cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1739
Views
5
Helpful
2
Replies

FMC REST API and VPN Remote Access objects

podvarka
Level 1
Level 1

Hello,

 

need to migrate ASA configuration to Firepower Management Center.

There is tool for migration, but it do not do some tasks - for instance client VPNs.

I have many group policies and it is terrible work to fill it in GUI. I found that REST API can be used for FMC configuration. I studied it some time, but I am not able to find iny VPN related objects in REST API.

Do anybody has experience with this and is able to confirm what I am affraid of - that FMC in current version does not support VPN objects via REST API ?

Or if so, where I can find it, please ?

 

Best regards,

 

Petr

 

 

1 Accepted Solution

Accepted Solutions

jarsmith
Cisco Employee
Cisco Employee

I have bad news and good news.  I went and checked the 7.1 release and under the policy section you will find:

 
 

7_1_ra_vpn.png

 

Under the object section you will find:

 

7_1_ra_vpn_objects.png

 

What you'll notice is these are all "GET" APIs so you can fetch the configuration but unfortunately it looks like it cannot be configured in 7.1

 

I did take a look at the pre-release code we have and it looks like we do have a "write" version of that API coming so stay tuned but I don't know of a way to automate it until that comes out.  I'll try to ping a person or two tomorrow and see if I can get a better answer but this is how it looks from what I can tell.

 

 

 

View solution in original post

2 Replies 2

jarsmith
Cisco Employee
Cisco Employee

I have bad news and good news.  I went and checked the 7.1 release and under the policy section you will find:

 
 

7_1_ra_vpn.png

 

Under the object section you will find:

 

7_1_ra_vpn_objects.png

 

What you'll notice is these are all "GET" APIs so you can fetch the configuration but unfortunately it looks like it cannot be configured in 7.1

 

I did take a look at the pre-release code we have and it looks like we do have a "write" version of that API coming so stay tuned but I don't know of a way to automate it until that comes out.  I'll try to ping a person or two tomorrow and see if I can get a better answer but this is how it looks from what I can tell.

 

 

 

@jarsmith wondering in recent version POST is available now  ? I need to reconfigure 50+ VPN Topology from one FMC to another