Solved: Create l3 firewall Rules?

nalbacas · ‎02-28-2023

Is there a way to create L3 firewall rules using API?

I am trying to migrate one Checkpoint FW to a Meraki MX, and I have a CSV file with the firewall rules.

The documentation only shows GET and Update firewall rules

Any idea?

aleabrahao · ‎02-28-2023

The only way is to do a GET to a file, edit it by adding the new rule and then perform the PUT, that is, there is no other way.

I am not a Cisco employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

View solution in original post

aleabrahao · ‎02-28-2023

The only way is to do a GET to a file, edit it by adding the new rule and then perform the PUT, that is, there is no other way.

I am not a Cisco employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

ByronZ · ‎02-28-2023

You will have to convert the existing firewall rule from your csv into json format and use the API's update PUT operation to apply the firewall rules. If you are not sure what fields are needed in the json file, you can find one by doing a GET to retrieve it from the MX.

frankvdveen · ‎03-01-2023

Hi as mentioned get the current rules, add your own and update:

In python that will be something like this:
l3Settings = dashboard.appliance.getNetworkApplianceFirewallL3FirewallRules(<network_id>)
# print (l3Settings['rules']) <-- add your rules

# Update:
response = dashboard.appliance.updateNetworkApplianceFirewallL3FirewallRules(<network_id>, rules=l3Settings['rules'])

sungod · ‎03-01-2023

There's an example script that may help you (it uses the Meraki Python library)...

https://developer.cisco.com/codeexchange/github/repo/CiscoSE/AddMerakiMXL3FirewallRuleToNetworks#usecase

https://github.com/CiscoSE/AddMerakiMXL3FirewallRuleToNetworks