Description
The addRaVpn operation handles configuration related to RaVpn model.
This API call is not allowed on the standby unit in an HA pair.
HTTP request
POST /api/fdm/v6/ravpnsData Parameters
| Parameter | Required | Type | Description | |||
|---|---|---|---|---|---|---|
| name | True | string | name of RAVpn | |||
| externalBrowserPackage | False | object | The external browser package that is assigned for SAML server authentication. Although defined in the RA VPN connection profile, this attribute is global to all connection profiles: you cannot set different packages for different profiles. Allowed types are: [ExternalBrowserPackage] |
|||
| vpnGatewaySettings | True | object | Nested entity, will contain the common objects like certificates etc Field level constraints: cannot be null. (Note: Additional constraints might exist) |
|||
| groupPolicies | False | [object] | List of group policies Allowed types are: [RaVpnGroupPolicy] |
|||
| anyconnectPackageFiles | False | [object] | Anyconnect package files, which will be cretaed as part of objects, & will be deployed , when will deploy RAVpn Allowed types are: [AnyConnectPackageFile] |
|||
| dap | False | object | DAP config deployed on device Allowed types are: [DAPXml] |
|||
| type | True | string | ravpn | |||
Example
curl -X POST \
--header "Accept: application/json" \
--header "Authorization: Bearer ${ACCESS_TOKEN}" \
--header "Content-Type: application/json" \
-d '{
"anyconnectPackageFiles": [],
"dap": {
"id": "string",
"name": "string",
"type": "string",
"version": "string"
},
"externalBrowserPackage": {
"id": "string",
"name": "string",
"type": "string",
"version": "string"
},
"groupPolicies": [],
"id": "string",
"name": "string",
"type": "ravpn",
"version": "string",
"vpnGatewaySettings": {
"bypassAccessControlForVPNTraffic": true,
"clientCACertificates": [],
"exemptNatRule": true,
"insideInterfaces": [],
"insideNetworks": [],
"outsideFqdn": "string",
"outsideInterface": {
"id": "string",
"name": "string",
"type": "string",
"version": "string"
},
"port": 0,
"serverCertificate": {
"id": "string",
"name": "string",
"type": "string",
"version": "string"
},
"type": "vpngatewaysettings"
}
}' \
"https://${HOST}:${PORT}/api/fdm/v6/ravpns"from bravado.requests_client import RequestsClient
from bravado.client import SwaggerClient
def get_client(host, token):
http_client = RequestsClient()
http_client.ssl_verify = False
http_client.set_api_key(
host,
"Bearer {}".format(token),
param_name="Authorization",
param_in="header"
)
return SwaggerClient.from_url(
"https://{}/apispec/ngfw.json".format(host),
http_client=http_client,
config={
"validate_responses": False,
"validate_swagger_spec": False
}
)
def add_ra_vpn(client, body):
return client.RaVpn.addRaVpn(
body=body
).response().result
if __name__ == "__main__":
host = "ftd.example.com"
token = "access_token"
client = get_client(host, token)
body = {'anyconnectPackageFiles': [],
'dap': {'id': 'string',
'name': 'string',
'type': 'string',
'version': 'string'},
'externalBrowserPackage': {'id': 'string',
'name': 'string',
'type': 'string',
'version': 'string'},
'groupPolicies': [],
'name': 'string',
'type': 'ravpn',
'vpnGatewaySettings': {'bypassAccessControlForVPNTraffic': True,
'clientCACertificates': [],
'exemptNatRule': True,
'insideInterfaces': [],
'insideNetworks': [],
'outsideFqdn': 'string',
'outsideInterface': {'id': 'string',
'name': 'string',
'type': 'string',
'version': 'string'},
'port': 0,
'serverCertificate': {'id': 'string',
'name': 'string',
'type': 'string',
'version': 'string'},
'type': 'vpngatewaysettings'}}
add_ra_vpn(client, body)