Create a new IP address on a specific interface

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Create a new IP address on a specific interface

L1 Bithead

I would like to create a new IP address on an interface with xml api. I tried different requests but no one worked.

I tried to use config set wiht the xpath which ended to 

[@name='interface']/ip and after &element=<ip><entry name="x.x.x.x/x"/></ip> and similar settings but the response is always '406 Not Acceptable'.

2 REPLIES 2

L4 Transporter

When using 'set', the element should not contain the end of the xpath (you don't need the <ip></ip> part of the element).  This is only needed when using 'edit'.

 

Also, you're missing the layer3 element in the xpath.

 

xpath should end with:   entry[@name='ethernet1/1']/layer3/ip

element should be:   <entry name='x.x.x.x/x'/>

 

So here are a few examples of setting an ip address on ethernet1/1 using the API:

 

With a browser:

  

https://<fw ip>/api?key=<apikey>&type=config&action=set&xpath=/config/devices/entry[@name='localhost.localdomain']/network/interface/ethernet/entry[@name='ethernet1/1']/layer3/ip&element=<entry name='5.5.5.5/24'/>

 

With pan-python:

 

pan-python is available here:  https://github.com/kevinsteves/pan-python

 

pan-python abstracts out much of the API into simple parameters on a command line or python script.  It also handles encoding and other 'under-the-hood' complexity for you.  On a linux CLI, with pan-python installed, you can make the same API call like this:

 

panxapi.py -h <fw ip> -K <apikey> -S "<entry name='5.5.5.5/24'/>" "/config/devices/entry/network/interface/ethernet/entry[@name='ethernet1/3']/layer3/ip"

 

With pandevice framework (python SDK):

 

pandevice is available here:  https://github.com/PaloAltoNetworks/pandevice

 

It's a python SDK that allows you to interact with the API at an object level.  No XPath or XML is required.  pandevice is also natively vsys and HA aware.

 

This example accomplishes the same thing, but using objects in python without XPaths or XML:

 

from pandevice import firewall, network
fw = firewall.Firewall("<fw ip>", "admin", "password")
fw.add(network.EthernetInterface("ethernet1/1", ip="5.5.5.5/24")).create()

 

The things are a bit more complicated but I didn't write all details. We use Panorama, and the interface is a subinterface of an aggregate interface. But I tried the similar way. The current request is:

 

/api/?type=config&action=set&key=myapikey&xpath=/config/devices/entry[@name='localhost.localdomain']/template/entry[@name='templatename']/config/devices/entry[@name='localhost.localdomain']/network/interface/aggregate-ethernet/entry[@name='ae6']/layer3/units/entry[@name='ae6.16']/ip&element=<entry name='10.20.30.40/24'/>

 

But I get 406 Not Acceptable

  • 2709 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!