Service Endpoint Commands

Service endpoints are external endpoints defined on the connector,such as GUI, SSH access, Location, fast path, and so on. These endpoints are used by customer and different devices (such as wireless controllers) to connect to the connector and enable network data traffic to Cisco Spaces.

connectorctl service-endpoint show

This command shows the permissions granted to a services-endpoint on an interface. For example, a service can be allowed and/or denied on the primary or the secondary interface.

connectorctl network show [ -n interface-name ]

Syntax Description

Keywords and Variables Description

-n interface-name

Specifies interface name. Accepted values are:

  • PRIMARY

  • SECONDARY

Command History

Release 3

This command is introduced.

Examples

The following example shows how to view the permissions configured for service-endpoints on interfaces. 
[spacesadmin@connector ~]$ connectorctl service-endpoint show
Executing command:service-endpoint
Command execution status:Success
-----------------------
Interface: PRIMARY 
---------------------------------
Allowed service endpoint: LOCATION_FASTPATH,LOCATION_TDL,SSH,WEB_UI
Denied service endpoint: 

Interface: SECONDARY 
---------------------------------
Allowed service endpoint: WEB_UI
Denied service endpoint: LOCATION_FASTPATH,LOCATION_TDL,SSH

Examples


Note

LOCATION_FASTPATH, LOCATION_TDL are allowed on the secondary interface by default.

connectorctl service-endpoint config

This command helps to configure services-endpoints on the primary or secondary interface. We can allow and deny each service on either the primary or the secondary interface.

connectorctl service-endpoint config { -s service-endpoint | -a allowed-interface-names | -d denied interface-names }

Syntax Description

Keywords and Variables Description

-s service-endpoint

Specifies a list of comma separated service-endpoints. You can view these enpoints using the connectorctl service-endpoint show

-a allowed-interface-names

Specifies a list of comma separated network interfaces where service-endpoints are allowed.

-d denied interface-names

Specifies a list of comma separated network interfaces where service-endpoints are denied.

Command History

Release 3

This command is introduced.

Examples

The following example shows how to configure a service endpoint named WEB_UI, and allows WEB_UI on the SECONDARY interface, and denies WEB_UI on the PRIMARY interface. 
[spacesadmin@connector ~]$ connectorctl  service-endpoint config -s WEB_UI -a SECONDARY -d PRIMARY
Executing command:service-endpoint
Command execution status:Success
-----------------------
Successfully updated allow and deny list for given endpoints. 
System reboot will happen in 10 seconds. Do not execute any other command...