I am trying to automate blocking GlobalProtect clients via API calls. Our firewall is running PanOS 9.1.15-h1 and is controlled by a onsite Panorama instance on 10.1.8-h2. Due to the version mismatch GlobalProtect device blocks must be implemented directly on the firewall because the blocking mechanism for GlobalProtect clients changed between PanOS 9 and 10. I know that it is possible to disconnect a GlobalProtect session via the API, but if the device is not blocked they can just reconnect. Where I am stuck is finding an API call that corresponds to the Network -> GlobalProtect -> Device Block List category in PanOS 9. I have the suspicion that this functionality might not be exposed by the API in this version of PanOS, but I wanted to ask to see if anyone has had success with this or can confirm that the functionality is not exposed.
... View more