cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
630
Views
0
Helpful
1
Replies
alconstantinoga1
Beginner

FMC API unable to add access rule via Ansible

Hello,

 

I am having some issues while working with FMC API. The current API version is FMC Version: 6.4.0.7 (build 53). What I am trying to achieve is to add a new rule to an existing Access Policy object via Ansible using the API. However, it´s not very clear in the api-explorer of the FMC how to add Source Address, port numbers and other bit a pieces that I need to specify to configure the "specific" rule.

 

As an example, I will need to enter the following rule:

 

- Source: 10.10.10.0/24

- Destination: any in UDP port 53.

Then permit the above rule.

 

Note: I don´t have any problems with Ansible connectivity to the Firewall or converting YAML to JSON, is just a matter of not having enough details to structure and implement this rule above in JSON format.

 

I did this below and it worked, however it fails when I use the field "sourceNetworks" at the bottom line.

 

/api/v1/fmc_config/domain/{{domainuuid}}/policy/accesspolicies/{{containeruuid}}/accessrules

 

body:
    action: "ALLOW"
    enabled: false
    type: "AccessRule"
    name: "ansible_test1"
    sendEventsToFMC: true
    logFiles: true
    logBegin: true
    logEnd: true

 

   sourceNetworks:
        type: "10.30.7.0/24"

 

Any help will be really appreciated!

Thanks!

Alvaro

1 REPLY 1
amotolani
Beginner

Hello @alconstantinoga1 ,

 

You can try using the ansible collection we built for the fmc.

Its available on ansible galaxy. https://galaxy.ansible.com/amotolani/cisco_fmc

Hope it helps.

Create
Recognize Your Peers
Content for Community-Ad