Cisco Cisco ASA 5555-X Adaptive Security Appliance - No Payload Encryption
About the ASA REST API v1.2.2
REST API Agent in ASA
REST API Agent in ASA
10
device’s flash and installed using the "rest-api image" command. The REST API Agent is then enabled using the "rest-
api agent" command.
With a virtual ASA (ASAv), the deployment package includes the REST API image, provided in the "boot:" partition. The
ASAv is not configured to use the REST API by default, so you must issue the "rest-api agent" command to enable the
ASAv is not configured to use the REST API by default, so you must issue the "rest-api agent" command to enable the
REST API Agent.
In multi-context mode, the REST API Agent commands are available only in the System context.
Note: The REST API Agent is a Java-based application. The Java Runtime Environment (JRE) is bundled in the REST
API Agent package.
‘rest-api image’ Command
This command will perform compatibility/validation checks and inform you if there are problems. If all checks pass, it will
install the REST API image. To uninstall, use the "no" form of the command.
[no] rest-api image disk0:/<package>
image - Use this keyword to install/uninstall the REST API image on an ASA; provide the destination (in this case,
"disk0:" for the ASA’s flash memory) and the name of the REST API image package.
Installing/updating the rest-api package will not trigger a reboot of the ASA.
This configuration will be saved in the startup config file.
Example
This example downloads the REST API package from a TFTP server and then installs it:
copy tftp://<tftpserver>/asa-restapi-121-lfbff-k8.SPA disk0:
rest-api image disk0:/asa-restapi-121-lfbff-k8.SPA
Supported Modes
single/multiple context, routed/transparent
Additional Boot-strapping Required for the REST API Agent
• Enable HTTP server and let clients connect over management interface:
http server enable
http 0.0.0.0 0.0.0.0 <mgmt interface nameif>
• Configure (static) routes.
• If command authorization is enabled, ensure local user ‘enable_1’ with a privilege level of 15 is available (the
REST API Agent uses this account to communicate with the ASA):
username enable_1 password <pass> encrypted privilege 15
‘rest-api agent’ Command
To enable the REST API Agent after installing a REST API image, use the "rest-api agent" command. To disable the
REST API Agent, use the "no" form of the command.