Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Api Firewall Policy HTTPBased response 501

I am trying to add one HTTPBasedPolicy but I always get:

<?xml version="1.0" encoding="UTF-8"?>

<Response APIVersion="1702.1" IPS_CAT_VER="1">

  <Login>

    <status>Authentication Successful</status>

  </Login>

  <SecurityPolicy transactionid="">

    <Status code="501">Configuration parameters validation failed.</Status>

    <InvalidParams/>

  </SecurityPolicy>
</Response>  

 

I have read “Create FIrewall Policy - HTTPBased response 501” but doesn’t give the response.
I wasn’t able to find the log due my missing unix/linux experience

 

 

Please note: Italic is used for confidential values

Before checking the request reported below I was able to cancel a rule with the following:
https://domain.com:4444/webconsole/APIController?reqxml=<Request APIVersion='1702.1'><Login><Username>UserForApi</Username><Password passwordform="encrypt">Encrypted password</Password></Login><Remove><SecurityPolicy><Name>Rule name</Name></SecurityPolicy></Remove></Request>

I have exported the policy definition.
The only change that resulted in improvement was ><HostedAddress>#Port3</HostedAddress> to ><HostedAddress>111.111.111.111</HostedAddress>

All other changes done didn’t change the message.

https:// domain.com:4444/webconsole/APIController?reqxml=

<Request APIVersion='1702.1'>

<Login> <Username> UserForApi </Username>

<Password passwordform='encrypt'> Encrypted password </Password> </Login>

<Set operation='add'>

<SecurityPolicy transactionid = '' >

<Name> Rule name </Name>

<Description/>

<IPFamily>IPv4</IPFamily>

<Status>Enable</Status>

<Position>After</Position>

<PolicyType>HTTPBased</PolicyType>

<After><Name>Preceding rule</Name></After>

<HTTPBasedPolicy>

<HostedAddress>111.111.111.111</HostedAddress>

<HTTPS>Enable</HTTPS>

<ListenPort>443</ListenPort>

<AccessPaths><AccessPath>

<allowed_networks>Any IPv4</allowed_networks>

<auth_profile/>

<backend>BackEndServer</backend>

<be_path/>

<hot_standby>0</hot_standby>

<path>/</path>

<stickysession_status>0</stickysession_status>

<websocket_passthrough>0</websocket_passthrough>

</AccessPath>

</AccessPaths>

<Exceptions></Exceptions>

<ProtocolSecurity>Web Sever Base</ProtocolSecurity>

<CompressionSupport>Disable</CompressionSupport>

<RewriteHTML>0</RewriteHTML>

<PassHostHeader>Enable</PassHostHeader>

<Domains>

<Domain>Domain.One</Domain>

<Domain>Domains.two</Domain>

</Domains>

<RewriteCookies>Enable</RewriteCookies>

<Certificate>CertificateName</Certificate>

<RedirectHTTP>Enable</RedirectHTTP>

</HTTPBasedPolicy>

<IntrusionPrevention>generalpolicy</IntrusionPrevention>

<TrafficShapingPolicy>None</TrafficShapingPolicy>

</SecurityPolicy></Set></Request>

I think the export output is in some way different from input but having so many parameter is impossible to find the ones in error.

Help would be appreciated.

Ps:Sorry for my English.



This thread was automatically locked due to age.
Parents Reply Children
No Data