I am trying to add one HTTPBasedPolicy but I always get:
<?xml version="1.0" encoding="UTF-8"?>
<Response APIVersion="1702.1" IPS_CAT_VER="1">
<Login>
<status>Authentication Successful</status>
</Login>
<SecurityPolicy transactionid="">
<Status code="501">Configuration parameters validation failed.</Status>
<InvalidParams/>
</SecurityPolicy>
</Response>
I have read “Create FIrewall Policy - HTTPBased response 501” but doesn’t give the response.
I wasn’t able to find the log due my missing unix/linux experience
Please note: Italic is used for confidential values
Before checking the request reported below I was able to cancel a rule with the following:
https://domain.com:4444/webconsole/APIController?reqxml=<Request APIVersion='1702.1'><Login><Username>UserForApi</Username><Password passwordform="encrypt">Encrypted password</Password></Login><Remove><SecurityPolicy><Name>Rule name</Name></SecurityPolicy></Remove></Request>
I have exported the policy definition.
The only change that resulted in improvement was ><HostedAddress>#Port3</HostedAddress> to ><HostedAddress>111.111.111.111</HostedAddress>
All other changes done didn’t change the message.
https:// domain.com:4444/webconsole/APIController?reqxml=
<Request APIVersion='1702.1'>
<Login> <Username> UserForApi </Username>
<Password passwordform='encrypt'> Encrypted password </Password> </Login>
<Set operation='add'>
<SecurityPolicy transactionid = '' >
<Name> Rule name </Name>
<Description/>
<IPFamily>IPv4</IPFamily>
<Status>Enable</Status>
<Position>After</Position>
<PolicyType>HTTPBased</PolicyType>
<After><Name>Preceding rule</Name></After>
<HTTPBasedPolicy>
<HostedAddress>111.111.111.111</HostedAddress>
<HTTPS>Enable</HTTPS>
<ListenPort>443</ListenPort>
<AccessPaths><AccessPath>
<allowed_networks>Any IPv4</allowed_networks>
<auth_profile/>
<backend>BackEndServer</backend>
<be_path/>
<hot_standby>0</hot_standby>
<path>/</path>
<stickysession_status>0</stickysession_status>
<websocket_passthrough>0</websocket_passthrough>
</AccessPath>
</AccessPaths>
<Exceptions></Exceptions>
<ProtocolSecurity>Web Sever Base</ProtocolSecurity>
<CompressionSupport>Disable</CompressionSupport>
<RewriteHTML>0</RewriteHTML>
<PassHostHeader>Enable</PassHostHeader>
<Domains>
<Domain>Domain.One</Domain>
<Domain>Domains.two</Domain>
</Domains>
<RewriteCookies>Enable</RewriteCookies>
<Certificate>CertificateName</Certificate>
<RedirectHTTP>Enable</RedirectHTTP>
</HTTPBasedPolicy>
<IntrusionPrevention>generalpolicy</IntrusionPrevention>
<TrafficShapingPolicy>None</TrafficShapingPolicy>
</SecurityPolicy></Set></Request>
I think the export output is in some way different from input but having so many parameter is impossible to find the ones in error.
Help would be appreciated.
Ps:Sorry for my English.
This thread was automatically locked due to age.