Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 27 subscribers
  • Views 386 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos XG: API Configure SSLVPN

Sylvio Schulze

Hello, I want to set the settings for SSLVPN with the API. I have also prepared them correctly, in my opinion. But when I import, I get the message: "Status Code=501 Configuration parameters validatian failed. Does anyone know what exactly the problem is?

 

I have attached the XML file.

 

Fullscreen 4403.sslvpn.xml Download 
<?xml version="1.0" encoding="UTF-8"?>
<Request>	
	<Login>
		<UserName>ddd</UserName>
		<Password>xxx</Password>
	</Login>
<Set Operation="update">
  <SSLTunnelAccessSettings transactionid="">
    <Protocol>UDP</Protocol>
    <SSLServerCertificate>ApplianceCertificate</SSLServerCertificate>
    <OverrideHostName>1.2.3.4</OverrideHostName>
    <Port>1194</Port>
    <IPLeaseRange>
      <StartIP>10.81.234.5</StartIP>
      <EndIP>10.81.234.55</EndIP>
    </IPLeaseRange>
    <SubnetMask>255.255.255.0</SubnetMask>
    <IPv6Lease>2001:db8::1:0</IPv6Lease>
    <IPv6Prefix>64</IPv6Prefix>
    <LeaseMode>IPv4</LeaseMode>
    <PrimaryDNSIPv4>192.168.4.5</PrimaryDNSIPv4>
    <SecondaryDNSIPv4>1.1.1.1</SecondaryDNSIPv4>
    <PrimaryWINSIPv4/>
    <SecondaryWINSIPv4/>
    <DomainName>xxx.local</DomainName>
    <DisconnectDeadPeerAfter>180</DisconnectDeadPeerAfter>
    <DisconnectIdlePeerAfter>15</DisconnectIdlePeerAfter>
    <EncryptionAlgorithm>AES-256-CBC</EncryptionAlgorithm>
    <AuthenticationAlgorithm>SHA512</AuthenticationAlgorithm>
    <Keysize>2048bit</Keysize>
    <KeyLifetime>28800</KeyLifetime>
    <CompressSSLVPNTraffic>Disable</CompressSSLVPNTraffic>
    <DebugMode>Disable</DebugMode>
  </SSLTunnelAccessSettings>
  </Set>
</Request>



This thread was automatically locked due to age.
  • 0

    Take a look at the /log/apiparser.log to get more insight into this request. 

  • 0 in reply to LuCar Toni

    Hi,

     

    this is in the apiparser.log:
    ERROR Jul 09 07:59:34 [14099]: Key:ISCrEntity is not found in RequestMap File for Login.
    INFO Jul 09 07:59:34 [14099]: Mapping file for Login component is /_conf/csc/IOMappingFiles//1800.1/Login/Login.xml
    ERROR Jul 09 07:59:34 [14099]: Flag setting for this opcode is 18.
    INFO Jul 09 07:59:39 [14099]: Opcode response: status:200
    INFO Jul 09 07:59:39 [14099]: Authentication Successful
    INFO Jul 09 07:59:39 [14099]: Start Set Handler,Component : SSLTunnelAccessSettings
    ERROR Jul 09 07:59:39 [14099]: Key:ISCrEntity is not found in RequestMap File for SSLTunnelAccessSettings.
    ERROR Jul 09 07:59:40 [14099]: Flag setting for this opcode is 16.
    INFO Jul 09 07:59:40 [14099]: Opcode response: status:500
    INFO Jul 09 07:59:40 [14099]: End SET Handler, Status : Success, Component : SSLTunnelAccessSettings, Transaction : , Operation : update.
    MESSAGE Jul 09 07:59:40 [14099]: ENTITY 'SSLTunnelAccessSettings' IMPORT Success
    INFO Jul 09 07:59:40 [14099]: Command:/scripts/apiparser_generate_tar.sh /sdisk/api-1594274374550134.txt /sdisk/API-1594274374550134 /sdisk/APIXMLOutput/1594274374373.xml /sdisk/API-1594274374550134.tar /sdisk/API-1594274374550134.log 0 status:3
    INFO Jul 09 07:59:40 [14099]: No need to create Tar file. Response file is /sdisk/APIXMLOutput/1594274374373.xml