search

kaisero / fireREST

Python library for interacting with Cisco Firepower Management Center REST API
GNU General Public License v3.0
70 stars 49 forks source link

Getting Error 500 Internal error with get_deployabledevices #34

Closed DisSsha closed 3 years ago

DisSsha commented 3 years ago

Hello, Thanks for your very nice job here. I'm stuck on deployement of my policy. I have the feeling it's an issue on the FMC but I post here in case i'm doing something wrong ...

 response = client.update_accesspolicy_rule(policy_id,rule_id,rule)
{"error":{"category":"OTHER","messages":[{"description":"JsonNull"}],"severity":"ERROR"}}

i'm getting the same kind of error with the api/explorer embedded in the FMC. In fact the /var/log/mojo.log it's seems that the response is prepared & ready but maybe after has been reached a timer elapsed. I didn't find any timer on the FMC settings regarding the API...

Any clues ?

Oh, and BTW the deployement seems way more touchy : we need to send that kind of data :

{
  "metadata": {
    "lastUser": {
      "name": "a175552",
      "links": {
        "parent": "string",
        "self": "string"
      },
      "id": "string",
      "type": "string"
    },
    "task": {
      "taskType": "DEVICE_REGISTRATION",
      "subTasks": [
        {
          "message": "string",
          "target": {
            "metadata": {
              "lastUser": {
                "name": "string",
                "links": {
                  "parent": "string",
                  "self": "string"
                },
                "id": "string",
                "type": "string"
              },
              "domain": {
                "name": "string",
                "links": {
                  "parent": "string",
                  "self": "string"
                },
                "id": "string",
                "type": "string"
              },
              "readOnly": {
                "reason": "RBAC",
                "state": true
              },
              "timestamp": 0
            },
            "name": "string",
            "description": "string",
            "links": {
              "parent": "string",
              "self": "string"
            },
            "id": "string",
            "type": "string",
            "version": "string"
          },
          "status": "string"
        }
      ],
      "name": "string",
      "description": "string",
      "links": {
        "parent": "string",
        "self": "string"
      },
      "id": "string",
      "type": "string",
      "message": "string",
      "status": "string"
    },
    "domain": {
      "name": "string",
      "links": {
        "parent": "string",
        "self": "string"
      },
      "id": "string",
      "type": "string"
    },
    "readOnly": {
      "reason": "RBAC",
      "state": true
    },
    "timestamp": 0
  },
  "forceDeploy": true,
  "name": "string",
  "deviceList": [
    "string"
  ],
  "ignoreWarning": true,
  "description": "string",
  "links": {
    "parent": "string",
    "self": "string"
  },
  "id": "string",
  "type": "string",
  "version": "string"
}
kaisero commented 3 years ago

Do you get the error message upon updating your accesspolicy rule or when doing a deployment? I can take a look but would need the api payload and function calls you are making.

As for the deployment I might have a working api payload for you. You migth be missing a valid version

            data = {
                'forceDeploy': True,
                'ignoreWarning': True,
                'deviceList': [device_id],
                'type': 'DeploymentRequest',
                'version': int(1000 * datetime.now().timestamp()),
            }

To verify what exactly is going wrong you could do a "pigtail TCAT" as root on FMC and post the output here, I can check the Java exception then to find out what is going on.

kaisero commented 3 years ago

Closed because of missing feedback