Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos XG API Powershell Module - sophosxg-api

Hi All,

As a professional development and learning exercise I wrote this powershell module.

I do not claim it to be free from errors/bugs and is for learning and testing. Use at your own risk. 

I thought it may be of some value to others out there. 

https://github.com/strooth/SophosXg-Api 



This thread was automatically locked due to age.
Parents
  • Could you give us / me some insights, what you API actually can perform? 

    You are settings some values to configure a XG, correct? 

     

     

    If you want to get some "clicks clicks clicks", build Certbot + DNAT + Lets Encrypt Upload + Replacement Script.

    Seems like you know, what you are doing, and this is highly asked by some people.

    The script should perform something like: 

    Enable a specific DNAT Rule every 2 Month. (Port80 to the powershell server?).

    Start Certbot to generate new LE certificates.

    Disable DNAT Rule.

    Upload new LE Certificate to XG

    Replace in Webadmin the LE Certificate

    Check in Firewall Rule for WAF Rules, replace if yes, replace the Certificate

    (Clean up old LE certificate). 

     

    As a little help: https://community.sophos.com/products/xg-firewall/f/sophos-xg-firewall-general-discussion/102208/upload-certificate-using-api

     

    __________________________________________________________________________________________________________________

  • and if you can upgrade to powershell 7 its very easy 

     

    $request = '<Request><login><username>username</username><name>username</name><password passwordform="`"encrypt`"">password</password></login><Set operation="`"add`""><Certificate><Name>cert</Name><Action>UploadCertificate</Action><CertificateFormat>cer</CertificateFormat><CertificateFile>cert.cer</CertificateFile></Certificate></Set></Request>'
    $file = "C:\certs\cert.cer"
    $Form = @{
        reqxml  = $request
        $((Get-Item $File).Basename) = Get-Item -Path $file
    }
    $Result = Invoke-RestMethod -Uri $Uri -Method Post -Form $Form 
Reply
  • and if you can upgrade to powershell 7 its very easy 

     

    $request = '<Request><login><username>username</username><name>username</name><password passwordform="`"encrypt`"">password</password></login><Set operation="`"add`""><Certificate><Name>cert</Name><Action>UploadCertificate</Action><CertificateFormat>cer</CertificateFormat><CertificateFile>cert.cer</CertificateFile></Certificate></Set></Request>'
    $file = "C:\certs\cert.cer"
    $Form = @{
        reqxml  = $request
        $((Get-Item $File).Basename) = Get-Item -Path $file
    }
    $Result = Invoke-RestMethod -Uri $Uri -Method Post -Form $Form 
Children
No Data