Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 9 replies
  • Subscribers 28 subscribers
  • Views 1743 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

API Rule Group Endpoint

Lior Dahan

I've been working with the Sophos XG Firewall XML API and so far I've been unable to access the firewall rule group endpoint that is defined in the docs.

My request xmlreq parameter looks like this:

<Request>
<Login>
<Username>admin</Username>
<Password>sadfjiojO8AUOFDSJ!</Password>
</Login>
<Get>
<FirewallRuleGroup>
</FirewallRuleGroup>
</Get>
</Request>

This is the response I got:

<?xml version="1.0" encoding="UTF-8"?>
<Response APIVersion="1702.1" IPS_CAT_VER="1">
<Login>
<status>Authentication Successful</status>
</Login>
<RuleGroup>
<Status code="529">Input request module is Invalid</Status>
</RuleGroup>
</Response>


Process finished with exit code 0



This thread was automatically locked due to age.
Parents
  • +1

    Hi Lior,

    It looks like you're looking at the v18 documentation, but querying a 17.x firewall, and this specific API has changed between the two. you can find all published API help docs here: https://www.sophos.com/en-us/support/documentation/sophos-xg-firewall.aspx 

    According to the docs linked above, the firewall group call changed between 17.5 and 18. On v17.5, the call would look like this:

    hostname:4444//webconsole/APIController?reqxml=<Request><Login><Username>admin</Username><Password>************</Password></Login><Get><SecurityPolicyGroup/></Get></Request>

    The difference is just the <get> parameter being "<SecurityPolicyGroup>", rather than "<FirewallGroup>", as it was changed to in v18

    The above example works for me on v17.5, and on v18 if I just change to FirewallGroup.

    It's generally not important to include the APIVersion in the query. Its more significant in the reply, to let you know if the version is different than you are expecting. Leaving it out of the request completely is normally fine. The main reason you would include it, would be to cause a failure when the firewall upgrades to a firmware with a newer API version, so you can review your calls to make sure no unexpected results occur. 

Reply
  • +1

    Hi Lior,

    It looks like you're looking at the v18 documentation, but querying a 17.x firewall, and this specific API has changed between the two. you can find all published API help docs here: https://www.sophos.com/en-us/support/documentation/sophos-xg-firewall.aspx 

    According to the docs linked above, the firewall group call changed between 17.5 and 18. On v17.5, the call would look like this:

    hostname:4444//webconsole/APIController?reqxml=<Request><Login><Username>admin</Username><Password>************</Password></Login><Get><SecurityPolicyGroup/></Get></Request>

    The difference is just the <get> parameter being "<SecurityPolicyGroup>", rather than "<FirewallGroup>", as it was changed to in v18

    The above example works for me on v17.5, and on v18 if I just change to FirewallGroup.

    It's generally not important to include the APIVersion in the query. Its more significant in the reply, to let you know if the version is different than you are expecting. Leaving it out of the request completely is normally fine. The main reason you would include it, would be to cause a failure when the firewall upgrades to a firmware with a newer API version, so you can review your calls to make sure no unexpected results occur. 

Children