[c-nsp] IOS XR - XML API Authentication fails

Alexander Turner me at alexturner.co
Wed Apr 15 11:04:15 EDT 2015 

Got caught up playing with the wrong tools - was using telnet initially -
not sure why I switched to netcat - not enough caffeine.

Thanks!

alexanderturner at Alexanders-MacBook-Pro~/Downloads> telnet 10.2.100.1 38751
Trying 10.2.100.1...
Connected to 10.2.100.1.
Escape character is '^]'.


User Access Verification

Username: root
Password: root
XML>


--
*Alexander Turner*

e: me at alexturner.co
p: +61408424126
*tz: UTC +10 (AEST)*

On Thu, Apr 16, 2015 at 1:01 AM, Luan Nguyen (CBU) <
luan.nguyen at dimensiondata.com> wrote:

>  Why don’t you just telnet to port 38751 and see if you get the XML>
> instead of using netcat?
> Your configuration should work just fine.
>
>  Regards,
> -lmn
>
>   From: Alexander Turner <me at alexturner.co>
> Date: Thu, 16 Apr 2015 00:40:45 +1000
> To: <cisco-nsp at puck.nether.net>
> Subject: [c-nsp] IOS XR - XML API Authentication fails
>
>
>
> Trying to set up the XML API on an ASR 9K and find myself unable to
> authenticate with the XML API using Netcat.
>
> I've configured the box as below:
>
> Building configuration...
> !! IOS XR Configuration 5.1.2
> !! Last configuration change at Wed Apr 15 07:19:42 2015 by root
> !
> username xml
> group sysadmin
> secret 5 $1$LY8B$39t3eTXf/ajMGWnX99.ux0
> password 7 07182E414C080D1657
> !
> aaa authorization exec default group tacacs+ local
> interface MgmtEth0/RSP0/CPU0/0
> ipv4 address 10.2.100.1 255.255.0.0
> !
> interface MgmtEth0/RSP0/CPU0/1
> shutdown
> !
> interface TenGigE0/0/2/0
> shutdown
> !
> interface TenGigE0/0/2/1
> shutdown
> !
> interface TenGigE0/0/2/2
> shutdown
> !
> interface TenGigE0/0/2/3
> shutdown
> !
> router static
> address-family ipv4 unicast
> 0.0.0.0/0 10.2.0.1
> !
> !
> ssh server v2
> xml agent ssl
> !
> xml agent tty
> !
> xml agent
> iteration on size 100
> !
> end
>
> and RP/0/RSP0/CPU0:ios# xml echo Wed Apr 15 07:27:10.765 UTC XML>
>
> I've got two test users, root:root and xml, both of which I can connect to
> using SSH though the XML interface seems to reject them - using nc:
>
> alexanderturner at Alexanders-MacBook-Pro~/Downloads> nc -v 10.2.100.1 38751
> found 0 associations
> found 1 connections:
> 1: flags=82<CONNECTED,PREFERRED>
> outif en0
> src 10.0.1.40 port 61066
> dst 10.2.100.1 port 38751
> rank info not available
> TCP aux info available
>
> Connection to 10.2.100.1 port 38751 [tcp/*] succeeded!
>
>
> User Access Verification
>
> Username: root
> Password: root
>
>
> User Access Verification
>
> Is this not authing against local?
>
> Any obvious issues here?
>
> Thanks,
>
> Alex
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
>
> itevomcid
>

More information about the cisco-nsp mailing list