Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos XG API hinzufügen eines VLANs geht nicht -> Error 501 Configuration parameters validation failed

Liebe Sophos Community,

ich möchte aktuell die Konfiguration meiner Sophos XG SFVH (SFOS 19.0.1 MR-1-Build365) über Ansible automatisieren.

Vor allem möchte ich automatisiert VLANs zur XG hinzufügen können. 

Da ich für die XG erst gar keine Ansible Module gefunden habe und für die UTM auch nur sehr wenige Module existieren wollte ich es über das uri Modul machen, spricht über die REST API.

Leider bekomme ich in der Response folgende Fehler:

code=\"501\">Configuration parameters validation failed.

REST API URI:

<Request>
    <Login>
        <Username>{{ api_username }}</Username>
        <Password>{{ api_password }}</Password>
    </Login>
    <Set>
        <VLAN>
            <Name>{{ vlan_name }}</Name>
            <GatewayName />
            <GatewayAddress />
            <Interface>Port4</Interface>
            <Zone>LAN</Zone>
            <VLANID>{{ vlan_id }}</VLANID>
            <IPv4Configuration>Enable</IPv4Configuration>
            <IPv4Assignment>Static</IPv4Assignment>
            <IPAddress>192.168.300.1</IPAddress>
            <DHCPRapidCommit />
            <Netmask>255.255.255.0</Netmask>
            <LocalIP>192.168.300.1</LocalIP>
            <IPv6Address />
            <IPv6Assignment />
            <Status />
            <IPv6Prefix />
            <IPv6GatewayName />
            <IPv6GatewayAddress />
            <Hardware />
            <IPv6Configuration>Disable</IPv6Configuration>
        </VLAN>
    </Set>
</Request>

Ausgabe von apiparser.log:

INFO      Apr 14 19:31:45Z [19601]: Start Login Handler,Component : Login
ERROR     Apr 14 19:31:45Z [19601]: Key:ISCrEntity is not found in RequestMap File for Login.
INFO      Apr 14 19:31:45Z [19601]: Mapping file for Login component is /_conf/csc/IOMappingFiles//1900.1/Login/Login.xml
ERROR     Apr 14 19:31:45Z [19601]: Flag setting for this opcode is 18.
INFO      Apr 14 19:31:47Z [19601]: Opcode response: status:200
INFO      Apr 14 19:31:47Z [19601]: Authentication Successful
INFO      Apr 14 19:31:47Z [19601]: Start Set Handler,Component : VLAN
ERROR     Apr 14 19:31:47Z [19601]: Key:ISCrEntity is not found in RequestMap File for VLAN.
WARNING   Apr 14 19:31:47Z [19601]: Transaction id is missing of for the component : <VLAN>.
WARNING   Apr 14 19:31:47Z [19601]: Can't get the <Add/Update> element from map file, So Mode value is 'Add'.
ERROR     Apr 14 19:31:47Z [19601]: type != const in logicaloperator.So string comparision is done.
ERROR     Apr 14 19:31:47Z [19601]: type != const in logicaloperator.So string comparision is done.
ERROR     Apr 14 19:31:47Z [19601]: type != const in logicaloperator.So string comparision is done.
ERROR     Apr 14 19:31:47Z [19601]: Flag setting for this opcode is 18.
INFO      Apr 14 19:31:49Z [19601]: Opcode response: status:500
WARNING   Apr 14 19:31:49Z [19601]: Opcode failed with 'Add' operation. So call opcode with 'Update'.
ERROR     Apr 14 19:31:49Z [19601]: type != const in logicaloperator.So string comparision is done.
ERROR     Apr 14 19:31:49Z [19601]: type != const in logicaloperator.So string comparision is done.
ERROR     Apr 14 19:31:49Z [19601]: type != const in logicaloperator.So string comparision is done.
ERROR     Apr 14 19:31:49Z [19601]: Flag setting for this opcode is 18.
INFO      Apr 14 19:31:51Z [19601]: Opcode response: status:500
INFO      Apr 14 19:31:51Z [19601]: End  SET Handler, Status : Success,  Component : VLAN, Transaction : NONE, Operation : NONE.
MESSAGE   Apr 14 19:31:51Z [19601]: ENTITY 'VLAN' IMPORT Success
INFO      Apr 14 19:31:51Z [19601]: Command:/scripts/apiparser_generate_tar.sh /sdisk/api-1681500705100822.txt /sdisk/API-1681500705100822 /sdisk/APIXMLOutput/1681500704240.xml /sdisk/API-1681500705100822.tar /sdisk/API-1681500705100822.log 0 status:3
INFO      Apr 14 19:31:51Z [19601]: No need to create Tar file. Response file is /sdisk/APIXMLOutput/1681500704240.xmlSFVH_SO01_SF

PS: Muss man eigentlich wirklich jedes XML-Tag des <VLAN>-Tags aus der Doku hinzufügen? Das sind ja viel zu viele Einstellungen die ich nicht brauche



This thread was automatically locked due to age.