Using NETCONF Perl Client to Configure the Virtual Appliance
NETCONF API is an XML application that client applications can use to exchange information with Pulse Secure products. The purpose of the NETCONF Perl client is to connect and configure the device by establishing a DMI connection and sending specific remote procedure calls (RPCs). Both the general RPCs supported by Pulse Connect Secure and Pulse Policy Secure and the device-specific RPCs can be used. Some of the device-specific RPCs are used to retrieve runtime information and statistics.
The PSA-V package contains a NETCONF plug-in for the virtual appliance and sample Perl scripts. Using the supplied scripts as an example, you can write your own scripts for any DMI RPCs supported by the virtual appliance.
See the DMI Solution Guide located on the Ivanti Support website.
Installing the NETCONF Perl Client
Verifying the Installation and the Version of Perl
Perl must be installed on your system before you install the NETCONF Perl. The NETCONF Perl client requires Perl version 5.6.1 or later. To confirm whether Perl is installed on your system and to determine which version of Perl is currently running, issue the following commands:
$ which perl
$ perl –v
If the issued output indicates that Perl is not installed or that the version is earlier than the required version, you must download and install Perl version 5.6.1 or later in order to use the NETCONF Perl client. The Perl source packages are located at:
After installing a suitable version of Perl, install the NETCONF Perl client application.
Installation of NETCONF Perl Client
Installation of Netconf Perl Client is tested on CentOS release 6.4 (Final) 64-bit.
1.Install libssh2 from https://www.libssh2.org/ [ https://www.libssh2.org/download/libssh2-1.7.0.tar.gz ] by executing the following commands:
linux# ./configure --prefix=/usr/libssh2
(by default, libssh2 gets installed under /usr/localinclude and /usr/local/bin)
linux# make
linux# make install
2.Install Net::SSH2 ( http://search.cpan.org/CPAN/authors/id/S/SA/SALVA/Net-SSH2-0.58.tar.gz )
linux# perl Makefile.PL lib=/usr/libssh2/lib inc=/usr/libssh2/include ldargs="-lz"
linux# make
linux# make install
3.Install CPAN
linux# yum install cpan
4.Install Netconf from CPAN:
linux# cpan Net::Netconf
5.Install Term::Readkey from CPAN:
linux# cpan Term::ReadKey
Using the PSA-V Sample Scripts
After you download and install the PSA-V and NETCONF packages, copy the following files to the linux machine where the NETCONF perl client is installed:
- get_active_users.pl
- edit_config_ive.pl
Using the get_active_users.pl Script
The following example uses admin1 for the username, passwd123 for the password and 10.20.30.40 for the IP address. When run, it connects to the virtual appliance, retrieves the list of active users, and prints it on the Standard Output.
perl get_active_users.pl -l admin1 -p passwd123 10.20.30.40
Using the edit_config_ive.pl Script
The edit_config_ive.pl script is used for editing the PSA-V virtual appliance configuration and has the following syntax:
perl edit_config_ive.pl options request target
where:
|
options |
One or more of the following: -l login – Login name accepted by the target device. -p password - Password associated with the login name. -m access – The access method. The only supported value is ssh. -d level – Debug level. Values can be 1 (terse) through 6 (verbose). |
|
request |
Name of the file containing the configuration in XML format. An example of the contents of a configuration file is: <configuration> |
|
target |
Hostname of the target device. |
Enabling the VMXNET3 Driver
To enable the VMXNET3 driver in your virtual appliance, you must deploy from the 7.2 OVF package. Upgrading from earlier versions such as 7.0 or 7.1 will continue to use VMXNET instead of the VMXNET3 driver.