Buy or Renew
Buy or Renew
Meraki Community is live! Welcome Meraki Members! Learn more here.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4428
Views
1
Helpful
4
Replies

L3 Firewall Update API automatically converting IP to CIDR

Go to solution
Craiegg
Community Member

‎01-18-2021 05:05 PM

Hello all,

I am trying to update the L3 Firewall rules of a particular network via API for testing purposes, however whenever I enter the IP address I want in the Source and Destination it gets automatically converted to IP/subnet.

I have tested it with both v0 and v1 using Postman. Attaching the screenshot reference and the JSON data being passed to the API below. Do I need to switch the key from srcCidr to srcAddr and destCidr to destAddr? Any suggestions would be appreciated

image.png

"rules": [
{
"comment": "Default rule",
"policy": "allow",
"protocol": "Any",
"srcPort": "Any",
"srcCidr": "Any",
"destPort": "Any",
"destCidr": "Any",
"syslogEnabled": false
},
{
"comment": "Testing rule",
"policy": "allow",
"protocol": "Any",
"srcPort": "Any",
"srcCidr": "192.168.128.56",
"destPort": "Any",
"destCidr": "2.2.2.9",
"syslogEnabled": false
}
]
}
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
bmehta2
Cisco Employee
Cisco Employee

‎01-18-2021 08:58 PM

Hello @Craiegg
In the dashboard configuration it does take only IP without subnet details. If on API it doesn't take only IP as an option the I believe this issue can be reported. However, for more information how does it converting to IP/subnet affecting your creating an issue. Thanks in advance.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
bmehta2
Cisco Employee
Cisco Employee

‎01-18-2021 08:58 PM

Hello @Craiegg
In the dashboard configuration it does take only IP without subnet details. If on API it doesn't take only IP as an option the I believe this issue can be reported. However, for more information how does it converting to IP/subnet affecting your creating an issue. Thanks in advance.

0 Helpful

Go to solution
Craiegg
Community Member
In response to bmehta2

‎01-19-2021 04:35 PM

Hello @bmehta2 , @Philip D'Ath, @BRUCE NEWTON

Thank you for all your responses and suggestions.

Yes, there is no issue with the subnet being added. I was actually wondering if there was a change in the API, as when I used it last month, it took the IP address as is without conversion ( hence the query here ) .

However, I agree with all your suggestions of it not affecting anything if the subnet being added.

@bmehta2 I will report this issue as it does not take only IP and always converts to subnet.

Thanks everyone.
Cheers,
Craig.

0 Helpful

Go to solution
BRUCE NEWTON
Level 11
Level 11

‎01-18-2021 10:06 PM

I may be completely off track here, but if you're trying to specify a host for those two fields have you tried using the 'subnet mask' of /32, (i.e. 255.255.255.255), which is generally used to specify a host. For example, "srcCidr": "192.168.128.56/32" and "destCidr": "2.2.2.9/32".

Go to solution
Philip D'Ath
Meraki Community All-Star
Meraki Community All-Star

‎01-19-2021 01:47 PM

192.168.128.56 and 192.168.128.56/32 are exactly the same thing. /32 means it is a host IP address.

0 Helpful
Customers Also Viewed These Support Documents