Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 11 replies
  • Answers 1 answer
  • Subscribers 28 subscribers
  • Views 1123 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

ENABLE/DISABLE IPSec (Legacy) with API

nils50122

hello,

i see in the webinar of sophos firewall acadamy 2022 an nice use-case, that we can enable and disable an ipsec connection for example enable temporary support access of our partners. 

After the webinar i contact the mail that was communicated for questions "sales@sophos.de" but i dont get an answer to my 5 mails.

Anyone can tell me the command to enable/disable an ipsec (legacy) connection via api?

In the API documention i only find how to configure a new ipsec or delete a existing ipsec configuration. 



This thread was automatically locked due to age.
Parents
  • 0

    Hello ,

    Thank you for reaching out to the community, this are the following options available on the API: https://docs.sophos.com/nsg/sophos-firewall/18.5/API/index.html

    Could you elaborate what is your exact requirement ?

    Thanks & Regards,
    _______________________________________________________________

    Vivek Jagad | Team Lead, Global Support & Services 


    Sophos Community | Product Documentation | Sophos Techvids | SMS
    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to Vivek Jagad

    yes, i already checked these documentation.
    As i write i dont want to create or delete an ipsec configuration.

    I only want to set the state "active" and "not active" of an existing IPSec (legacy) remoteaccess connection. So our partner can connect when it is setted to "active" and he cant connect when its setted to "not active". 

  • 0 in reply to nils50122

    You need to fetch the current configuration and then update the configuration with status down/up. Which language are you going to use? What is the current blocker for you? 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    I use the german language. What do you mean with "current blocker"? 

    I think in the sophos webinar there was another solution as update the complete currect configuration of these ipsec connection. There was a short command with the connection name in string.

  • 0 in reply to nils50122

    I mean the programming language. In the webinar, they are using a website (hosted by a client) which curls a XML code snipped. This is a way to program this, but you need to code the backend for your setup. 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    I want to build a simple html website with a button for enabling / disabling the connection. 

  • 0 in reply to nils50122

    You could do this: 

    curl --request POST \   --url IP:4444/.../APIController \   --header 'Content-Type: multipart/form-data' \   --form 'reqxml=<Request>    <Login>        <Username>admin</Username>        <Password passwordform="plain">***************</Password>    </Login>    <Set operation="Update">        <VPNIPSecConnection transactionid="">            <DeActive>                <Name>Test</Name>            </DeActive>        </VPNIPSecConnection>    </Set></Request>'

    __________________________________________________________________________________________________________________

Reply
  • 0 in reply to nils50122

    You could do this: 

    curl --request POST \   --url IP:4444/.../APIController \   --header 'Content-Type: multipart/form-data' \   --form 'reqxml=<Request>    <Login>        <Username>admin</Username>        <Password passwordform="plain">***************</Password>    </Login>    <Set operation="Update">        <VPNIPSecConnection transactionid="">            <DeActive>                <Name>Test</Name>            </DeActive>        </VPNIPSecConnection>    </Set></Request>'

    __________________________________________________________________________________________________________________

Children
Cookie Information Banner