pythoncisco-iosietf-netmod-yangietf-netconf

Unable to access Yang capabilities via Python ncclient


I have a Cisco CSRv1000 with Cisco XE version 16.8.1a.

I have enabled netconf-yang and when i run the command ssh -2 -s admin@172.30.43.115 netconf it displays the YANG on CLI.

However if i run the following code on python, it gives an error ncclient.transport.errors.SSHError: Could not open socket to 172.30.43.115:830

My Code:

from ncclient import manager
import xml.etree.ElementTree as ET

router = {
    "host": "172.30.43.115",
    "port": "830",
    "username": "admin",
    "password": "******",
}

with manager.connect(
    host=router["host"],
    port=router["port"],
    username=router["username"],
    password=router["password"],
    hostkey_verify=False,
    allow_agent=False,
    look_for_keys=False,
) as m:
    ip_schema = m.get_schema("ietf-ip")
    root = ET.fromstring(ip_schema.xml)
    yang_tree = list(root)[0].text
    f = open("ietf-ip.yang", "w")
    f.write(yang_tree)
    f.close()

Also, please find my show run on the router:

MyRouter#show run
Building configuration...

Current configuration : 1725 bytes
!
! Last configuration change at 17:37:24 UTC Sat Oct 3 2020
!
version 16.8
service timestamps debug datetime msec
service timestamps log datetime msec
platform qfp utilization monitor load 80
no platform punt-keepalive disable-kernel-core
platform console serial
!
hostname MyRouter
!
boot-start-marker
boot-end-marker
!
!
enable secret 5 $1$tK3F$2WEFfM8JZcyP7YPgzRZbH1
!
aaa new-model
!
!
aaa authentication login default local
aaa authorization exec default local
!
!
!
!
!
aaa session-id common
!
!
!
!
!
!
!
ip domain name myrouter.com
!
!
!
!
!
!
!
!
!
!
subscriber templating
!
!
!
!
!
!
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
!
!
!
!
license udi pid CSR1000V sn 96YNK5Y0HUS
no license smart enable
diagnostic bootup level minimal
!
spanning-tree extend system-id
!
netconf-yang
!
!
username admin privilege 15 secret 5 $1$h/2L$vvzIggHKLFlS1KJlYOqkA1
!
redundancy
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface GigabitEthernet1
ip address 172.30.43.115 255.255.255.0
ip nat outside
negotiation auto
no mop enabled
no mop sysid
!
interface GigabitEthernet2
no ip address
shutdown
negotiation auto
no mop enabled
no mop sysid
!
interface GigabitEthernet3
no ip address
shutdown
negotiation auto
no mop enabled
no mop sysid
!
interface GigabitEthernet4
no ip address
shutdown
negotiation auto
no mop enabled
no mop sysid
!
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip route 0.0.0.0 0.0.0.0 172.30.43.3
!
ip ssh version 2
!
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
line con 0
stopbits 1
line vty 0 4
transport input ssh
!
netconf ssh
wsma agent exec
!
wsma agent config
!
wsma agent filesys
!
wsma agent notify
!
!
end

Is there anything i am doing wrong ? If so, can someone please help me out ?


Solution

  • Installing Paramiko with 'pip install paramiko' did the job for me.