cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Welcome to Firewalls

444
Views
5
Helpful
7
Replies
Beginner

Cisco ASA REST-API INTERNAL-SERVER-ERROR (All REST-API 1.3.2 versions) (ASA 9.8.x & 9.7.x) Context and no Context

I have been trying to do something with REST-API on Cisco ASA for more then a year, but for some reason I am only able to get the response 500 INTERNAL-SERVER-ERROR.

 

This is on Multi-Context system as well as an Single Context.

 

Config is done as written in the documentation of the ASA REST-API client.

 

Am I missing something?? Or is this a bug, that doesn't get fixed??

 

Attached debug logs doesn't tell me anything is realy wrong but a crash of Java.

 

Don't tell me to create a TAC case. So far Cisco TAC hasn't been very helpful for the cases I opened, still need to create a TAC case for a cisco VPN bug that is still there which nobody notices apparently.

Everyone's tags (1)
7 REPLIES
Advisor

Re: Cisco ASA REST-API INTERNAL-SERVER-ERROR (All REST-API 1.3.2 versions) (ASA 9.8.x & 9.7.x) Context and no Context

Are you seeing these java errors when you browse to the API [https://asa-managment-ip/api] ?

Beginner

Re: Cisco ASA REST-API INTERNAL-SERVER-ERROR (All REST-API 1.3.2 versions) (ASA 9.8.x & 9.7.x) Context and no Context

{"commonMessages":[{"level":"Error","code":"METHOD-NOT-ALLOWED"}],"entryMessages":[]}

 

No 500 error when directly going to /api

 

 

[ra agent event]: 2018-08-16 13:25:21,307 DEBUG [startup] Enter Filter.beforeHandle() for uri:http://192.168.0.1/api

[ra agent event]: 2018-08-16 13:25:21,308 DEBUG [startup] The request URI, canonicalized URI, URLDecoded URI respectively are:http://192.168.0.1/api, http://192.168.0.1/api, http://192.168.0.1/api

[ra agent event]: 2018-08-16 13:25:21,309 DEBUG [startup] Exit Filter.beforeHandle() with CONTINUE status for uri:http://192.168.0.1/api

[ra agent event]: 2018-08-16 13:25:21,329 DEBUG [bulk] Inside RestletObject postData :  {"commonMessages":[{"level":"Error","code":"METHOD-NOT-ALLOWED"}],"entryMessages":[]}

Highlighted
Advisor

Re: Cisco ASA REST-API INTERNAL-SERVER-ERROR (All REST-API 1.3.2 versions) (ASA 9.8.x & 9.7.x) Context and no Context

In what application are you getting the Java errors?
Beginner

Re: Cisco ASA REST-API INTERNAL-SERVER-ERROR (All REST-API 1.3.2 versions) (ASA 9.8.x & 9.7.x) Context and no Context

Direct URL

RESTCLient firefox add-on

https://firewall ip/doc/

 

Doesn't matter which restapi url I use always internal-server-error.

 

So if somebody gives me working samples (URL/Python) to try please do so, because everything I try doens't work.

Beginner

Re: Cisco ASA REST-API INTERNAL-SERVER-ERROR (All REST-API 1.3.2 versions) (ASA 9.8.x & 9.7.x) Context and no Context

Do you have AAA running on the ASA? I'm seeing the same behavior you are and this was the response from Cisco because we use Command Authorization:

Command Authorization

If command authorization is configured to use an external AAA server (for example, aaa authorization command < TACACS+_server >), then a user named enable_1 must exist on that server with full command privileges.

 

From: https://www.cisco.com/c/en/us/td/docs/security/asa/api/qsg-asa-api.html#pgfId-61953

Beginner

Re: Cisco ASA REST-API INTERNAL-SERVER-ERROR (All REST-API 1.3.2 versions) (ASA 9.8.x & 9.7.x) Context and no Context

Do you have to use the management port for this to work?  We utilize the management port for FirePower services module so we are wanting to use the inside interface.  I did see an authorization failure for an "enable_1" and i've created the user (in ISE) but when i try to do the GET to https://(inside interface ip)/api/objects/networkobjects I still get the 500 error and I don't see any authorization attempts from Enable_1.

 

 

 

FW# [ra client event]: rest_agent_connect: Opening TCP socket to REST API Agent succeeded.
[ra client event]: rest_agent_connect: Connecting to TCP socket succeeded.
[ra client event]: rest_agent_buf_push_and_receive: socks_proxy_csocket_send succeeded.
[ra client event]: send_response_to_rest_client: Received response message of length 322 from REST Agent.
[ra client event]: rest_agent_buf_push_and_receive: Received the entire HTTP response of length 322 - closing the connection with REST API Agent.
[ra daemon event]: AG daemon received message of length 129
[ra daemon event]: Reading 129 bytes from socket
[ra daemon event]: Received message of length 129
[ra daemon event]: Executing message type 0x1
[ra agent event]: 2018-12-03 17:22:58,689 DEBUG [startup] Enter Filter.beforeHandle() for uri:http://X.X.X.X/api/objects/networkobjects

[ra daemon event]: Executed message type 0x1
[ra daemon event]: Rest Daemon socket notified to read!
[ra daemon event]: AG daemon received message of length 257
[ra daemon event]: Reading 257 bytes from socket
[ra daemon event]: Received message of length 257
[ra daemon event]: Executing message type 0x1
[ra agent event]: 2018-12-03 17:22:58,690 DEBUG [startup] The request URI, canonicalized URI, URLDecoded URI respectively are:http://X.X.X.X/api/objects/networkobjects, http://X.X.X.X/api/objects/networkobjects, http://X.X.X.X/api/objects/networkobjects

[ra daemon event]: Executed message type 0x1
[ra daemon event]: Rest Daemon socket notified to read!
[ra daemon event]: AG daemon received message of length 149
[ra daemon event]: Reading 149 bytes from socket
[ra daemon event]: Received message of length 149
[ra daemon event]: Executing message type 0x1
[ra agent event]: 2018-12-03 17:22:58,690 DEBUG [startup] Exit Filter.beforeHandle() with CONTINUE status for uri:http://X.X.X.X/api/objects/networkobjects

[ra daemon event]: Executed message type 0x1
[ra daemon event]: Rest Daemon socket notified to read!
[ra daemon event]: AG daemon received message of length 55
[ra daemon event]: Reading 55 bytes from socket
[ra daemon event]: Received message of length 55
[ra daemon event]: Executing message type 0x1
[ra agent event]: 2018-12-03 17:22:58,691 DEBUG [base] Enter m GET

[ra daemon event]: Executed message type 0x1
[ra daemon event]: Rest Daemon socket notified to read!
[ra daemon event]: AG daemon received message of length 105
[ra daemon event]: Reading 105 bytes from socket
[ra daemon event]: Received message of length 105
[ra daemon event]: Executing message type 0x1
[ra agent event]: 2018-12-03 17:22:58,691 DEBUG [base] Total memory: 121344, free memory: 83351, used memory: 37993

[ra daemon event]: Executed message type 0x1
[ra daemon event]: Rest Daemon socket notified to read!
[ra daemon event]: AG daemon received message of length 92
[ra daemon event]: Reading 92 bytes from socket
[ra daemon event]: Received message of length 92
[ra daemon event]: Executing message type 0x1
[ra agent event]: 2018-12-03 17:22:58,691 DEBUG [base] Inside RestUtil : attrName & val level1Id & null

[ra daemon event]: Executed message type 0x1
[ra daemon event]: Rest Daemon socket notified to read!
[ra daemon event]: AG daemon received message of length 92
[ra daemon event]: Reading 92 bytes from socket
[ra daemon event]: Received message of length 92
[ra daemon event]: Executing message type 0x1
[ra agent event]: 2018-12-03 17:22:58,692 DEBUG [base] Inside RestUtil : attrName & val objectId & null

[ra daemon event]: Executed message type 0x1
[ra daemon event]: Rest Daemon socket notified to read!
[ra daemon event]: AG daemon received message of length 3889
[ra daemon event]: Reading 3889 bytes from socket
[ra daemon event]: Received message of length 3889
[ra daemon event]: Executing message type 0x1
[ra agent error]: 2018-12-03 17:22:58,692 ERROR [base]
Stack trace:
at com.cisco.pdm.rest.c.i.y.h(ServerResourceUtil.java:94)
at com.cisco.pdm.rest.c.i.db.jc(RestletObjectResource.java:253)
at com.cisco.pdm.rest.c.i.db.c(RestletObjectResource.java:121)
at sun.reflect.GeneratedMethodAccessor3.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at org.restlet.resource.ServerResource.doHandle(ServerResource.java:524)
at org.restlet.resource.ServerResource.get(ServerResource.java:743)
at org.restlet.resource.ServerResource.doHandle(ServerResource.java:618)
at org.restlet.resource.ServerResource.doNegotiatedHandle(ServerResource.java:679)
at org.restlet.resource.ServerResource.doConditionalHandle(ServerResource.java:357)
at org.restlet.resource.ServerResource.handle(ServerResource.java:1014)
at org.restlet.resource.Finder.handle(Finder.java:246)
at org.restlet.routing.Filter.doHandle(Filter.java:159)
at org.restlet.routing.Filter.handle(Filter.java:206)
at org.restlet.routing.Router.doHandle(Router.java:431)
at org.restlet.routing.Router.handle(Router.java:648)
at org.restlet.routing.Filter.doHandle(Filter.java:159)
at org.restlet.routing.Filter.handle(Filter.java:206)
at org.restlet.routing.Filter.doHandle(Filter.java:159)
at org.restlet.routing.Filter.handle(Filter.java:206)
at org.restlet.routing.Filter.doHandle(Filter.java:159)
at org.restlet.routing.Filter.handle(Filter.java:206)
at org.restlet.routing.Filter.doHandle(Filter.java:159)
at org.restlet.engine.application.StatusFilter.doHandle(StatusFilter.java:155)
at org.restlet.routing.Filter.handle(Filter.java:206)
at org.restlet.routing.Filter.doHandle(Filter.java:159)
at org.restlet.routing.Filter.handle(Filter.java:206)
at org.restlet.engine.CompositeHelper.handle(CompositeHelper.java:211)
at org.restlet.engine.application.ApplicationHelper.handle(ApplicationHelper.java:84)
at org.restlet.Application.handle(Application.java:384)
at org.restlet.routing.Filter.doHandle(Filter.java:159)
at org.restlet.routing.Filter.handle(Filter.java:206)
at org.restlet.routing.Router.doHandle(Router.java:431)
at org.restlet.routing.Router.handle(Router.java:648)
at org.restlet.routing.Filter.doHandle(Filter.java:159)
at org.restlet.routing.Filter.handle(Filter.java:206)
at org.restlet.routing.Router.doHandle(Router.java:431)
at org.restlet.routing.Router.handle(Router.java:648)
at org.restlet.routing.Filter.doHandle(Filter.java:159)
at org.restlet.engine.application.StatusFilter.doHandle(StatusFilter.java:155)
at org.restlet.routing.Filter.handle(Filter.java:206)
at org.restlet.routing.Filter.doHandle(Filter.java:159)
at org.restlet.routing.Filter.handle(Filter.java:206)
at org.restlet.engine.CompositeHelper.handle(CompositeHelper.java:211)
at org.restlet.Component.handle(Component.java:406)
at org.restlet.Server.handle(Server.java:516)
at org.restlet.engine.connector.ServerHelper.handle(ServerHelper.java:72)
at org.restlet.engine.adapter.HttpServerHelper.handle(HttpServerHelper.java:152)
at org.restlet.engine.connector.HttpServerHelper$1.handle(HttpServerHelper.java:73)
at com.sun.net.httpserver.Filter$Chain.doFilter(Filter.java:77)
at sun.net.httpserver.AuthFilter.doFilter(AuthFilter.java:83)
at com.sun.net.httpserver.Filter$Chain.doFilter(Filter.java:80)
at sun.net.httpserver.ServerImpl$Exchange$LinkHandler.handle(ServerImpl.java:677)
at com.sun.net.httpserver.Filter$Chain.doFilter(Filter.java:77)
at sun.net.httpserver.ServerImpl$Exchange.run(ServerImpl.java:649)
at sun.net.httpserver.ServerImpl$DefaultExecutor.execute(ServerImpl.java:158)
at sun.net.httpserver.ServerImpl$Dispatcher.handle(ServerImpl.java:433)
at sun.net.httpserver.ServerImpl$Dispatcher.run(ServerImpl.java:398)
at java.lang.Thread.run(Thread.java:745)

[ra daemon event]: Executed message type 0x1
[ra daemon event]: Rest Daemon socket notified to read!
[ra daemon event]: AG daemon received message of length 124
[ra daemon event]: Reading 124 bytes from socket
[ra daemon event]: Received message of length 124
[ra daemon event]: Executing message type 0x1
[ra agent event]: 2018-12-03 17:22:58,693 DEBUG [base] Inside RestletObject RawJson Serialization : com.cisco.pdm.rest.c.i.ib@4e9365a9

[ra daemon event]: Executed message type 0x1
[ra daemon event]: Rest Daemon socket notified to read!
[ra daemon event]: AG daemon received message of length 140
[ra daemon event]: Reading 140 bytes from socket
[ra daemon event]: Received message of length 140
[ra daemon event]: Executing message type 0x1
[ra agent event]: 2018-12-03 17:22:58,693 DEBUG [base] Inside RestletObject postData : {"messages":[{"level":"Error","code":"INTERNAL-SERVER-ERROR"}]}

[ra daemon event]: Executed message type 0x1
[ra daemon event]: Rest Daemon socket notified to read!
[ra daemon event]: AG daemon received message of length 75
[ra daemon event]: Reading 75 bytes from socket
[ra daemon event]: Received message of length 75
[ra daemon event]: Executing message type 0x1
[ra agent event]: 2018-12-03 17:22:58,693 DEBUG [base] Exit m GET with status code 500

[ra daemon event]: Executed message type 0x1
[ra daemon event]: Rest Daemon socket notified to read!
[ra daemon event]: AG daemon received message of length 105
[ra daemon event]: Reading 105 bytes from socket
[ra daemon event]: Received message of length 105
[ra daemon event]: Executing message type 0x1
[ra agent event]: 2018-12-03 17:22:58,693 DEBUG [base] Total memory: 121344, free memory: 83022, used memory: 38322

[ra daemon event]: Executed message type 0x1
[ra daemon event]: Rest Daemon socket notified to read!
[ra daemon event]: AG daemon received message of length 87
[ra daemon event]: Reading 87 bytes from socket
[ra daemon event]: Received message of length 87
[ra daemon event]: Executing message type 0x1
[ra agent event]: 2018-12-03 17:22:58,693 DEBUG [base] The time taken for req processing in msec:2

[ra daemon event]: Executed message type 0x1
[ra daemon event]: Rest Daemon socket notified to read!

Beginner

Re: Cisco ASA REST-API INTERNAL-SERVER-ERROR (All REST-API 1.3.2 versions) (ASA 9.8.x & 9.7.x) Context and no Context

Update - I had to stop the rest-api agent and then re-enable it and then it started working!
CreatePlease to create content
Content for Community-Ad

Blog-Cisco Community Designated VIP Class of 2019