REST has no built-in security features, however, there are several ways you can secure it. One way is to use token-based authentication, as seen in the lesson. However, this is not the only method. You could use HTTPS with TLS encryption as an option as well.
Typically, tokens are valid for a particular period of time. After this time expires, they are considered invalid and require a refresh token. This is a new access token that replaces the old one. How often this is done depends on the configuration. More info on refresh tokens and expiry durations can be found in this Cisco documentation:
In this setup, H1 is the client, and R1 is the server. So the IP of the server is the IP of the Gi/2 interface on the router, which is 172.16.1.100. The IP address in the default route is that of H1. This is set up like this only for the purpose of the lab. You wouldnāt see such a default route pointing to a host in a production network.
I hope this has been helpful!
Laz
PS, thanks for pointing out the typo, Iāll let Rene know!
The ASR 9000 does support the virtual service option with release 5.1.1 or later as described in this document:
The ASR 1000 with IOS XE Everest 16.5 also supports virtual service as seen here:
However, for the ASR 900 and 920 I was unable to find any indication that this is supported. Your best bet is to take a detailed look at the Cisco Feature Navigator found at the following link, and take a look at specific IOS and platforms to ensure what features are available on what devices. https://cfnng.cisco.com/
I have some CAT9400 series running 17.09.04a and unlike CSR1000v I canāt see an option to download the corresponding install package āIOS XE Remote Management Softwareā. Is this still supported? if not what is the alternative. What would be the right ova to use here virtual-service install name csr_mgmt package bootflash:/iosxe-remote-mgmt.XX.XX.XX.ova for IOS-XE 17.09.04a. Please let me know and thank you
The REST API is supported only on specific platforms such as the CSR 1000V and the ASR1000 series routers. You can take a more detailed look at what is supported here:
Keep in mind that according to this Cisco Documentation, even for the supported platforms, REST API is supported only for IOS XE versions up to 16.6. REST API is not supported from the IOS-XE 16.7.x release onwards. If you are using the 16.7.x version or above, Cisco recommends that you use Restconf.