Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

CLI creation of SSL VPN Users Possible?

I am a new user of a 3650 on Version 7.X and I'm used to writing bash scripts to manage things in Linux, etc. I needed to create a bunch of SSL VPN accounts, and figured I could just code something to generate a script from an export of our user list and then paste it into the command line, but I've tried google, chatgpt and even a sonicwall ticket (they just referred me to the manual) and have found nothing other than a sonicwall article from 2020 that implies it can't be done. I just wanted to confirm whether or not it's possible since it would seem like something that's a perfect use for a command line. Thanks.

Category: Mid Range Firewalls
Reply

Best Answer

  • CORRECT ANSWER
    ArkwrightArkwright Community Legend ✭✭✭✭✭
    Answer ✓

    You can do pretty much everything from the CLI.

    If you're not sure how to do it, create one in the web interface first, then show the config to see what you did.

    Just bear in mind that the Sonicwall CLI can be maddening and inconsistent, but it is better than not having a CLI at all.

Answers

  • Thank you. Great idea!

  • ArkwrightArkwright Community Legend ✭✭✭✭✭

    One thing to bear in mind is that you don't have to specify every field when creating something. E.g. don't bother trying to come up with a UUID.

    Sometimes you can collapse the multi-line items into one line with some keyword, something like 'brief' on the end but I can't remember what it is...

    Attached is an example of a bash script that takes a two-column CSV of IP + MAC and turns them into DHCP reservations.


  • MustafaAMustafaA SonicWall Employee
    edited January 17

    Utilizing the SonicOS API proves to be a significantly more advantageous and practical approach for fulfilling such objectives. You can use various programming languages such as Python, PowerShell, and cURL, allowing seamless integration with bash scripting. Moreover, the availability of dedicated API libraries facilitates the execution of tasks with enhanced efficiency.

  • MarkDMarkD Cybersecurity Overlord ✭✭✭

    just a thought, why not back off the authentication to RADIUS?

Sign In or Register to comment.