SonicWALL Gen6 and Gen7 API call differences?
AdamTheManTyler
Newbie ✭
So I have this great PowerShell script written that can create or delete address objects. It can also add objects to an object group. Unfortunately it seems to only work for Gen7 devices. Can someone give me a hand figuring out what the API differences are between Gen6 and Gen7 please? I can't find any resources that explain this. This link seems to only give the 7.0.1 information: https://sonicos-api.sonicwall.com/
When running the script against a Gen6 devices I am getting this error when attempting to delete an address object.
Script Command:
Invoke-RestMethod "https://$($IP)/api/sonicos/address-objects/ipv4/name/$name" -Method 'DELETE' -Headers $headers -Body $body -SkipCertificateCheck:$true
Error:
An error occurred while invoking the REST method:
Response status code does not indicate success: 405 (Method Not Allowed).
Also on Gen6, when running the command to add address objects to a group, I get this error.
Script command :
Invoke-RestMethod "https://$($IP)/api/sonicos/address-groups/ipv6/name/$($name)" -Method 'PATCH' -Headers $headers -Body $body -SkipCertificateCheck:$true
Error:
An error occurred while invoking the REST method:
Response status code does not indicate success: 405 (Method Not Allowed).
Best Answer
-
CORRECT ANSWER
Jaime
SonicWall Employee
Sorry for the delay. I see the issue now. The JSON includes the name of the group you are editing, but "name" isn't a valid command within the CLI level you are in for editing that IPv6 address group (because this object's name cannot be changed). With other objects, the "name" command is available so you won't see the issue with those. Just remove the name line from your JSON body.
{ "address_group": { "ipv6": { "address_object": { "ipv4": [ { "name": "My Group Member" } ] } } } }0
Answers
Hi @AdamTheManTyler,
Regarding the Swagger API documentation site, you can reach the Gen6 API documentation site from your Gen6 firewall's UI by clicking the link on System / API (MANAGE, then on the left pane click the API page at the very bottom). Alternatively, you can click here: https://sonicos-api.sonicwall.com/index.html?sonicwallIp=192.168.168.168&sonicwallPort=443&model=TZ-400&version=6.5.4.8-89n
When adding group members, PATCH is not supported on Gen6. On Gen6, use PUT instead to add members to an existing group.
When deleting an address object, DELETE is the appropriate method to use as far as I'm aware. There shouldn't be a body to the request though. Can you show me more of the response? Is there a JSON message attached to it?
Thanks @Jaime
I did manage to get the delete code working. Struggling currently with adding address-objects to address-groups on Gen6 however. I did manage to find the Gen6 API documentation and it appears I am following it to the letter. Here is the postman side of things...
W-N-M365-52.108.0.0 is an IPv4 network address-object.
Error output...
@Jaime
Wow, {asldij4%%!DEAFDS!!!!!}. Yes, that works, thank you. This Gen6 nuance is mentioned NOWHERE in the API documentation. Gen7 doesn't appear to have this problem. Hours of my life into this....
https://sonicos-api.sonicwall.com/
./sonicos_files/6.5.4.9-93n/TZ-300/sonicos_openapi.yml