08-14-2018 07:57 AM - edited 02-21-2020 08:06 AM
I have been trying to do something with REST-API on Cisco ASA for more then a year, but for some reason I am only able to get the response 500 INTERNAL-SERVER-ERROR.
This is on Multi-Context system as well as an Single Context.
Config is done as written in the documentation of the ASA REST-API client.
Am I missing something?? Or is this a bug, that doesn't get fixed??
Attached debug logs doesn't tell me anything is realy wrong but a crash of Java.
Don't tell me to create a TAC case. So far Cisco TAC hasn't been very helpful for the cases I opened, still need to create a TAC case for a cisco VPN bug that is still there which nobody notices apparently.
08-14-2018 09:58 AM
Are you seeing these java errors when you browse to the API [https://asa-managment-ip/api] ?
08-16-2018 06:18 AM - edited 08-16-2018 06:22 AM
{"commonMessages":[{"level":"Error","code":"METHOD-NOT-ALLOWED"}],"entryMessages":[]}
No 500 error when directly going to /api
[ra agent event]: 2018-08-16 13:25:21,307 DEBUG [startup] Enter Filter.beforeHandle() for uri:http://192.168.0.1/api
[ra agent event]: 2018-08-16 13:25:21,308 DEBUG [startup] The request URI, canonicalized URI, URLDecoded URI respectively are:http://192.168.0.1/api, http://192.168.0.1/api, http://192.168.0.1/api
[ra agent event]: 2018-08-16 13:25:21,309 DEBUG [startup] Exit Filter.beforeHandle() with CONTINUE status for uri:http://192.168.0.1/api
[ra agent event]: 2018-08-16 13:25:21,329 DEBUG [bulk] Inside RestletObject postData : {"commonMessages":[{"level":"Error","code":"METHOD-NOT-ALLOWED"}],"entryMessages":[]}
08-20-2018 02:47 PM
08-24-2018 06:47 AM
Direct URL
RESTCLient firefox add-on
https://firewall ip/doc/
Doesn't matter which restapi url I use always internal-server-error.
So if somebody gives me working samples (URL/Python) to try please do so, because everything I try doens't work.
10-03-2018 10:18 AM
Do you have AAA running on the ASA? I'm seeing the same behavior you are and this was the response from Cisco because we use Command Authorization:
If command authorization is configured to use an external AAA server (for example, aaa authorization command <
TACACS+_server >
), then a user named enable_1 must exist on that server with full command privileges.
From: https://www.cisco.com/c/en/us/td/docs/security/asa/api/qsg-asa-api.html#pgfId-61953
12-03-2018 09:24 AM - edited 12-03-2018 09:25 AM
Do you have to use the management port for this to work? We utilize the management port for FirePower services module so we are wanting to use the inside interface. I did see an authorization failure for an "enable_1" and i've created the user (in ISE) but when i try to do the GET to https://(inside interface ip)/api/objects/networkobjects I still get the 500 error and I don't see any authorization attempts from Enable_1.
FW# [ra client event]: rest_agent_connect: Opening TCP socket to REST API Agent succeeded.
[ra client event]: rest_agent_connect: Connecting to TCP socket succeeded.
[ra client event]: rest_agent_buf_push_and_receive: socks_proxy_csocket_send succeeded.
[ra client event]: send_response_to_rest_client: Received response message of length 322 from REST Agent.
[ra client event]: rest_agent_buf_push_and_receive: Received the entire HTTP response of length 322 - closing the connection with REST API Agent.
[ra daemon event]: AG daemon received message of length 129
[ra daemon event]: Reading 129 bytes from socket
[ra daemon event]: Received message of length 129
[ra daemon event]: Executing message type 0x1
[ra agent event]: 2018-12-03 17:22:58,689 DEBUG [startup] Enter Filter.beforeHandle() for uri:http://X.X.X.X/api/objects/networkobjects
[ra daemon event]: Executed message type 0x1
[ra daemon event]: Rest Daemon socket notified to read!
[ra daemon event]: AG daemon received message of length 257
[ra daemon event]: Reading 257 bytes from socket
[ra daemon event]: Received message of length 257
[ra daemon event]: Executing message type 0x1
[ra agent event]: 2018-12-03 17:22:58,690 DEBUG [startup] The request URI, canonicalized URI, URLDecoded URI respectively are:http://X.X.X.X/api/objects/networkobjects, http://X.X.X.X/api/objects/networkobjects, http://X.X.X.X/api/objects/networkobjects
[ra daemon event]: Executed message type 0x1
[ra daemon event]: Rest Daemon socket notified to read!
[ra daemon event]: AG daemon received message of length 149
[ra daemon event]: Reading 149 bytes from socket
[ra daemon event]: Received message of length 149
[ra daemon event]: Executing message type 0x1
[ra agent event]: 2018-12-03 17:22:58,690 DEBUG [startup] Exit Filter.beforeHandle() with CONTINUE status for uri:http://X.X.X.X/api/objects/networkobjects
[ra daemon event]: Executed message type 0x1
[ra daemon event]: Rest Daemon socket notified to read!
[ra daemon event]: AG daemon received message of length 55
[ra daemon event]: Reading 55 bytes from socket
[ra daemon event]: Received message of length 55
[ra daemon event]: Executing message type 0x1
[ra agent event]: 2018-12-03 17:22:58,691 DEBUG [base] Enter m GET
[ra daemon event]: Executed message type 0x1
[ra daemon event]: Rest Daemon socket notified to read!
[ra daemon event]: AG daemon received message of length 105
[ra daemon event]: Reading 105 bytes from socket
[ra daemon event]: Received message of length 105
[ra daemon event]: Executing message type 0x1
[ra agent event]: 2018-12-03 17:22:58,691 DEBUG [base] Total memory: 121344, free memory: 83351, used memory: 37993
[ra daemon event]: Executed message type 0x1
[ra daemon event]: Rest Daemon socket notified to read!
[ra daemon event]: AG daemon received message of length 92
[ra daemon event]: Reading 92 bytes from socket
[ra daemon event]: Received message of length 92
[ra daemon event]: Executing message type 0x1
[ra agent event]: 2018-12-03 17:22:58,691 DEBUG [base] Inside RestUtil : attrName & val level1Id & null
[ra daemon event]: Executed message type 0x1
[ra daemon event]: Rest Daemon socket notified to read!
[ra daemon event]: AG daemon received message of length 92
[ra daemon event]: Reading 92 bytes from socket
[ra daemon event]: Received message of length 92
[ra daemon event]: Executing message type 0x1
[ra agent event]: 2018-12-03 17:22:58,692 DEBUG [base] Inside RestUtil : attrName & val objectId & null
[ra daemon event]: Executed message type 0x1
[ra daemon event]: Rest Daemon socket notified to read!
[ra daemon event]: AG daemon received message of length 3889
[ra daemon event]: Reading 3889 bytes from socket
[ra daemon event]: Received message of length 3889
[ra daemon event]: Executing message type 0x1
[ra agent error]: 2018-12-03 17:22:58,692 ERROR [base]
Stack trace:
at com.cisco.pdm.rest.c.i.y.h(ServerResourceUtil.java:94)
at com.cisco.pdm.rest.c.i.db.jc(RestletObjectResource.java:253)
at com.cisco.pdm.rest.c.i.db.c(RestletObjectResource.java:121)
at sun.reflect.GeneratedMethodAccessor3.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at org.restlet.resource.ServerResource.doHandle(ServerResource.java:524)
at org.restlet.resource.ServerResource.get(ServerResource.java:743)
at org.restlet.resource.ServerResource.doHandle(ServerResource.java:618)
at org.restlet.resource.ServerResource.doNegotiatedHandle(ServerResource.java:679)
at org.restlet.resource.ServerResource.doConditionalHandle(ServerResource.java:357)
at org.restlet.resource.ServerResource.handle(ServerResource.java:1014)
at org.restlet.resource.Finder.handle(Finder.java:246)
at org.restlet.routing.Filter.doHandle(Filter.java:159)
at org.restlet.routing.Filter.handle(Filter.java:206)
at org.restlet.routing.Router.doHandle(Router.java:431)
at org.restlet.routing.Router.handle(Router.java:648)
at org.restlet.routing.Filter.doHandle(Filter.java:159)
at org.restlet.routing.Filter.handle(Filter.java:206)
at org.restlet.routing.Filter.doHandle(Filter.java:159)
at org.restlet.routing.Filter.handle(Filter.java:206)
at org.restlet.routing.Filter.doHandle(Filter.java:159)
at org.restlet.routing.Filter.handle(Filter.java:206)
at org.restlet.routing.Filter.doHandle(Filter.java:159)
at org.restlet.engine.application.StatusFilter.doHandle(StatusFilter.java:155)
at org.restlet.routing.Filter.handle(Filter.java:206)
at org.restlet.routing.Filter.doHandle(Filter.java:159)
at org.restlet.routing.Filter.handle(Filter.java:206)
at org.restlet.engine.CompositeHelper.handle(CompositeHelper.java:211)
at org.restlet.engine.application.ApplicationHelper.handle(ApplicationHelper.java:84)
at org.restlet.Application.handle(Application.java:384)
at org.restlet.routing.Filter.doHandle(Filter.java:159)
at org.restlet.routing.Filter.handle(Filter.java:206)
at org.restlet.routing.Router.doHandle(Router.java:431)
at org.restlet.routing.Router.handle(Router.java:648)
at org.restlet.routing.Filter.doHandle(Filter.java:159)
at org.restlet.routing.Filter.handle(Filter.java:206)
at org.restlet.routing.Router.doHandle(Router.java:431)
at org.restlet.routing.Router.handle(Router.java:648)
at org.restlet.routing.Filter.doHandle(Filter.java:159)
at org.restlet.engine.application.StatusFilter.doHandle(StatusFilter.java:155)
at org.restlet.routing.Filter.handle(Filter.java:206)
at org.restlet.routing.Filter.doHandle(Filter.java:159)
at org.restlet.routing.Filter.handle(Filter.java:206)
at org.restlet.engine.CompositeHelper.handle(CompositeHelper.java:211)
at org.restlet.Component.handle(Component.java:406)
at org.restlet.Server.handle(Server.java:516)
at org.restlet.engine.connector.ServerHelper.handle(ServerHelper.java:72)
at org.restlet.engine.adapter.HttpServerHelper.handle(HttpServerHelper.java:152)
at org.restlet.engine.connector.HttpServerHelper$1.handle(HttpServerHelper.java:73)
at com.sun.net.httpserver.Filter$Chain.doFilter(Filter.java:77)
at sun.net.httpserver.AuthFilter.doFilter(AuthFilter.java:83)
at com.sun.net.httpserver.Filter$Chain.doFilter(Filter.java:80)
at sun.net.httpserver.ServerImpl$Exchange$LinkHandler.handle(ServerImpl.java:677)
at com.sun.net.httpserver.Filter$Chain.doFilter(Filter.java:77)
at sun.net.httpserver.ServerImpl$Exchange.run(ServerImpl.java:649)
at sun.net.httpserver.ServerImpl$DefaultExecutor.execute(ServerImpl.java:158)
at sun.net.httpserver.ServerImpl$Dispatcher.handle(ServerImpl.java:433)
at sun.net.httpserver.ServerImpl$Dispatcher.run(ServerImpl.java:398)
at java.lang.Thread.run(Thread.java:745)
[ra daemon event]: Executed message type 0x1
[ra daemon event]: Rest Daemon socket notified to read!
[ra daemon event]: AG daemon received message of length 124
[ra daemon event]: Reading 124 bytes from socket
[ra daemon event]: Received message of length 124
[ra daemon event]: Executing message type 0x1
[ra agent event]: 2018-12-03 17:22:58,693 DEBUG [base] Inside RestletObject RawJson Serialization : com.cisco.pdm.rest.c.i.ib@4e9365a9
[ra daemon event]: Executed message type 0x1
[ra daemon event]: Rest Daemon socket notified to read!
[ra daemon event]: AG daemon received message of length 140
[ra daemon event]: Reading 140 bytes from socket
[ra daemon event]: Received message of length 140
[ra daemon event]: Executing message type 0x1
[ra agent event]: 2018-12-03 17:22:58,693 DEBUG [base] Inside RestletObject postData : {"messages":[{"level":"Error","code":"INTERNAL-SERVER-ERROR"}]}
[ra daemon event]: Executed message type 0x1
[ra daemon event]: Rest Daemon socket notified to read!
[ra daemon event]: AG daemon received message of length 75
[ra daemon event]: Reading 75 bytes from socket
[ra daemon event]: Received message of length 75
[ra daemon event]: Executing message type 0x1
[ra agent event]: 2018-12-03 17:22:58,693 DEBUG [base] Exit m GET with status code 500
[ra daemon event]: Executed message type 0x1
[ra daemon event]: Rest Daemon socket notified to read!
[ra daemon event]: AG daemon received message of length 105
[ra daemon event]: Reading 105 bytes from socket
[ra daemon event]: Received message of length 105
[ra daemon event]: Executing message type 0x1
[ra agent event]: 2018-12-03 17:22:58,693 DEBUG [base] Total memory: 121344, free memory: 83022, used memory: 38322
[ra daemon event]: Executed message type 0x1
[ra daemon event]: Rest Daemon socket notified to read!
[ra daemon event]: AG daemon received message of length 87
[ra daemon event]: Reading 87 bytes from socket
[ra daemon event]: Received message of length 87
[ra daemon event]: Executing message type 0x1
[ra agent event]: 2018-12-03 17:22:58,693 DEBUG [base] The time taken for req processing in msec:2
[ra daemon event]: Executed message type 0x1
[ra daemon event]: Rest Daemon socket notified to read!
12-03-2018 12:19 PM
08-15-2020 02:51 PM
Thanks Issac, its working for me too after your workaround!!
thanks a ton!!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide