SonicOS/X API Reference Guide
- About SonicOS API
- API Authentication
- API: Config - Pending
- API: Restart
- API: Address Objects – IPv4
- Endpoint
- Schema Structure
- Object: Address Object
- Collection: Address Object
- Schema Attributes
- address_object:
- address_objects:
- address_object.ipv4:
- address_object.ipv4.name:
- address_object.ipv4.uuid:
- address_object.ipv4.host:
- address_object.ipv4.host.ip:
- address_object.ipv4.range:
- address_object.ipv4.range.begin:
- address_object.ipv4.range.end:
- address_object.ipv4.network:
- address_object.ipv4.network.subnet:
- address_object.ipv4.network.mask:
- address_object.ipv4.zone:
- API: Address Objects – IPv6
- Endpoint
- Schema Structure
- Object: Address Object
- Collection: Address Objects
- Schema Attributes
- address_object:
- address_objects:
- address_object.ipv6:
- address_object.ipv6.name:
- address_object.ipv6.uuid:
- address_object.ipv6.host:
- address_object.ipv6.host.ip:
- address_object.ipv6.range:
- address_object.ipv6.range.begin:
- address_object.ipv6.range.end:
- address_object.ipv6.network:
- address_object.ipv6.network.subnet:
- address_object.ipv6.network.mask:
- address_object.ipv6.zone:
- API: Address Objects – MAC
- API: Address Objects – FQDN
- API: Address Groups — IPv4
- Endpoint
- Schema Structure
- Object: Address Group
- Collection: Address Group
- Schema Attributes
- address_group:
- address_groups:
- address_group.ipv4:
- address_group.ipv4.name:
- address_group.ipv4.uuid:
- address_group.ipv4.address_group:
- address_group.ipv4.address_group.ipv4:
- address_group.ipv4.address_object.ipv4.name:
- address_group.ipv4.address_object.mac:
- address_group.ipv4.address_object.mac.name:
- address_group.ipv4.address_object.fqdn:
- address_group.ipv4.address_object.fqdn.name:
- API: Address Groups — IPv6
- Endpoint
- Schema Structure
- Object: Address Group
- Collection: Address Group
- Schema Attributes
- address_group:
- address_groups:
- address_group.ipv6:
- address_group.ipv6.name:
- address_group.ipv6.uuid:
- address_group.ipv6.address_group:
- address_group.ipv6.address_group.ipv4:
- address_group.ipv6.address_group.ipv4.name:
- address_group.ipv6.address_group.ipv6:
- address_group.ipv6.address_group.ipv6.name:
- address_group.ipv6.address_object.mac:
- address_group.ipv6.address_object.mac.name:
- address_group.ipv6.address_object.fqdn:
- address_group.ipv6.address_object.fqdn.name:
- API: Schedule Objects
- Endpoint
- Schema Structure
- Object: Schedule
- Collection: Schedule
- Schema Attributes
- schedule:
- schedules:
- schedule.name:
- schedule.uuid:
- schedule.occurs:
- schedule.occurs.once:
- schedule.occurs.once.event:
- schedule.occurs.once.event.start:
- schedule.occurs.once.event.end:
- schedule.occurs.recurring:
- schedule.occurs.recurring.recurring:
- schedule.occurs.recurring.recurring.start:
- schedule.occurs.recurring.recurring.end:
- schedule.occurs.recurring.recurring.sun:
- schedule.occurs.recurring.recurring.mon:
- schedule.occurs.recurring.recurring.tue:
- schedule.occurs.recurring.recurring.wed:
- schedule.occurs.recurring.recurring.thu:
- schedule.occurs.recurring.recurring.fri:
- schedule.occurs.recurring.recurring.sat:
- schedule.occurs.mixed:
- schedule.occurs.mixed.event:
- schedule.occurs.mixed.event.start:
- schedule.occurs.mixed.event.end:
- schedule.occurs.mixed.recurring:
- schedule.occurs.mixed.recurring.start:
- schedule.occurs.mixed.recurring.end:
- schedule.occurs.mixed.recurring.sun:
- schedule.occurs.mixed.recurring.mon:
- schedule.occurs.mixed.recurring.tue:
- schedule.occurs.mixed.recurring.wed:
- schedule.occurs.mixed.recurring.thu:
- schedule.occurs.mixed.recurring.fri:
- schedule.occurs.mixed.recurring.sat:
- API: Service Objects
- Endpoint
- Schema Structure
- Object: Service Object
- Collection: Service Object
- Schema Attributes
- service_object:
- service_objects:
- service_object.name:
- service_object.uuid:
- service_object.custom:
- service_object.icmp:
- service_object.igmp:
- service_object.tcp:
- service_object.tcp.begin:
- service_object.tcp.end:
- service_object.udp:
- service_object.udp.begin:
- service_object.udp.end:
- service_object.gre:
- service_object.esp:
- service_object.6over4:
- service_object.ah:
- service_object.icmpv6:
- service_object.eigrp:
- service_object.ospf:
- service_object.pim:
- service_object.l2tp:
- service_object.ipcomp:
- API: Service Groups
- API: Zones
- Endpoint
- Schema Structure
- Object: Zone
- Collection: Zone
- Schema Attributes
- zone:
- zones:
- zone.name:
- zone.uuid:
- zone.security_type:
- zone.interface_trust:
- zone.auto_generate_access_rules:
- zone.auto_generate_access_rules.allow_from_to_equal:
- zone.auto_generate_access_rules.allow_from_higher:
- zone.auto_generate_access_rules.allow_to_lower:
- zone.auto_generate_access_rules.deny_from_lower:
- zone.client.content_filtering:
- zone.client:
- zone.client.anti_virus:
- zone.gateway_anti_virus:
- zone.intrusion_prevention:
- zone.app_control:
- zone.anti_spyware:
- zone.create_group_vpn:
- zone.ssl_control:
- zone.wireless:
- zone.sslvpn_access:
- zone.wireless.sslvpn_enforcement:
- zone.wireless.sslvpn_enforcement.server:
- zone.wireless.sslvpn_enforcement.server.name:
- zone.wireless.sslvpn_enforcement.server.host:
- zone.wireless.sslvpn_enforcement.service:
- zone.wireless.sslvpn_enforcement.service.name:
- zone.wireless.sslvpn_enforcement.service.protocol:
- zone.wireless.sslvpn_enforcement.service.protocol.name:
- zone.wireless.sslvpn_enforcement.service.protocol.begin:
- zone.wireless.sslvpn_enforcement.service.protocol.end:
- zone.wireless.wifi_sec_enforcement:
- zone.wireless.wifi_sec_enforcement.exception_service:
- zone.wireless.wifi_sec_enforcement.exception_service.name:
- zone.wireless.wifi_sec_enforcement.exception_service.protocol:
- zone.wireless.wifi_sec_enforcement.exception_service.protocol.name:
- zone.wireless.wifi_sec_enforcement.exception_service.protocol.begin:
- zone.wireless.wifi_sec_enforcement.exception_service.protocol.end:
- zone.wireless.wifi_sec_for_site_to_site_vpn:
- zone.wireless.trust_wpa_traffic_as_wifi_sec:
- zone.wireless.only_sonicpoint_traffic:
- zone.guest_services:
- zone.guest_services.inter_guest:
- zone.guest_services.bypass:
- zone.guest_services.bypass.client:
- zone.guest_services.bypass.client.anti_virus:
- zone.guest_services.bypass.client.content_filtering:
- zone.guest_services.external_auth:
- zone.guest_services.external_auth.client_redirect:
- zone.guest_services.external_auth.web_server:
- zone.guest_services.external_auth.web_server.protocol:
- zone.guest_services.external_auth.web_server.name:
- zone.guest_services.external_auth.web_server.port:
- zone.guest_services.external_auth.web_server.timeout:
- zone.guest_services.external_auth.message_auth:
- zone.guest_services.external_auth.message_auth.method:
- zone.guest_services.external_auth.message_auth.shared_secret:
- zone.guest_services.external_auth.message_auth.confirm_secret:
- zone.guest_services.external_auth.social_network:
- zone.guest_services.external_auth.social_network.facebook:
- zone.guest_services.external_auth.social_network.google:
- zone.guest_services.external_auth.social_network.twitter:
- zone.guest_services.external_auth.auth_pages:
- zone.guest_services.external_auth.auth_pages.login:
- zone.guest_services.external_auth.auth_pages.expiration:
- zone.guest_services.external_auth.auth_pages.timeout:
- zone.guest_services.external_auth.auth_pages.max_sessions:
- zone.guest_services.external_auth.auth_pages.traffic_exceeded:
- zone.guest_services.external_auth.web_content:
- zone.guest_services.external_auth.web_content.redirect:
- zone.guest_services.external_auth.web_content.redirect.use_default:
- zone.guest_services.external_auth.web_content.redirect.custom:
- zone.guest_services.external_auth.web_content.server_down:
- zone.guest_services.external_auth.web_content.server_down.use_default:
- zone.guest_services.external_auth.web_content.server_down.custom:
- zone.guest_services.external_auth.logout_expired:
- zone.guest_services.external_auth.logout_expired.every:
- zone.guest_services.external_auth.logout_expired.cgi:
- zone.guest_services.external_auth.status_check:
- zone.guest_services.external_auth.status_check.every:
- zone.guest_services.external_auth.status_check.cgi:
- zone.guest_services.external_auth.session_sync:
- zone.guest_services.external_auth.session_sync.every:
- zone.guest_services.external_auth.session_sync.cgi:
- zone.guest_services.policy_page_non_authentication:
- zone.guest_services.policy_page_non_authentication.guest_usage_policy:
- zone.guest_services.custom_auth_page:
- zone.guest_services.custom_auth_page.header:
- zone.guest_services.custom_auth_page.header.text:
- zone.guest_services.custom_auth_page.header.url:
- zone.guest_services.custom_auth_page.footer:
- zone.guest_services.custom_auth_page.footer.text:
- zone.guest_services.custom_auth_page.footer.url:
- zone.guest_services.post_auth:
- zone.guest_services.bypass_guest_auth:
- zone.guest_services.bypass_guest_auth.all:
- zone.guest_services.bypass_guest_auth.name:
- zone.guest_services.bypass_guest_auth.group:
- zone.guest_services.bypass_guest_auth.mac:
- zone.guest_services.smtp_redirect:
- zone.guest_services.smtp_redirect.name:
- zone.guest_services.smtp_redirect.host:
- zone.guest_services.deny_networks:
- zone.guest_services.deny_networks.name:
- zone.guest_services.deny_networks.group:
- zone.guest_services.deny_networks.mac:
- zone.guest_services.deny_networks.fqdn:
- zone.guest_services.deny_networks.host:
- zone.guest_services.deny_networks.range:
- zone.guest_services.deny_networks.range.begin:
- zone.guest_services.deny_networks.range.end:
- zone.guest_services.deny_networks.network:
- zone.guest_services.deny_networks.network.subnet:
- zone.guest_services.deny_networks.network.mask:
- zone.guest_services.deny_networks.ipv6:
- zone.guest_services.deny_networks.ipv6.host:
- zone.guest_services.deny_networks.ipv6.range:
- zone.guest_services.deny_networks.ipv6.range.begin:
- zone.guest_services.deny_networks.ipv6.range.end:
- zone.guest_services.deny_networks.ipv6.network:
- zone.guest_services.deny_networks.ipv6.network.subnet:
- zone.guest_services.deny_networks.ipv6.network.mask:
- zone.guest_services.pass_networks:
- zone.guest_services.pass_networks.name:
- zone.guest_services.pass_networks.group:
- zone.guest_services.pass_networks.mac:
- zone.guest_services.pass_networks.fqdn:
- zone.guest_services.pass_networks.host:
- zone.guest_services.pass_networks.range:
- zone.guest_services.pass_networks.range.begin:
- zone.guest_services.pass_networks.range.end:
- zone.guest_services.pass_networks.network:
- zone.guest_services.pass_networks.network.subnet:
- zone.guest_services.pass_networks.network.mask:
- zone.guest_services.pass_networks.ipv6:
- zone.guest_services.pass_networks.ipv6.host:
- zone.guest_services.pass_networks.ipv6.range:
- zone.guest_services.pass_networks.ipv6.range.begin:
- zone.guest_services.pass_networks.ipv6.range.end:
- zone.guest_services.pass_networks.ipv6.network:
- zone.guest_services.pass_networks.ipv6.network.subnet:
- zone.guest_services.pass_networks.ipv6.network.mask:
- zone.guest_services.max_guests:
- zone.guest_services.dynamic_address_translation:
- API: DNS
- Endpoint
- Schema Structure
- Object: DNS
- Schema Attributes
- dns:
- dns.server:
- dns.server.inherit:
- dns.server.static:
- dns.server.static.primary:
- dns.server.static.secondary:
- dns.server.static.tertiary:
- dns.server.ipv6:
- dns.server.ipv6.preferred:
- dns.server.ipv6.inherit:
- dns.server.ipv6.static:
- dns.server.ipv6.static.primary:
- dns.server.ipv6.static.secondary:
- dns.server.ipv6.static.tertiary:
- dns.rebinding:
- dns.rebinding.action:
- dns.rebinding.allowed_domains:
- dns.rebinding.allowed_domains.name:
- dns.rebinding.allowed_domains.group:
- dns.fqdn_binding:
- API: Interfaces – IPv4
- Endpoint
- Schema Structure
- Object: Interface – IPv4
- Collection: Interface – IPv4
- Schema Attributes
- interface:
- interfaces:
- interface.ipv4:
- interface.ipv4.name:
- interface.ipv4.comment:
- interface.ipv4.ip_assignment:
- interface.ipv4.ip_assignment.zone:
- interface.ipv4.ip_assignment.mode:
- interface.ipv4.ip_assignment.mode.static:
- interface.ipv4.ip_assignment.mode.static.ip:
- interface.ipv4.ip_assignment.mode.static.netmask:
- interface.ipv4.ip_assignment.mode.static.gateway:
- interface.ipv4.ip_assignment.mode.static.dns:
- interface.ipv4.ip_assignment.mode.static.dns.primary:
- interface.ipv4.ip_assignment.mode.static.dns.secondary:
- interface.ipv4.ip_assignment.mode.static.dns.tertiary:
- interface.ipv4.ip_assignment.mode.static.backup_ip:
- interface.ipv4.ip_assignment.mode.dhcp:
- interface.ipv4.ip_assignment.mode.dhcp.hostname:
- interface.ipv4.ip_assignment.mode.dhcp.renew_on_startup:
- interface.ipv4.ip_assignment.mode.dhcp.renew_on_link_up:
- interface.ipv4.ip_assignment.mode.dhcp.initiate_renewals_with_discover:
- interface.ipv4.ip_assignment.mode.dhcp.force_discover_interval:
- interface.ipv4.mtu:
- interface.ipv4.mac:
- interface.ipv4.mac.default:
- interface.ipv4.mac.override:
- interface.ipv4.link_speed:
- interface.ipv4.link_speed.auto_negotiate:
- interface.ipv4.link_speed.half:
- interface.ipv4.link_speed.full:
- interface.ipv4.management:
- interface.ipv4.management.http:
- interface.ipv4.management.https:
- interface.ipv4.management.ping:
- interface.ipv4.management.snmp:
- interface.ipv4.management.ssh:
- interface.ipv4.user_login:
- interface.ipv4.user_login.http:
- interface.ipv4.user_login.https:
- interface.ipv4.https_redirect:
- interface.ipv4.send_icmp_fragmentation:
- interface.ipv4.fragment_packets:
- interface.ipv4.ignore_df_bit:
- interface.ipv4.flow_reporting:
- interface.ipv4.multicast:
- interface.ipv4.cos_8021p:
- interface.ipv4.exclude_route:
- interface.ipv4.asymmetric_route:
- interface.ipv4.shutdown_port:
- interface.ipv4.default_8021p_cos:
- interface.ipv4.policy:
- interface.ipv4.sonicpoint:
- interface.ipv4.sonicpoint.limit:
- interface.ipv4.sonicpoint.reserve_address:
- interface.ipv4.sonicpoint.reserve_address.dynamic:
- interface.ipv4.sonicpoint.reserve_address.manual:
- API: NAT Policies – IPv4
- Endpoint
- Schema Structure
- Object: NAT Policies – IPv4
- Collection: NAT Policies – IPv4
- Schema Attributes
- nat_policy:
- nat_policies:
- nat_policy.ipv4:
- nat_policy.ipv4.inbound:
- nat_policy.ipv4.outbound:
- nat_policy.ipv4.source:
- nat_policy.ipv4.source.any:
- nat_policy.ipv4.source.name:
- nat_policy.ipv4.source.group:
- nat_policy.ipv4.translated_source:
- nat_policy.ipv4.translated_source.original:
- nat_policy.ipv4.translated_source.name:
- nat_policy.ipv4.translated_source.group:
- nat_policy.ipv4.destination:
- nat_policy.ipv4.destination.any:
- nat_policy.ipv4.destination.name:
- nat_policy.ipv4.destination.group:
- nat_policy.ipv4.translated_destination:
- nat_policy.ipv4.translated_destination.original:
- nat_policy.ipv4.translated_destination.name:
- nat_policy.ipv4.translated_destination.group:
- nat_policy.ipv4.service:
- nat_policy.ipv4.service.any:
- nat_policy.ipv4.service.name:
- nat_policy.ipv4.service.group:
- nat_policy.ipv4.translated_service:
- nat_policy.ipv4.translated_service.original:
- nat_policy.ipv4.translated_service.name:
- nat_policy.ipv4.translated_service.group:
- nat_policy.ipv4.uuid:
- nat_policy.ipv4.name:
- nat_policy.ipv4.enable:
- nat_policy.ipv4.comment:
- nat_policy.ipv4.priority:
- nat_policy.ipv4.priority.auto:
- nat_policy.ipv4.priority.manual:
- nat_policy.ipv4.reflexive:
- nat_policy.ipv4.virtual_group:
- nat_policy.ipv4.virtual_group.any:
- nat_policy.ipv4.virtual_group.id:
- nat_policy.ipv4.nat_method:
- nat_policy.ipv4.source_port_remap:
- nat_policy.ipv4.high_availability:
- nat_policy.ipv4.high_availability.probing:
- nat_policy.ipv4.high_availability.probing.probe_every:
- nat_policy.ipv4.high_availability.probing.probe_type:
- nat_policy.ipv4.high_availability.probing.probe_type.icmp_ping:
- nat_policy.ipv4.high_availability.probing.probe_type.tcp:
- nat_policy.ipv4.high_availability.probing.reply_timeout:
- nat_policy.ipv4.high_availability.probing.deactivate_after:
- nat_policy.ipv4.high_availability.probing.reactivate_after:
- nat_policy.ipv4.high_availability.probing.port_probing:
- nat_policy.ipv4.high_availability.probing.rst_as_miss:
- API: NAT Policies – IPv6
- Endpoint
- Schema Structure
- Object: NAT Policies – IPv6
- Schema Attributes
- nat_policy:
- nat_policies:
- nat_policy.ipv6:
- nat_policy.ipv6.inbound:
- nat_policy.ipv6.outbound:
- nat_policy.ipv6.source:
- nat_policy.ipv6.source.any:
- nat_policy.ipv6.source.name:
- nat_policy.ipv6.source.group:
- nat_policy.ipv6.translated_source:
- nat_policy.ipv6.translated_source.original:
- nat_policy.ipv6.translated_source.name:
- nat_policy.ipv6.translated_source.group:
- nat_policy.ipv6.destination:
- nat_policy.ipv6.destination.any:
- nat_policy.ipv6.destination.name:
- nat_policy.ipv6.destination.group:
- nat_policy.ipv6.translated_destination:
- nat_policy.ipv6.translated_destination.original:
- nat_policy.ipv6.translated_destination.name:
- nat_policy.ipv6.translated_destination.group:
- nat_policy.ipv6.service.any:
- nat_policy.ipv6.service.name:
- nat_policy.ipv6.service.group:
- nat_policy.ipv6.translated_service:
- nat_policy.ipv6.translated_service.original:
- nat_policy.ipv6.translated_service.name:
- nat_policy.ipv6.translated_service.group:
- nat_policy.ipv6.uuid:
- nat_policy.ipv6.name:
- nat_policy.ipv6.enable:
- nat_policy.ipv6.comment:
- nat_policy.ipv6.priority:
- nat_policy.ipv6.priority.auto:
- nat_policy.ipv6.priority.manual:
- nat_policy.ipv6.reflexive:
- nat_policy.ipv6.virtual_group:
- nat_policy.ipv6.virtual_group.any:
- nat_policy.ipv6.virtual_group.id:
- API: NAT Policies – NAT64
- Endpoint
- Schema Structure
- Object: NAT Policies – NAT64
- Collection: NAT Policies – NAT64
- Schema Attributes
- nat_policy:
- nat_policies:
- nat_policy.nat64:
- nat_policy.nat64.inbound:
- nat_policy.nat64.outbound:
- nat_policy.nat64.source:
- nat_policy.nat64.source.any:
- nat_policy.nat64.source.name:
- nat_policy.nat64.source.group:
- nat_policy.nat64.translated_source:
- nat_policy.nat64.translated_source.original:
- nat_policy.nat64.translated_source.name:
- nat_policy.nat64.translated_source.group:
- nat_policy.nat64.pref64:
- nat_policy.nat64.pref64.any:
- nat_policy.nat64.pref64.name:
- nat_policy.nat64.pref64.group:
- nat_policy.nat64.translated_destination:
- nat_policy.nat64.translated_destination.embedded_ipv4_address:
- nat_policy.nat64.service:
- nat_policy.nat64.service.icmp_udp_tcp:
- nat_policy.nat64.translated_service:
- nat_policy.nat64.translated_service.original:
- nat_policy.nat64.uuid:
- nat_policy.nat64.name:
- nat_policy.nat64.enable:
- nat_policy.nat64.comment:
- API: Access Rules – IPv4
- Endpoint
- Schema Structure
- Object: Access Rules – IPv4
- Collection: Access Rules – IPv4
- Schema Attributes
- access_rule:
- access_rules:
- access_rule.ipv4:
- access_rule.ipv4.from:
- access_rule.ipv4.to:
- access_rule.ipv4.action:
- access_rule.ipv4.source:
- access_rule.ipv4.source.address:
- access_rule.ipv4.source.address.any:
- access_rule.ipv4.source.address.name:
- access_rule.ipv4.source.address.group:
- access_rule.ipv4.source.port:
- access_rule.ipv4.source.port.any:
- access_rule.ipv4.source.port.name:
- access_rule.ipv4.source.port.group:
- access_rule.ipv4.service:
- access_rule.ipv4.service.any:
- access_rule.ipv4.service.name:
- access_rule.ipv4.service.group:
- access_rule.ipv4.destination:
- access_rule.ipv4.destination.address:
- access_rule.ipv4.destination.address.any:
- access_rule.ipv4.destination.address.name:
- access_rule.ipv4.destination.address.group:
- access_rule.ipv4.schedule:
- access_rule.ipv4.schedule.always_on:
- access_rule.ipv4.schedule.name:
- access_rule.ipv4.users:
- access_rule.ipv4.users.included:
- access_rule.ipv4.users.included.all:
- access_rule.ipv4.users.included.guests:
- access_rule.ipv4.users.included.administrator:
- access_rule.ipv4.users.included.name:
- access_rule.ipv4.users.included.group:
- access_rule.ipv4.users.excluded:
- access_rule.ipv4.users.excluded.none:
- access_rule.ipv4.users.excluded.guests:
- access_rule.ipv4.users.excluded.administrator:
- access_rule.ipv4.users.excluded.name:
- access_rule.ipv4.users.excluded.group:
- access_rule.ipv4.uuid:
- access_rule.ipv4.name:
- access_rule.ipv4.comment:
- access_rule.ipv4.enable:
- access_rule.ipv4.reflexive:
- access_rule.ipv4.max_connections:
- access_rule.ipv4.logging:
- access_rule.ipv4.management:
- access_rule.ipv4.packet_monitoring:
- access_rule.ipv4.priority:
- access_rule.ipv4.priority.auto:
- access_rule.ipv4.priority.manual:
- access_rule.ipv4.tcp:
- access_rule.ipv4.tcp.timeout:
- access_rule.ipv4.udp:
- access_rule.ipv4.udp.timeout:
- access_rule.ipv4.fragments:
- access_rule.ipv4.botnet_filter:
- access_rule.ipv4.connection_limit:
- access_rule.ipv4.connection_limit.destination:
- access_rule.ipv4.connection_limit.destination.threshold:
- access_rule.ipv4.connection_limit.source:
- access_rule.ipv4.connection_limit.source.threshold:
- access_rule.ipv4.flow_reporting:
- access_rule.ipv4.geo_ip_filter:
- access_rule.ipv4.single_sign_on:
- access_rule.ipv4.cos_override:
- access_rule.ipv4.quality_of_service:
- access_rule.ipv4.quality_of_service.class_of_service:
- access_rule.ipv4.quality_of_service.class_of_service.explicit:
- access_rule.ipv4.quality_of_service.class_of_service.map:
- access_rule.ipv4.quality_of_service.class_of_service.preserve:
- access_rule.ipv4.quality_of_service.dscp:
- access_rule.ipv4.quality_of_service.dscp.explicit:
- access_rule.ipv4.quality_of_service.dscp.map:
- access_rule.ipv4.quality_of_service.dscp.preserve:
- API: Access Rules – IPv6
- Endpoint
- Schema Structure
- Object: Access Rules – IPv6
- Collection: Access Rules – IPv6
- Schema Attributes
- access_rule:
- access_rules:
- access_rule.ipv6:
- access_rule.ipv6.from:
- access_rule.ipv6.to:
- access_rule.ipv6.action:
- access_rule.ipv6.source:
- access_rule.ipv6.source.address:
- access_rule.ipv6.source.address.any:
- access_rule.ipv6.source.address.name:
- access_rule.ipv6.source.address.group:
- access_rule.ipv6.source.port:
- access_rule.ipv6.source.port.any:
- access_rule.ipv6.source.port.name:
- access_rule.ipv6.source.port.group:
- access_rule.ipv6.service:
- access_rule.ipv6.service.any:
- access_rule.ipv6.service.name:
- access_rule.ipv6.destination:
- access_rule.ipv6.destination.address:
- access_rule.ipv6.destination.address.any:
- access_rule.ipv6.destination.address.name:
- access_rule.ipv6.destination.address.group:
- access_rule.ipv6.schedule:
- access_rule.ipv6.schedule.always_on:
- access_rule.ipv6.schedule.name:
- access_rule.ipv6.users:
- access_rule.ipv6.users.included:
- access_rule.ipv4.users.included.all:
- access_rule.ipv6.users.included.guests:
- access_rule.ipv6.users.included.administrator:
- access_rule.ipv6.users.included.name:
- access_rule.ipv6.users.included.group:
- access_rule.ipv6.users.excluded:
- access_rule.ipv6.users.excluded.none:
- access_rule.ipv6.users.excluded.guests:
- access_rule.ipv6.users.excluded.administrator:
- access_rule.ipv6.users.excluded.name:
- access_rule.ipv6.users.excluded.group:
- access_rule.ipv6.uuid:
- access_rule.ipv6.name:
- access_rule.ipv6.comment:
- access_rule.ipv6.enable:
- access_rule.ipv6.reflexive:
- access_rule.ipv6.max_connections:
- access_rule.ipv6.logging:
- access_rule.ipv6.management:
- access_rule.ipv6.packet_monitoring:
- access_rule.ipv6.priority:
- access_rule.ipv6.priority.auto:
- access_rule.ipv6.priority.manual:
- access_rule.ipv6.tcp:
- access_rule.ipv6.tcp.timeout:
- access_rule.ipv6.udp:
- access_rule.ipv6.udp.timeout:
- access_rule.ipv6.fragments:
- access_rule.ipv6.botnet_filter:
- access_rule.ipv6.connection_limit:
- access_rule.ipv6.connection_limit.destination:
- access_rule.ipv6.connection_limit.destination.threshold:
- access_rule.ipv6.connection_limit.source:
- access_rule.ipv6.connection_limit.source.threshold:
- access_rule.ipv6.flow_reporting:
- access_rule.ipv6.geo_ip_filter:
- access_rule.ipv6.single_sign_on:
- access_rule.ipv6.cos_override:
- access_rule.ipv6.quality_of_service:
- access_rule.ipv6.quality_of_service.class_of_service:
- access_rule.ipv6.quality_of_service.class_of_service.explicit:
- access_rule.ipv6.quality_of_service.class_of_service.map:
- access_rule.ipv6.quality_of_service.class_of_service.preserve:
- access_rule.ipv6.quality_of_service.dscp:
- access_rule.ipv6.quality_of_service.dscp.explicit:
- access_rule.ipv6.quality_of_service.dscp.map:
- access_rule.ipv6.quality_of_service.dscp.preserve:
- API: Route Policies – IPv4
- Endpoint
- Schema Structure
- Object: Route Policies – IPv4
- Collection: Route Policies – IPv4
- Schema Attributes
- route_policy:
- route_policies:
- route_policy.ipv4:
- route_policy.ipv4.interface:
- route_policy.ipv4.metric:
- route_policy.ipv4.source:
- route_policy.ipv4.source.any:
- route_policy.ipv4.source.name:
- route_policy.ipv4.source.group:
- route_policy.ipv4.destination:
- route_policy.ipv4.destination.any:
- route_policy.ipv4.destination.name:
- route_policy.ipv4.destination.group:
- route_policy.ipv4.service:
- route_policy.ipv4.service.any:
- route_policy.ipv4.service.name:
- route_policy.ipv4.service.group:
- route_policy.ipv4.gateway:
- route_policy.ipv4.gateway.default:
- route_policy.ipv4.gateway.name:
- route_policy.ipv4.gateway.host:
- route_policy.ipv4.uuid:
- route_policy.ipv4.name:
- route_policy.ipv4.disable_on_interface_down:
- route_policy.ipv4.vpn_precedence:
- route_policy.ipv4.auto_add_access_rules:
- route_policy.ipv4.probe:
- route_policy.ipv4.disable_when_probes_succeed:
- route_policy.ipv4.default_probe_state_up:
- route_policy.ipv4.comment:
- route_policy.ipv4.tcp_acceleration:
- route_policy.ipv4.wxa_group:
- API: Route Policies – IPv6
- Endpoint
- Schema Structure
- Object: Route Policies – IPv6
- Collection: Route Policies – IPv6
- Schema Attributes
- route_policy:
- route_policies:
- route_policy.ipv6:
- route_policy.ipv6.interface:
- route_policy.ipv6.metric:
- route_policy.ipv6.source:
- route_policy.ipv6.source.any:
- route_policy.ipv6.destination.name:
- route_policy.ipv6.destination.group:
- route_policy.ipv6.service:
- route_policy.ipv6.service.any:
- route_policy.ipv6.service.name:
- route_policy.ipv6.service.group:
- route_policy.ipv6.gateway:
- route_policy.ipv6.gateway.default:
- route_policy.ipv6.gateway.name:
- route_policy.ipv6.gateway.host:
- route_policy.ipv6.uuid:
- route_policy.ipv6.name:
- route_policy.ipv6.disable_on_interface_down:
- route_policy.ipv6.vpn_precedence:
- route_policy.ipv6.auto_add_access_rules:
- route_policy.ipv6.probe:
- route_policy.ipv6.disable_when_probes_succeed:
- route_policy.ipv6.default_probe_state_up:
- SonicWall Support
Challenge-Handshake Authentication (CHAP)
SonicOS API supports a CHAP authentication scheme, which is generally less secure than the more modern RFC-7616 HTTP Digest scheme, but could be useful, particularly if using RADIUS for the back-end authentication with remote user accounts
Clients must first perform a CHAP challenge initiate request by invoking a call to GET /api/sonicos/auth:
HTTP/1.0 200 OK
Server: SonicWALL
Content-type: application/json; charset=UTF-8
{
"id": "{string}",
"challenge": "{string}"
}
| id: | Type: | string (hexadecimal number) |
| Description: | CHAP ID | |
| Example: | 0b
|
|
| challenge: | Type: | string (hexadecimal #) |
| Description: | Hexadecimal-formatted, randomly generated number | |
| Example: | EA7F57F37595B6891C222EF284C05D84
|
Clients must then generate a one-way hash (CHAP digest) using the user's credentials and the parameters returned via the initiate request. For information on how to calculate the digest see RFC-1994.
When the CHAP digest is generated, it is packaged up via a JSON-formatted request to
POST /api/sonicos/auth:
{
"override": {boolean},
"id": "{string}",
"user": "{string}",
"digest": "{string}"
}
| override: | Type: | boolean |
| Description: | Boolean flag that if true will allow the API session to override an admin currently logged in. | |
| Default: | false | |
| Example: | true
|
|
| id: | Type: | string (hexadecimal number) |
| Description: | CHAP ID. | |
| Example: | 0b
|
|
| user: | Type: | string |
| Description: | Username. | |
| Example: | admin
|
|
| digest: | Type: | string |
| Description: | CHAP digest. | |
| Example: | D96E46E27497B6891C222EF284C05D84
|
Was This Article Helpful?
Help us to improve our support portal