06-02-2022 02:27 AM
Hey,
I'm using the ERS API on my ISE 2.4.0.357. Using GET requests work properly, but every post request I've tried in the trustsec calls returns a 403 Error:
ers/config/sgt
ers/config/sgacl
ers/config/egressmatrixcell
I've tried using POST on other parts of the API and it works:
ers/config/identitygroup
ers/config/networkdevice
The user I'm using has ERS admin permissions. I think these calls used to work a few months ago when I tried them but it doesn't work anymore.
Do you know what might be the reason for it? What troubleshoot actions can I take?
Thank you in advance,
Dolev
Solved! Go to Solution.
06-02-2022 04:01 PM
You might be hitting this bug - https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvu30286
If you're not running the latest patch (patch 14; likely the last patch for 2.4 due to the End of Software Maintenance lifecycle stage), try updating.
If that does not resolve the issue, you'll likely need to enable the debugs and look at the logs as per Troubleshoot and Enable Debugs on ISE.
06-02-2022 04:01 PM
You might be hitting this bug - https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvu30286
If you're not running the latest patch (patch 14; likely the last patch for 2.4 due to the End of Software Maintenance lifecycle stage), try updating.
If that does not resolve the issue, you'll likely need to enable the debugs and look at the logs as per Troubleshoot and Enable Debugs on ISE.
06-06-2022 12:13 AM
Thanks!
I changed my Trustsec configuration from multiple matrices to a single matrix and it solved the issue.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide