cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Cisco Community Designated VIP Class of 2020

991
Views
15
Helpful
9
Replies
Beginner

API VPN Configurations

Are there any plans to allow VPN tunnel creation through the API?  I can't find anything on this subject but have a bulk of VPNs to migrate from ASA.  They weren't brought over using the FTD migration tool.

 

 

9 REPLIES 9
Beginner

Re: API VPN Configurations

I was looking for this feature too. So far, I haven't seen any mention if or when it might appear. I ended up spending many, many hours manually inputing L2L configurations.
Hall of Fame Guru

Re: API VPN Configurations

FTD and FMC 6.2.3 added several API POST features but unfortunately not the ones needed for site-site VPN configuration.

 

We expect release 6.3 (~Fall 2018) will have a lot more API-based configuration options, including site-site VPN.

Beginner

Re: API VPN Configurations

It has been a while since he last post. Any updates if L2L VPN functionality was added to the API in version 6.3?

RJI Advisor
Advisor

Re: API VPN Configurations

Hi,

Yes, as per the 6.3 release notes

 

The FMC REST API supports new objects for site-to-site VPN topology and HA device failover.

New objects for site-to-site VPN topology: ftds2svpns, endpoints, ipsecsettings, advancedsettings, ikesettings, ikev1ipsecproposals, ikev1policies, ikev2ipsecproposals, ikev2policies

 

HTH

Beginner

Re: API VPN Configurations

Great! Thanks for the quick reply

Beginner

Re: API VPN Configurations

Are there any examples/resources out there for importing s2s VPNs? Everything I'm finding is related to objects, which are relatively simple to do.

Beginner

Re: API VPN Configurations

Can someone give us an example of how to do the script because the example in the API Spec do just give "string" as an example so maybe you could supply us with something more useful.. just a thought :-).

Hall of Fame Guru

Re: API VPN Configurations

The Firepower Migration Tool v2 (due out in the next month or so) will include VPN migration.

Highlighted
Beginner

Re: API VPN Configurations

Great, thank you :-) because I have an ASA with about 350 L2L tunnels and if I have to configure them via the GUI it'll take me many many many hours. For that reason, I haven't migrated to FTD yet.
CreatePlease to create content
Content for Community-Ad
FusionCharts will render here