Cisco ASA API

sdasgupta · ‎10-06-2017

Hi,

We want to integrate Cisco ASA with automation tool. Suppose if I want to add a acl in FW it will create rule through automated way without any human intervention. Is it possible to get API to integrate the automation tool.

Flavio Miranda · ‎10-06-2017

Hello,

Yeah, it is possible. Cisco allows for using RESTful API on ASA.

For physical appliances you need to download and install the client on flash. For virtual appliances it comes installed and it is necessary activate.

After prepared the environment, you can control your ASA programatibily via API.

You can read,write and delete configuration via HTTPS requests.

Here an example:

https://< asa management ipaddress >/api/objects/networkobjects

Body content type: application/json

Raw body of the operation:

{

"kind": "object#NetworkObj",

"name": "TestNetworkRangeObj",

"host": {

"kind": "IPv4Network",

"value": "12.12.12.0/24"

}

-If I helped you somehow, please, rate it as useful.-

Karsten Iwen · ‎10-06-2017

You can use the ASA REST-API for that:

https://www.networkworld.com/article/2921386/security0/digging-deeper-into-the-cisco-asa-firewall-rest-api.html

https://www.cisco.com/c/en/us/td/docs/security/asa/api/qsg-asa-api.html

https://www.cisco.com/c/dam/en/us/td/docs/security/asa/api/asapedia_rest_api_122.pdf

Cisco ASA API

[ASA] ASA REST API GUI のご紹介

Nexus Dashboard / Nexus Dashboard Service API Documentation のアクセス方法

Cisco Secure Client (旧称AnyConnect)とASAとの互換性等について

Cisco Modeling Labs : CML の API Documention の使用例

Cisco ACI: REST API による MO の作成方法