Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2728
Views
0
Helpful
1
Replies

RESTCONF 401 Authentication Needed

Go to solution
nonamer15
Level 1
Level 1

‎03-13-2018 06:59 PM - edited ‎03-01-2019 06:27 PM

I have a Cisco ASR1009-X running IOS XE 16.6.2. I'm trying to get RESTCONF working, but having some issues.

 

If I try a curl request, I get a '401 authentication needed' error. In my curl request, I'm specifying the username & password, but I'm assuming this is only for the HTTPS server.

 

curl --user user:pass -v -H "Accept:application/yang-data+json" -H "Content-Type: application/yang-data+json" -X GET "https://host/restconf/data/openconfig-interfaces:interfaces/%22interface=GigabitEthernet0%22" -i

 

Similarly, if I try and go directly to the URL above in a browser, I get a login prompt. I try the credentials I've specified above, but they don't work. I'm guessing there's some other user I need to configure or settings in order to get this to work, but I'm not sure what.

 

For the HTTPS server, I'm using local authentication. I've got no issue logging into the this via a browser. I just can't seem to get a RESTCONF request to work.

 

Thanks.

 

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
nonamer15
Level 1
Level 1

‎05-20-2018 12:37 PM - edited ‎05-20-2018 12:38 PM

I believe the issue here was that I had 'aaa new-model' configured in my configuration. Once I changed it to 'no aaa new-model', I was able to make API calls with RESTCONF.

 

If you're using a local account, here's the only configuration commands that are needed to get this working:

no aaa new-model
username admin privilege 15 password 0 admin
ip http secure-server

 

What I find strange is I did not even have AAA authentication configured and working on this device. So I'd assume even with 'aaa new-model' configured, it wouldn't attempt to try AAA authentication as I've got no servers configured. Maybe if I debugged it I would see messages stating no servers are configured and that's why it's failing. Not sure.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
nonamer15
Level 1
Level 1

‎05-20-2018 12:37 PM - edited ‎05-20-2018 12:38 PM

I believe the issue here was that I had 'aaa new-model' configured in my configuration. Once I changed it to 'no aaa new-model', I was able to make API calls with RESTCONF.

 

If you're using a local account, here's the only configuration commands that are needed to get this working:

no aaa new-model
username admin privilege 15 password 0 admin
ip http secure-server

 

What I find strange is I did not even have AAA authentication configured and working on this device. So I'd assume even with 'aaa new-model' configured, it wouldn't attempt to try AAA authentication as I've got no servers configured. Maybe if I debugged it I would see messages stating no servers are configured and that's why it's failing. Not sure.

0 Helpful
Customers Also Viewed These Support Documents