This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Api Firewall Policy HTTPBased response 501

Fabio Marziani over 4 years ago

I am trying to add one HTTPBasedPolicy but I always get:

<?xml version="1.0" encoding="UTF-8"?>

<Login>

<status>Authentication Successful</status>

</Login>

<Status code="501">Configuration parameters validation failed.</Status>

</SecurityPolicy>
</Response>

I have read “Create FIrewall Policy - HTTPBased response 501” but doesn’t give the response.
I wasn’t able to find the log due my missing unix/linux experience

Please note: Italic is used for confidential values

Before checking the request reported below I was able to cancel a rule with the following:
https://domain.com:4444/webconsole/APIController?reqxml=<Request APIVersion='1702.1'><Login><Username>UserForApi</Username><Password passwordform="encrypt">Encrypted password</Password></Login><Remove><SecurityPolicy><Name>Rule name</Name></SecurityPolicy></Remove></Request>

I have exported the policy definition.
The only change that resulted in improvement was ><HostedAddress>#Port3</HostedAddress> to ><HostedAddress>111.111.111.111</HostedAddress>

All other changes done didn’t change the message.

https:// domain.com:4444/webconsole/APIController?reqxml=

<Login> <Username> UserForApi </Username>

<Password passwordform='encrypt'> Encrypted password </Password> </Login>

<Status>Enable</Status>

<Position>After</Position>

<PolicyType>HTTPBased</PolicyType>

<After><Name>Preceding rule</Name></After>

<HTTPS>Enable</HTTPS>

<allowed_networks>Any IPv4</allowed_networks>

<auth_profile/>

<backend>BackEndServer</backend>

<be_path/>

<hot_standby>0</hot_standby>

<stickysession_status>0</stickysession_status>

<websocket_passthrough>0</websocket_passthrough>

</AccessPath>

</AccessPaths>

<ProtocolSecurity>Web Sever Base</ProtocolSecurity>

<CompressionSupport>Disable</CompressionSupport>

<PassHostHeader>Enable</PassHostHeader>

<Domain>Domain.One</Domain>

<Domain>Domains.two</Domain>

</Domains>

<RewriteCookies>Enable</RewriteCookies>

<Certificate>CertificateName</Certificate>

<RedirectHTTP>Enable</RedirectHTTP>

</HTTPBasedPolicy>

<IntrusionPrevention>generalpolicy</IntrusionPrevention>

</SecurityPolicy></Set></Request>

I think the export output is in some way different from input but having so many parameter is impossible to find the ones in error.

Help would be appreciated.

Ps:Sorry for my English.

This thread was automatically locked due to age.

0 KingChris over 4 years ago

Hi Fabio Marziani

Did you go through the KB article here: https://community.sophos.com/kb/en-us/132560

Thanks.

KingChris
Community Support | Sophos Support
Sophos Support Videos | Knowledge Base | @SophosSupport | Sign up for SMS Alerts |
If a post solves your question use the 'This helped me' link
Cancel
Vote Up 0 Vote Down

Cancel
0 Fabio Marziani over 4 years ago in reply to KingChris

Sure, I have read all the documentation.

As stated in the request I was able to execute succesfully get and delete rule.

I have found a similar question without a response.

I think the problem is the lack of a running example.
Cancel
Vote Up 0 Vote Down

Cancel