          ]['name']
interface_name

Once you have run this code you should see the following outputs

 

>>> import requests
>>> from pprint import pprint
>>> router = {"ip": "ios-xe-mgmt.cisco.com",
...       "port": "9443",
...           "user": "developer",
...           "pass": "C1sco12345"}
>>> 
>>> headers = {"Accept": "application/yang-data+json"}
>>> 
>>> u = "https://{}:{}/restconf/data/interfaces/interface=GigabitEthernet1"
>>> 
>>> u = u.format(router["ip"], router["port"])
>>> r = requests.get(u,
...      headers = headers,
...      auth=(router["user"], router["pass"]),
...      verify=False)
/Users/stuaclar/venv/lib/python3.6/site-packages/urllib3/connectionpool.py:988: InsecureRequestWarning: Unverified HTTPS request is being made to host 'i
os-xe-mgmt.cisco.com'. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warning
s
  InsecureRequestWarning,
>>> pprint(r.text)
('{\n'
 '  "Cisco-IOS-XE-interfaces-oper:interface": {\n'
 '    "name": "GigabitEthernet1",\n'
 '    "interface-type": "iana-iftype-ethernet-csmacd",\n'
 '    "admin-status": "if-state-up",\n'
 '    "oper-status": "if-oper-state-ready",\n'
 '    "last-change": "2021-01-09T21:02:39.000215+00:00",\n'
 '    "if-index": 1,\n'
 '    "phys-address": "00:50:56:bb:e1:4e",\n'
 '    "speed": "1024000000",\n'
 '    "statistics": {\n'
 '      "discontinuity-time": "2021-01-09T21:00:56.000028+00:00",\n'
 '      "in-octets": "1881792136",\n'
 '      "in-unicast-pkts": "6804538",\n'
 '      "in-broadcast-pkts": "0",\n'
 '      "in-multicast-pkts": "0",\n'
 '      "in-discards": 0,\n'
 '      "in-errors": 0,\n'
 '      "in-unknown-protos": 0,\n'
 '      "out-octets": 596296373,\n'
 '      "out-unicast-pkts": "1526270",\n'
 '      "out-broadcast-pkts": "0",\n'
 '      "out-multicast-pkts": "0",\n'
 '      "out-discards": "0",\n'
 '      "out-errors": "0",\n'
 '      "rx-pps": "100",\n'
 '      "rx-kbps": "226",\n'
 '      "tx-pps": "16",\n'
 '      "tx-kbps": "62",\n'
 '      "num-flaps": "0",\n'
 '      "in-crc-errors": "0"\n'
 '    },\n'
 '    "vrf": "",\n'
 '    "ipv4": "10.10.20.48",\n'
 '    "ipv4-subnet-mask": "255.255.255.0",\n'
 '    "description": "MANAGEMENT INTERFACE - DON\'T TOUCH ME",\n'
 '    "mtu": 1500,\n'
 '    "input-security-acl": "",\n'
 '    "output-security-acl": "",\n'
 '    "v4-protocol-stats": {\n'
 '      "in-pkts": "1192652",\n'
 '      "in-octets": "114321235",\n'
 '      "in-error-pkts": "0",\n'
 '      "in-forwarded-pkts": "0",\n'
 '      "in-forwarded-octets": "0",\n'
 '      "in-discarded-pkts": "0",\n'
 '      "out-pkts": "1523847",\n'
 '      "out-octets": "596224196",\n'
 '      "out-error-pkts": "0",\n'
 '      "out-forwarded-pkts": "1523847",\n'
 '      "out-forwarded-octets": "0",\n'
 '      "out-discarded-pkts": "0"\n'
 '    },\n'
 '    "v6-protocol-stats": {\n'
 '      "in-pkts": "0",\n'
 '      "in-octets": "0",\n'
 '      "in-error-pkts": "0",\n'
 '      "in-forwarded-pkts": "0",\n'
 '      "in-forwarded-octets": "0",\n'
 '      "in-discarded-pkts": "0",\n'
 '      "out-pkts": "0",\n'
 '      "out-octets": "0",\n'
 '      "out-error-pkts": "0",\n'
 '      "out-forwarded-pkts": "0",\n'
 '      "out-forwarded-octets": "0",\n'
 '      "out-discarded-pkts": "0"\n'
 '    },\n'
 '    "bia-address": "00:50:56:bb:e1:4e",\n'
 '    "ipv4-tcp-adjust-mss": 0,\n'
 '    "ipv6-tcp-adjust-mss": 0,\n'
 '    "ether-state": {\n'
 '      "negotiated-duplex-mode": "unknown-duplex",\n'
 '      "negotiated-port-speed": "speed-unknown",\n'
 '      "auto-negotiate": true,\n'
 '      "enable-flow-control": false\n'
 '    },\n'
 '    "ether-stats": {\n'
 '      "in-mac-control-frames": "0",\n'
 '      "in-mac-pause-frames": "0",\n'
 '      "in-oversize-frames": "0",\n'
 '      "in-jabber-frames": "0",\n'
 '      "in-fragment-frames": "0",\n'
 '      "in-8021q-frames": "0",\n'
 '      "out-mac-control-frames": "0",\n'
 '      "out-mac-pause-frames": "0",\n'
 '      "out-8021q-frames": "0"\n'
 '    }\n'
 '  }\n'
 '}\n')
>>>
>>>
>>>
>>>
>>> api_data = r.json()
>>> interface_name = api_data["Cisco-IOS-XE-interfaces-oper:interface"]["name"]
>>> interface_name
'GigabitEthernet1'

Please try this code and sandbox and let me know your results.

Please mark this as helpful or solution accepted to help others
Connect with me https://bigevilbeard.github.io

View solution in original post

7 Replies 7

Go to solution
bigevilbeard
VIP
VIP

‎01-09-2021 03:35 AM

Looks like an issue/permission issue on the router side. Check the device you are using has RESTCONF enabled and is supported. You can use the always-on CSR/XE sandbox for this HERE You can run a simple curl command. The following is a sample RESTCONF request that shows the HTTPS verbs allowed on a targeted resource. In this example, the logging monitor command is used..

 

 

(venv) STUACLAR-M-R6EU:~ stuaclar$ curl -i -k -X "OPTIONS" "https://sandbox-iosxe-latest-1.cisco.com:443/restconf/data/Cisco-IOS-XE-native:native/logging/monitor/severity" \
> -H 'Accept: application/yang-data+json' \
> -u 'developer:C1sco12345'
HTTP/2 200 
server: nginx/1.13.12
date: Sat, 09 Jan 2021 11:25:53 GMT
content-type: text/html
content-length: 0
allow: DELETE, GET, HEAD, PATCH, POST, PUT, OPTIONS
cache-control: private, no-cache, must-revalidate, proxy-revalidate
accept-patch: application/yang-data+xml, application/yang-data+json
pragma: no-cache

 

 

Please mark this as helpful or solution accepted to help others
Connect with me https://bigevilbeard.github.io
0 Helpful

Go to solution
lowfell
Level 3
Level 3
In response to bigevilbeard

‎01-09-2021 11:52 AM - edited ‎01-10-2021 01:38 AM

Thanks for you help, it's greatly appreciated. however,I'm going to have a rant here. Cisco are encouraging people to learn this stuff and the devnet box isn't setup properly so I'm getting the wrong reply when i add the query. what's the point if the info you're giving us is wrong? apologies but i'm very frustrated!

 

 i'm a bit confused here. The box you pointed me to is 
sandbox-iosxe-latest-1.cisco.com 

the one mentioned in the excercisce on Cisco is https://devnetsandbox.cisco.com/RM/Diagram/Index/cae403c2-27af-4c7d-b1e1-99b7d42f1504?diagramType=Topology 

which has an ios of 16.9.3 and the instructions say You will need to reserve an instance of the sandbox, and establish a VPN connection to your individual Sandbox to complete this lab.

So this is what i've done, i've connected to the one with 16.9.3 via VPN.  (Why do you have two boxes with the same details?)

 

from the router i can see that restconf is enabled as far as i can see here is the router config

csr1000v-1#sho run
Building configuration...

Current configuration : 4209 bytes
!
! Last configuration change at 18:04:57 UTC Sat Jan 9 2021 by developer
!
version 16.9
service timestamps debug datetime msec
service timestamps log datetime msec
platform qfp utilization monitor load 80
no platform punt-keepalive disable-kernel-core
platform console virtual
!
hostname csr1000v-1
!
boot-start-marker
boot-end-marker
!
!
no logging console
enable secret 5 $1$20ue$uC.uSGo6nvfWs63EjjzRP.
!
no aaa new-model
!
!
!
!
!
!
!
ip domain name abc.inc
!
!
!
login on-success log
!
!
!
!
!
!
!
subscriber templating
!
!
!
!
!
multilink bundle-name authenticated
!
!
!
!
!
crypto pki trustpoint TP-self-signed-65385644
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-65385644
revocation-check none
rsakeypair TP-self-signed-65385644
!
!
crypto pki certificate chain TP-self-signed-65385644
certificate self-signed 01
3082032C 30820214 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
2F312D30 2B060355 04031324 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 36353338 35363434 301E170D 31393035 32323139 33383539
5A170D33 30303130 31303030 3030305A 302F312D 302B0603 55040313 24494F53
2D53656C 662D5369 676E6564 2D436572 74696669 63617465 2D363533 38353634
34308201 22300D06 092A8648 86F70D01 01010500 0382010F 00308201 0A028201
0100C96F D53A4C23 F96F71E2 BA91DAA3 C4546EAD 399F1B32 CA9BB364 C528FFFD
9F2A0CCE D5FD2756 6452B91B 2DCC328D 6951AEF3 BD25A687 62354EF7 0C68717E
94BF7B1E 320231A5 FFB9B765 A5616FD3 673709D5 7E89DB6D E6A14B85 E3FE2153
DFA8B852 BB37CCB4 4C523450 2A757DB5 8FB13133 0DE79EAE 579DDFE9 EA4B6C2A
CD8DC33E F69A0F45 020367D1 0C8451F1 AB9C0891 2A1AF1E5 2245E739 43CB1F48
03324EDF 7A647E25 86552D27 EEE5E05D EB01D886 4D00C47A B9B022AD AACA9E84
5D5627BD B0D6F2FC C5103F0E 808E5822 86B63301 C2B7B50C BBA6F3D1 471F2A53
B02E5DA1 DC1ECF46 116EAC77 160090AF 7AB23919 1896AA07 6893E638 8CE05F53
E5EB0203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 14A162A4 D3CD7E6B 7E775D4E CA02E2DA 5AEBC668 45301D06
03551D0E 04160414 A162A4D3 CD7E6B7E 775D4ECA 02E2DA5A EBC66845 300D0609
2A864886 F70D0101 05050003 82010100 8034A615 EED522BA 8A4D45D9 107A1C72
B622ECB6 26EB96AA AD26A14D 34FC54B6 93F03F5D F1C1F1DB C716B213 67342ADF
0E4F4313 00C19914 B8EAD89F D90FDCF7 943D9304 3E3158A7 2E7558D3 C90D9540
F8CDB4AE 9A266418 DA396402 6954BAA6 D49FB91B 5795EBD7 17C260BA AD2DCD40
6C86E58F 3D521061 A7ADC34D B1875BBA A5EC9877 57D65870 1134D226 EA884C43
CEA1F154 905F1872 E5FA575F 9C060B34 BA18FBB5 E03AB440 12D37659 B70A7C8A
9D32DD93 95BBE653 F39D1A30 2062C41C B3857FA5 9C6E2FAE 61E10F20 7B8994B9
DADCE497 38BD1450 8D1BF507 E9C0CD94 EFED9FA2 D888C58F 700A7182 1A2F12B2
32AF600E 7623C1E2 026B06FA EA75E800
quit
!
!
!
!
!
!
!
!
license udi pid CSR1000V sn 9CO9QHEWZEL
license boot level ax
no license smart enable
diagnostic bootup level minimal
!
spanning-tree extend system-id
!
netconf-yang
!
restconf
!
username developer privilege 15 secret 5 $1$apX9$osH3JUIsEok.XVu5bKG0D0
username cisco privilege 15 secret 5 $1$3PeY$CBmJ7lqSYLpLn6uImSoMD0
username root privilege 15 secret 5 $1$F2Ov$Ax5.47hkCDThKbWt1.M4U0
!
redundancy
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface GigabitEthernet1
description MANAGEMENT INTERFACE - DON'T TOUCH ME
ip address 10.10.20.48 255.255.255.0
negotiation auto
no mop enabled
no mop sysid
!
interface GigabitEthernet2
description Network Interface
no ip address
shutdown
negotiation auto
no mop enabled
no mop sysid
!
interface GigabitEthernet3
description Network Interface
no ip address
shutdown
negotiation auto
no mop enabled
no mop sysid
!
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip route 0.0.0.0 0.0.0.0 GigabitEthernet1 10.10.20.254
!
ip ssh rsa keypair-name ssh-key
ip ssh version 2
ip scp server enable
!
!
!
!
!
control-plane

csr1000v-1#show platform software yang-management process monitor
COMMAND PID S VSZ RSS %CPU %MEM ELAPSED
confd 24825 S 833180 138792 0.2 1.7 01:24:29
confd-startup.s 24612 S 19692 4388 0.0 0.0 01:24:30
dmiauthd 25649 S 282420 27360 0.0 0.3 01:24:27
ncsshd 25981 S 169304 10396 0.0 0.1 01:24:25
ncsshd_bp 25871 S 175024 10560 0.0 0.1 01:24:26
ndbmand 25430 S 599624 71432 0.0 0.8 01:24:27
nesd 25173 S 192704 14592 0.0 0.1 01:24:28
nginx 26230 S 338612 19700 0.0 0.2 01:24:15
nginx 26237 S 344668 17928 0.0 0.2 01:23:45
pubd 24381 S 657128 73504 0.0 0.9 01:24:31
syncfd 24943 S 193624 19212 0.0 0.2 01:24:29

c

 

I want ro run the correct request

0 Helpful

Go to solution
bigevilbeard
VIP
VIP
In response to lowfell

‎01-10-2021 09:08 AM - edited ‎01-10-2021 09:10 AM

@lowfell no need to apologise,  I under this can be frustrating when new to a subject and you are not getting the desired results in your very first try.

 

RESTCONF is not enabled by default in IOS-XE, as part of the structure, it might be a requirement to show users how to enable this. We have multiple sandbox's for image versions, availability, redundancy mostly. Sandbox comes in two flavours, `always-on` (which is an open and shared resource) and `reservable` and single-user use (which is the one you provided the link to from the course, these have private IP addresses as you are using the Any-Connect VPN). Sometimes when testing code I will not have a reservation and will test this on the Always-On, plus when testing code if I can I test against another device to see if the device is at fault.

 

We have an Always-On sandbox which is running the code train/version you mentioned. Can you test your code using this sandbox please and share the full code you are using? If we test your code on this always-on sandbox, we are using the same testbed and router. This is the link HERE - you will need to update your code to the following details per the sandbox instructions, please not the port is 9433, not the standard 443 as you had before.

 

CSR1000V Host: ios-xe-mgmt.cisco.com
RESTCONF Ports: 9443 (HTTPS)
Username: developer
Password: C1sco12345

 

It should look like this.

 

import requests
from pprint import pprint
router = {
    'ip': 'ios-xe-mgmt.cisco.com',
    'port': '9443',
    'user': 'developer',
    'pass': 'C1sco12345',
    }

headers = {'Accept': 'application/yang-data+json'}

u = 'https://{}:{}/restconf/data/interfaces/interface=GigabitEthernet1'

u = u.format(router['ip'], router['port'])

r = requests.get(u, headers=headers, auth=(router['user'], router['pass'
                 ]), verify=False)

pprint(r.text)

api_data = r.json()
interface_name = api_data['Cisco-IOS-XE-interfaces-oper:interface'
                          ]['name']
interface_name

Once you have run this code you should see the following outputs

 

>>> import requests
>>> from pprint import pprint
>>> router = {"ip": "ios-xe-mgmt.cisco.com",
...       "port": "9443",
...           "user": "developer",
...           "pass": "C1sco12345"}
>>> 
>>> headers = {"Accept": "application/yang-data+json"}
>>> 
>>> u = "https://{}:{}/restconf/data/interfaces/interface=GigabitEthernet1"
>>> 
>>> u = u.format(router["ip"], router["port"])
>>> r = requests.get(u,
...      headers = headers,
...      auth=(router["user"], router["pass"]),
...      verify=False)
/Users/stuaclar/venv/lib/python3.6/site-packages/urllib3/connectionpool.py:988: InsecureRequestWarning: Unverified HTTPS request is being made to host 'i
os-xe-mgmt.cisco.com'. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warning
s
  InsecureRequestWarning,
>>> pprint(r.text)
('{\n'
 '  "Cisco-IOS-XE-interfaces-oper:interface": {\n'
 '    "name": "GigabitEthernet1",\n'
 '    "interface-type": "iana-iftype-ethernet-csmacd",\n'
 '    "admin-status": "if-state-up",\n'
 '    "oper-status": "if-oper-state-ready",\n'
 '    "last-change": "2021-01-09T21:02:39.000215+00:00",\n'
 '    "if-index": 1,\n'
 '    "phys-address": "00:50:56:bb:e1:4e",\n'
 '    "speed": "1024000000",\n'
 '    "statistics": {\n'
 '      "discontinuity-time": "2021-01-09T21:00:56.000028+00:00",\n'
 '      "in-octets": "1881792136",\n'
 '      "in-unicast-pkts": "6804538",\n'
 '      "in-broadcast-pkts": "0",\n'
 '      "in-multicast-pkts": "0",\n'
 '      "in-discards": 0,\n'
 '      "in-errors": 0,\n'
 '      "in-unknown-protos": 0,\n'
 '      "out-octets": 596296373,\n'
 '      "out-unicast-pkts": "1526270",\n'
 '      "out-broadcast-pkts": "0",\n'
 '      "out-multicast-pkts": "0",\n'
 '      "out-discards": "0",\n'
 '      "out-errors": "0",\n'
 '      "rx-pps": "100",\n'
 '      "rx-kbps": "226",\n'
 '      "tx-pps": "16",\n'
 '      "tx-kbps": "62",\n'
 '      "num-flaps": "0",\n'
 '      "in-crc-errors": "0"\n'
 '    },\n'
 '    "vrf": "",\n'
 '    "ipv4": "10.10.20.48",\n'
 '    "ipv4-subnet-mask": "255.255.255.0",\n'
 '    "description": "MANAGEMENT INTERFACE - DON\'T TOUCH ME",\n'
 '    "mtu": 1500,\n'
 '    "input-security-acl": "",\n'
 '    "output-security-acl": "",\n'
 '    "v4-protocol-stats": {\n'
 '      "in-pkts": "1192652",\n'
 '      "in-octets": "114321235",\n'
 '      "in-error-pkts": "0",\n'
 '      "in-forwarded-pkts": "0",\n'
 '      "in-forwarded-octets": "0",\n'
 '      "in-discarded-pkts": "0",\n'
 '      "out-pkts": "1523847",\n'
 '      "out-octets": "596224196",\n'
 '      "out-error-pkts": "0",\n'
 '      "out-forwarded-pkts": "1523847",\n'
 '      "out-forwarded-octets": "0",\n'
 '      "out-discarded-pkts": "0"\n'
 '    },\n'
 '    "v6-protocol-stats": {\n'
 '      "in-pkts": "0",\n'
 '      "in-octets": "0",\n'
 '      "in-error-pkts": "0",\n'
 '      "in-forwarded-pkts": "0",\n'
 '      "in-forwarded-octets": "0",\n'
 '      "in-discarded-pkts": "0",\n'
 '      "out-pkts": "0",\n'
 '      "out-octets": "0",\n'
 '      "out-error-pkts": "0",\n'
 '      "out-forwarded-pkts": "0",\n'
 '      "out-forwarded-octets": "0",\n'
 '      "out-discarded-pkts": "0"\n'
 '    },\n'
 '    "bia-address": "00:50:56:bb:e1:4e",\n'
 '    "ipv4-tcp-adjust-mss": 0,\n'
 '    "ipv6-tcp-adjust-mss": 0,\n'
 '    "ether-state": {\n'
 '      "negotiated-duplex-mode": "unknown-duplex",\n'
 '      "negotiated-port-speed": "speed-unknown",\n'
 '      "auto-negotiate": true,\n'
 '      "enable-flow-control": false\n'
 '    },\n'
 '    "ether-stats": {\n'
 '      "in-mac-control-frames": "0",\n'
 '      "in-mac-pause-frames": "0",\n'
 '      "in-oversize-frames": "0",\n'
 '      "in-jabber-frames": "0",\n'
 '      "in-fragment-frames": "0",\n'
 '      "in-8021q-frames": "0",\n'
 '      "out-mac-control-frames": "0",\n'
 '      "out-mac-pause-frames": "0",\n'
 '      "out-8021q-frames": "0"\n'
 '    }\n'
 '  }\n'
 '}\n')
>>>
>>>
>>>
>>>
>>> api_data = r.json()
>>> interface_name = api_data["Cisco-IOS-XE-interfaces-oper:interface"]["name"]
>>> interface_name
'GigabitEthernet1'

Please try this code and sandbox and let me know your results.

Please mark this as helpful or solution accepted to help others
Connect with me https://bigevilbeard.github.io

Go to solution
lowfell
Level 3
Level 3
In response to bigevilbeard

‎01-11-2021 02:40 AM

Thanks  for taking the time to explaining this. It does actually say on the message of MOTD banner that NETCONF & RESTCONF are enabled!

 

If you look at the usernames configured "root" is a priv 15 user so they were the credentials i used as instructed in the course.In the end i got this to work using twas actually to do with the SSH credentials specified in the sandbox instructions not the course instructions.

 

So in the end I used "Developer" and "C1sco12345" user in my query it actually worked and i go the result i wanted.

 

 I've actually learned more from it NOT working than it  working first time.

 

Apologies again and thanks for your time and patiences.
 

 

0 Helpful

Go to solution
omz
VIP Alumni
VIP Alumni
In response to lowfell

‎01-11-2021 12:26 AM

Totally understand your frustration ...  

but ... Cisco is giving all this stuff for free .. all it needs is your precious time. Sometimes there can be typos/mistakes in the material or occasionally a sandbox may not respond as expected.. but the issues are fixed very quickly.

Cisco has this awesome community and Devnet Webex Teams channel ... you can report mistakes/issues and ask questions .. it's very helpful.

You can see a Cisco employee ( bigevilbeard ) responding and trying to help .. at 0 cost to you. I have not seen anything close with other vendors.

Apologies ... I had to rant .. coz I love Cisco DevNet an Sandbox too much

 

again please report typos/mistakes or if something is confusing so it can be fixed for others .. and good luck with your studies

Go to solution
lowfell
Level 3
Level 3
In response to omz

‎01-11-2021 02:21 AM

Agreed totally.  In hindsight i was hasty with my response apologies again for that. 

I've worked out where it went wrong and I've actually learned more from it NOT working than it  working first time.. 

0 Helpful

Go to solution
bigevilbeard
VIP
VIP
In response to lowfell

‎01-11-2021 06:47 AM

Interesting, nice catch on the username/password. 

 

(venv) STUACLAR-M-R6EU:~ stuaclar$ curl -i -k -X "OPTIONS" "https://sandbox-iosxe-latest-1.cisco.com:443/restconf/data/Cisco-IOS-XE-native:native/logging/monitor/severity" \
> -H 'Accept: application/yang-data+json' \
> -u 'developer:C1sco12345'
HTTP/2 200 
server: nginx/1.13.12
date: Mon, 11 Jan 2021 14:13:01 GMT
content-type: text/html
content-length: 0
allow: DELETE, GET, HEAD, PATCH, POST, PUT, OPTIONS
cache-control: private, no-cache, must-revalidate, proxy-revalidate
accept-patch: application/yang-data+xml, application/yang-data+json
pragma: no-cache

Update the password to be incorrect and the same issue as you saw

 

(venv) STUACLAR-M-R6EU:~ stuaclar$ curl -i -k -X "OPTIONS" "https://sandbox-iosxe-latest-1.cisco.com:443/restconf/data/Cisco-IOS-XE-native:native/logging/monitor/severity" \
> -H 'Accept: application/yang-data+json' \
> -u 'developer:C1sco1234'
HTTP/2 401 
server: nginx/1.13.12
date: Mon, 11 Jan 2021 14:13:20 GMT
content-type: application/yang-data+json
www-authenticate: Basic realm="restconf"
vary: Accept-Encoding

{
  "errors": {
    "error": [
      {
        "error-tag": "access-denied",
        "error-type": "protocol"
      }
    ]
  }
}

If you disable RESTCONF on the device

 

(venv) STUACLAR-M-R6EU:~ stuaclar$ curl -i -k -X "OPTIONS" "https://sandbox-iosxe-latest-1.cisco.com:443/restconf/data/Cisco-IOS-XE-native:native/logging/monitor/severity" \
> -H 'Accept: application/yang-data+json' \
> -u 'developer:C1sco12345'
HTTP/2 404 
server: nginx/1.13.12
date: Mon, 11 Jan 2021 14:43:13 GMT
accept-ranges: none
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=7884000

404 Not Found

Nice fun to play with!

 

Please mark this as helpful or solution accepted to help others
Connect with me https://bigevilbeard.github.io
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents