Cisco Cisco ASA 5505 Adaptive Security Appliance
About the ASA REST API
Supported ASA Features
Supported ASA Features
17
Limitations:
Currently, only the LOCAL server group is supported.
Error Codes:
AAA-UNSUPPORTED-OPERATION - Unsupported operation (POST)
INVALID-MODE-ENABLE-SHELL - Invalid value specified for enable shell mode (must be "DISABLED," "REMOTE,"
"LOCAL")
AAA-UNSUPPORTED-SERVER-GROUP - A server group other than LOCAL is specified
AAA-BAD-SERVER-GROUP - Invalid server group specified
Command Privileges
api/aaa/commandprivileges
Configure the local command privilege levels.
Limitations:
Error Codes:
COMMAND-PRIVILEGE-OUT-OF-RANGE - Invalid privilege level provided
Access Rules
Use the Access REST API to configure network access in both routed and transparent firewall modes.
With REST API you can GET access groups access rules. The access groups are automatically created when the first
access rule is created for a particular interface and direction. Similarly, an access group is deleted when its last access
rule is deleted. Global access rules are supported as well.
With REST API you can GET/POST/PUT/PATCH/DELETE access rules. The access URIs are grouped per interface and
direction and have a common URI root of /access:
direction and have a common URI root of /access:
Limitations:
No limitations; support same features as the ASDM GUI.
Error Codes:
ACCESS_DIRECTION_UNKOWN - missing direction (in/out/global)
ACCESS_INTERFACE_UNKOWN - missing interface
ACCESS_FIELD_EMPTY - a particular field cannot be empty (e.g., sourceAddress)
ACCESS_EMPTY_GROUP - a particular field cannot contain an empty object group
ACCESS_SRC_DST_SAME_IP_VER - Source and Destination addresses should be of the same IP version
ACCESS_SRC_DST_SVC_SAME_TYPE - Destination Service and Source Service mismatch in protocol type or inline/vs.
service group types
service group types