Description
The addRaVpnConnectionProfile operation handles configuration related to RaVpnConnectionProfile model.
This API call is not allowed on the standby unit in an HA pair.
HTTP request
POST /api/fdm/v6/ravpns/{parentId}/ravpnconnectionprofilesData Parameters
| Parameter | Required | Type | Description | |||
|---|---|---|---|---|---|---|
| name | True | string | name of RaVpnConnectionProfile | |||
| defaultGroupPolicy | True | object | Group policy used in RA VPN connection profile Field level constraints: cannot be null. (Note: Additional constraints might exist) Allowed types are: [RaVpnGroupPolicy] |
|||
| authenticationIdentitySource | False | object | authenticationIdentitySource for RA VPN Allowed types are: [ActiveDirectoryRealm, DuoLDAPIdentitySource, IdentitySourceBase, LDAPRealm, LocalIdentitySource, RadiusIdentitySource, RadiusIdentitySourceGroup, RealmSequence, SAMLServer, SpecialRealm] |
|||
| authorizationIdentitySource | False | object | authorizationIdentitySource used in RA VPN connection profile Allowed types are: [ActiveDirectoryRealm, DuoLDAPIdentitySource, IdentitySourceBase, LDAPRealm, LocalIdentitySource, RadiusIdentitySource, RadiusIdentitySourceGroup, RealmSequence, SAMLServer, SpecialRealm] |
|||
| accountingIdentitySource | False | object | accounting identity source used in RA VPN connection profile Allowed types are: [ActiveDirectoryRealm, DuoLDAPIdentitySource, IdentitySourceBase, LDAPRealm, LocalIdentitySource, RadiusIdentitySource, RadiusIdentitySourceGroup, RealmSequence, SAMLServer, SpecialRealm] |
|||
| fallbackLocalIdentitySource | False | object | fallbackLocalIdentitySource for RA VPN Allowed types are: [LocalIdentitySource] |
|||
| authMethod | True | string | authentication method for RA VPN connection profile, values are AAA, CLIENT_CERTIFICATE, AAA_AND_CLIENT_CERTIFICATE and SAML Field level constraints: cannot be null. (Note: Additional constraints might exist) |
|||
| certificateUsernameSettings | False | object | Used as nestedEntity inside RA VPN | |||
| secondaryAuthenticationSettings | False | object | Referrenced nested entity in RA VPN, which is used to configure secondary authentication for RA | |||
| stripGroupFromUsername | True | boolean | A Boolean value, TRUE or FALSE, where FALSE is the default. The TRUE,value would remove the group details from the username. Field level constraints: cannot be null. (Note: Additional constraints might exist) |
|||
| stripRealmFromUsername | True | boolean | A Boolean value, TRUE or FALSE, where FALSE is the default. The TRUE,value would remove the realm details from the username. Field level constraints: cannot be null. (Note: Additional constraints might exist) |
|||
| ipv4LocalAddressPool | False | [object] | IPV4 local addresspool used in RA vpn connection profile Allowed types are: [NetworkObject] |
|||
| ipv6LocalAddressPool | False | [object] | IPV6 local addresspool used in RA vpn connection profile Allowed types are: [NetworkObject] |
|||
| dhcpServersForAddressAssignment | False | [object] | dhcpServersForAddressAssignment used in RA VPN connection profile Allowed types are: [NetworkObject] |
|||
| groupAlias | False | [string] | groupAlias for RaVpnConnectionProfile | |||
| groupUrl | False | [string] | groupUrl for RaVpnConnectionProfile | |||
| type | True | string | ravpnconnectionprofile | |||
Path Parameters
| Parameter | Required | Type | Description | |||
|---|---|---|---|---|---|---|
| parentId | True | string | ||||
Example
curl -X POST \
--header "Accept: application/json" \
--header "Authorization: Bearer ${ACCESS_TOKEN}" \
--header "Content-Type: application/json" \
-d '{
"accountingIdentitySource": {
"id": "string",
"name": "string",
"type": "string",
"version": "string"
},
"authMethod": "AAA",
"authenticationIdentitySource": {
"id": "string",
"name": "string",
"type": "string",
"version": "string"
},
"authorizationIdentitySource": {
"id": "string",
"name": "string",
"type": "string",
"version": "string"
},
"certificateUsernameSettings": {
"disablePrefilledUsernameEdit": true,
"prefillUsernameFromCertificate": true,
"type": "certificateusernamesettings",
"usernameFromCertificate": "ENTIRE_DN",
"usernamePrimaryField": "NONE",
"usernameSecondaryField": "NONE"
},
"defaultGroupPolicy": {
"id": "string",
"name": "string",
"type": "string",
"version": "string"
},
"dhcpServersForAddressAssignment": [],
"fallbackLocalIdentitySource": {
"id": "string",
"name": "string",
"type": "string",
"version": "string"
},
"groupAlias": [],
"groupUrl": [],
"id": "string",
"ipv4LocalAddressPool": [],
"ipv6LocalAddressPool": [],
"name": "string",
"secondaryAuthenticationSettings": {
"authenticationIdentitySource": {
"id": "string",
"name": "string",
"type": "string",
"version": "string"
},
"certificateUsernameSettings": {
"disablePrefilledUsernameEdit": true,
"prefillUsernameFromCertificate": true,
"type": "certificateusernamesettings",
"usernameFromCertificate": "ENTIRE_DN",
"usernamePrimaryField": "NONE",
"usernameSecondaryField": "NONE"
},
"commonPassword": "string",
"fallbackLocalIdentitySource": {
"id": "string",
"name": "string",
"type": "string",
"version": "string"
},
"passwordType": "PROMPT",
"sessionUsernameIdentitySource": "PRIMARY",
"type": "secondaryauthenticationsettings",
"usePrimaryUsername": true
},
"stripGroupFromUsername": true,
"stripRealmFromUsername": true,
"type": "ravpnconnectionprofile",
"version": "string"
}' \
"https://${HOST}:${PORT}/api/fdm/v6/ravpns/{parentId}/ravpnconnectionprofiles"from bravado.requests_client import RequestsClient
from bravado.client import SwaggerClient
def get_client(host, token):
http_client = RequestsClient()
http_client.ssl_verify = False
http_client.set_api_key(
host,
"Bearer {}".format(token),
param_name="Authorization",
param_in="header"
)
return SwaggerClient.from_url(
"https://{}/apispec/ngfw.json".format(host),
http_client=http_client,
config={
"validate_responses": False,
"validate_swagger_spec": False
}
)
def add_ra_vpn_connection_profile(client, parent_id, body):
return client.RaVpnConnectionProfile.addRaVpnConnectionProfile(
parentId=parent_id,
body=body
).response().result
if __name__ == "__main__":
host = "ftd.example.com"
token = "access_token"
client = get_client(host, token)
parent_id = "string"
body = {'accountingIdentitySource': {'id': 'string',
'name': 'string',
'type': 'string',
'version': 'string'},
'authMethod': 'AAA',
'authenticationIdentitySource': {'id': 'string',
'name': 'string',
'type': 'string',
'version': 'string'},
'authorizationIdentitySource': {'id': 'string',
'name': 'string',
'type': 'string',
'version': 'string'},
'certificateUsernameSettings': {'disablePrefilledUsernameEdit': True,
'prefillUsernameFromCertificate': True,
'type': 'certificateusernamesettings',
'usernameFromCertificate': 'ENTIRE_DN',
'usernamePrimaryField': 'NONE',
'usernameSecondaryField': 'NONE'},
'defaultGroupPolicy': {'id': 'string',
'name': 'string',
'type': 'string',
'version': 'string'},
'dhcpServersForAddressAssignment': [],
'fallbackLocalIdentitySource': {'id': 'string',
'name': 'string',
'type': 'string',
'version': 'string'},
'groupAlias': [],
'groupUrl': [],
'ipv4LocalAddressPool': [],
'ipv6LocalAddressPool': [],
'name': 'string',
'secondaryAuthenticationSettings': {'authenticationIdentitySource': {'id': 'string',
'name': 'string',
'type': 'string',
'version': 'string'},
'certificateUsernameSettings': {'disablePrefilledUsernameEdit': True,
'prefillUsernameFromCertificate': True,
'type': 'certificateusernamesettings',
'usernameFromCertificate': 'ENTIRE_DN',
'usernamePrimaryField': 'NONE',
'usernameSecondaryField': 'NONE'},
'commonPassword': 'string',
'fallbackLocalIdentitySource': {'id': 'string',
'name': 'string',
'type': 'string',
'version': 'string'},
'passwordType': 'PROMPT',
'sessionUsernameIdentitySource': 'PRIMARY',
'type': 'secondaryauthenticationsettings',
'usePrimaryUsername': True},
'stripGroupFromUsername': True,
'stripRealmFromUsername': True,
'type': 'ravpnconnectionprofile'}
add_ra_vpn_connection_profile(client, parent_id, body)