10-02-2023 03:11 AM
Hi i need to create GlopalProtect Gateway with xml api
there is the url i send
----------------------------------------------------------
https://{{url}}/api/?location=vsys&vsys=vsys1&name=new-gw&key={{key}}&type=config&action=set&xpath=/config/devices/entry[@name='localhost.localdomain']/vsys/entry[@name='vsys1']/global-protect/global-protect-gateway/entry[@name='new-gw']&element=<roles><entry name="default"><login-lifetime><days>30</days></login-lifetime><inactivity-logout>180</inactivity-logout></entry></roles><client-auth><entry name="local"><os>Any</os><authentication-profile>AP</authentication-profile><authentication-message>Enter login credentials</authentication-message><user-credential-or-client-cert-required>no</user-credential-or-client-cert-required><auto-retrieve-passcode>no</auto-retrieve-passcode><username-label>Username</username-label><password-label>Password</password-label></entry></client-auth><remote-user-tunnel-configs><entry name="new-gw"><split-tunneling><include-domains><list/></include-domains><exclude-domains><list/></exclude-domains><access-route/><exclude-access-route/><include-applications/><exclude-applications/></split-tunneling><authentication-override><generate-cookie>no</generate-cookie></authentication-override><source-address><ip-address/><region/></source-address><source-user><member>any</member></source-user><authentication-server-ip-pool/><ip-pool><member>10.10.10.10-10.10.10.20</member></ip-pool><os><member>any</member></os><retrieve-framed-ip-address>no</retrieve-framed-ip-address><no-direct-access-to-local-network>no</no-direct-access-to-local-network></entry></remote-user-tunnel-configs><ssl-tls-service-profile>ssl</ssl-tls-service-profile><tunnel-mode>yes</tunnel-mode><remote-user-tunnel>tunnel.9</remote-user-tunnel><ipsec><third-party-client><enable>no</enable></third-party-client></ipsec><local-address><interface>loopback.9</interface><ip><ipv4>{{ip}}</ipv4></ip></local-address>
----------------------------------------------------------
i got this response
10-02-2023 08:36 AM
Thanks all for your help I have found that for creating global protect gate way I need to call 2 xml apis not just one
10-02-2023 06:29 AM
Have you already created the tunnel interface prior to setting up the gateway? Have you tried setting this up in the CLI just to verify that you aren't actually running into issues with template values as the other error states?
10-02-2023 07:10 AM
@BPry
Thanks for your replay
yes i already had configured the tunnel.1
but i don't know how to create Gateway through CLI
if you know the commands to create one please help
10-02-2023 08:03 AM
Hi @eeldeen8951 ,
Your error message references tunnel.9, and you said tunnel.1 exists. Somewhere there is a typo.
Error code 13 means object not found. You can ignore the template suggestion for the most part. https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-panorama-api/get-started-with-the-pan-os-xml-api...
It looks like you meant to put tunnel.1 in your URL and object tunnel.9 is not found.
Thanks,
Tom
10-02-2023 08:36 AM
Thanks all for your help I have found that for creating global protect gate way I need to call 2 xml apis not just one
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
