RESTCONF access denied when authentication set to none
-
Error received from remote GET request
curl -X GET http://10.2.0.3/restconf/data/netgate-interface:interfaces-state
{ "ietf-restconf:errors" : { "error": { "error-type": "application", "error-tag": "access-denied", "error-severity": "error", "error-message": "default deny" } } }TNSR Config:
<http-config xmlns="urn:ietf:params:xml:ns:yang:netgate-http"> <restconf> <enable>true</enable> </restconf> <authentication> <auth-type>none</auth-type> </authentication> </http-config> -
@dbeyzade
you need to disable / configure nacm
https://docs.netgate.com/tnsr/en/latest/nacm/basics.html[kiokoman@TNSR ~]$ curl -X GET http://192.168.10.2/restconf/data/netgate-interface:interfaces-state { "ietf-restconf:errors" : { "error": { "error-type": "application", "error-tag": "access-denied", "error-severity": "error", "error-message": "default deny" } } } TNSR.localdomain tnsr(config)# nacm disable [kiokoman@TNSR ~]$ curl -X GET http://192.168.10.2/restconf/data/netgate-interface:interfaces-state { "netgate-interface:interfaces-state": { "interface": [ { "name": "LAN", "description": "Local Network", "admin-status": "up", "link-status": "up", "link-speed": 1000000, "link-duplex": "full", "link-mtu": 9000, "if-index": 2, "mac-address": "00:0c:29:f1:63:59", "nat-side": "inside", "ipv4": { "route-table-name": "ipv4-VRF:0", "address": { "ip": "172.15.1.1/24" ................................................... -
@kiokoman This did the trick, thank you very much :)
