01-25-2022 08:11 AM
I'm using the same uri and credentials and wapi endpoint ... i can make a sucessful call using Postman on my work Laptop and get json results. On my Integration Server in my organization I'm using PowerShell to Invoke-RESTMethod to reach out to IB. I don't really know if the error I'm getting is valid. The error I get from InfoBlox is:
403 Forbidden Forbidden You don't have permission to access /wapi/v1.0/ on this server.
...but here are a couple of observations to consider:
1. I'm using the exact same creds and links on my Laptop and it's working there. So the user I'm using on the Laptop side is making the call and getting results so I'm sure it has permissions.
2. If I put in an invalid userid/pw in my command I get the exact same error ... so it's as if it's not even trying to authenticate first before throwing that error.
3. My laptop lives in an ip range of 170.144.97.xxx .... my server lives in 10.250.152.xxx the IB server is in the 170.144.32.xxx space.
4. From my server I can ping the IB server...and a Test-NetConnection 170.144.32.xxx -Port 443 evaluates to true from my server.
In summary ... my Server seems to see the IB server ... but the IB server seems to be shutting down any request to use the API before it even tries to authenticate.
**NOTE I seem to recall from our IB guru that we lost a year ago ... was that there is some place to explicitly allow an IP address (or range) to use the API.
Thanks for any ideas!!!
01-31-2022 04:54 AM
Could you please check if you are hitting a router/NAT instead of the Grid? Are you able to launch the Grid UI on your server?
02-02-2022 06:23 AM
Thank you for the idea...I am now working with our internal Firewall and Networking team ... I was able to use a browser to open the Lab Appliance UI. For the Production appliance I continue to get the 403 Forbidden ... and it seems very clear to me that the 403 is coming from the system/server and not from Infoblox.
I was told that Infoblox has a security boundary and/or whitelisting feature that may need to be set up to explicility allow my Integration Server access into it.
RIght now I'm still not sure if I'm getting stopped by a Network Firewall, System/Server Firwall or some kind of Infoblox whitelisting ... hopefully our network folks can sort it out.
2 weeks ago
Hi Robert, were you able to resolve your issue? I'm having a similar problem, wherein via web browser on my Citrix desktop, I can get a successfult WAPI call. But tru curl on a jump server on another network, I'm having error 403. Telnet from the jump server to port 443 of Infoblox GM IP address is successful.