Comments (8)
Hi, we are investigating this part. We let you posted.
from fp-ngfw-smc-python.
Hello,
So enabling disabling site is ok, here is an example.
For vpn_references ( and modes) it is missing and was asked for implementation
given pbvpn is your Policy Based VPN :
pbvpn = PolicyVPN("pbvpn_name")
# depending you want satellite/central here satellite
for gw_node in pbvpn.satellite_gateway_node.all():
# we look for Plano VPN Gateway
if gw_node.name == "Plano VPN Gateway":
# here we look for enabled sites
for site in list(gw_node.enabled_sites):
# here we match site name
if site.name == "PLANO_SITE":
site.enable_disable()
pbvpn.save()
from fp-ngfw-smc-python.
Hello,
I have also seen that I can retrieve VPN site configuration directly from the engine :
vpn_pb = {}
for one_vpn in PolicyVPN.objects.all():
vpn_pb.update({
one_vpn.name: one_vpn.key,
one_vpn.key: one_vpn.name,
})
engine = Engine("my_firewall")
engine_vpn = {}
for site in engine.vpn.sites:
for ref in site.vpn_references:
if ref["vpn_id"] in vpn_pb.keys():
if vpn_pb.get(ref["vpn_id"]) not in engine_vpn.keys():
engine_vpn[vpn_pb.get(ref["vpn_id"])] = {}
engine_vpn[vpn_pb.get(ref["vpn_id"])].update({site.name: ref})
Is it possible to update these sites (enable/disable and mode) ?
from fp-ngfw-smc-python.
Salut Etienne !
Truc comme ca :
class ConnectionType(Element):
typeof = 'connection_type'
class EndpointTunnel(SubElement):
"""
A gateway tunnel represents the point to point connection
between two IPSEC endpoints in a PolicyVPN configuration.
The tunnel arrangement is based on whether the nodes are placed
as a central gateway or a satellite gateway. This provides access
to see the point to point connections, whether the link is enabled,
and setting the presharred key.
"""
def enable_disable(self):
"""
Enable or disable the tunnel link between endpoints.
:raises UpdateElementFailed: failed with reason
:return: None
"""
if self.enabled:
self.update(enabled=False)
else:
self.update(enabled=True)
@property
def enabled(self):
"""
Whether the VPN link between endpoints is enabled
:rtype: bool
"""
return self.data.get('enabled', False)
@property
def tunnel_side_a(self):
"""
Return the gateway node for tunnel side A. This will
be an instance of GatewayNode.
:rtype: GatewayNode
"""
return type('TunnelSideA', (InternalEndpoint,), {
'href': self.data.get('endpoint_1')})()
@property
def tunnel_side_b(self):
"""
Return the gateway node for tunnel side B. This will
be an instance of GatewayNode.
:rtype: GatewayNode
"""
return type('TunnelSideB', (InternalEndpoint,), {
'href': self.data.get('endpoint_2')})()
@property
def setVPNProfile(self,href):
return self.data.get('vpn_profile', href)
def __str__(self):
return '{0}(tunnel_side_a={1},tunnel_side_b={2})'.format(
self.__class__.__name__, self.tunnel_side_a.name, self.tunnel_side_b.name)
def __repr__(self):
return str(self)
VPNPDV = PolicyVPN(name='VPN-PDV')
VPNPDV.open()
###########MISE EN PLACE DE PROFILE VPN PERSONALISER SUR LES ENDPOINT#############
for tunnel in VPNPDV.tunnels:
tunnela = tunnel.tunnel_side_a
tunnelb = tunnel.tunnel_side_b
if(tunnel.enabled != ENABLE):
if(tunnela.name.startswith("FWCENTRAL") and tunnelb.name.startswith("FWDistant") ):
tunnel.update(enabled=ENABLE)
VPNPDV.save()
from fp-ngfw-smc-python.
It is already available in 1.0.20.
from fp-ngfw-smc-python.
Hello,
Sorry I didn't check this for a long time.
Thanks @ad1rie1, but my question is not relative to Policy Based tunnels but Policy Based VPN sites.
@lilianValeroFp , can you explain what has been implemented in 1.0.20 please ?
I tried again to update VPN site as my first message with fp-NGFW-SMC-python==1.0.24 and SMC 6.10, but I still have the same error.
from fp-ngfw-smc-python.
Thanks @MaxPoint67 !
from fp-ngfw-smc-python.
Hello again,
So it is ok for enable/disable sites.
Do you know if it is possible to set the site mode (private / hub) ?
from fp-ngfw-smc-python.
Related Issues (20)
- certificate verification warnings using the INI file for session creation HOT 2
- add an IP configuration on a tunnel interface without IP HOT 1
- ServerBackupTask fails HOT 2
- Viewing an Alias' references does not show the element referenced in the Alias, only the address. HOT 1
- Setting standby mode on a TunnelInterface HOT 5
- AttributeError when importing smc module HOT 9
- smc_monitoring: SessionNotFound HOT 13
- AttributeError: 'NoneType' object has no attribute 'href' HOT 4
- session.login: Failed to get username HOT 4
- role 'Manage Administrator' mandatory for read only API clients HOT 1
- How add Exceptions on Phase-1ID in Engine Endpoints HOT 1
- How change tunnel Mode in PolicyVPN HOT 3
- Error with 'interface_id' from InternalEndpoint element HOT 10
- Search a firewall policy similarly to "Search Rules" function in SMC GUI HOT 1
- Route-Based VPN Creation Error HOT 7
- multiples sessions HOT 2
- engine.routing_monitoring Error HOT 6
- Session Login via alt_filepath / config file: configparser removed in Python 3.12 HOT 2
- Adding IPv6 BGP peers is not possible HOT 4
- Get Network or Host from IP/CIDR HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from fp-ngfw-smc-python.