Use the local REST API to configure the IX20 device
Your IX20 device includes a REST API that can be used to return information about the device's configuration and to make modifications to the configuration. You can view the REST API specification from your web browser by opening the URL:
https://ip-address/cgi-bin/config.cgi
For example:
https://192.168.210.1/cgi-bin/config.cgi
Use the GET method to return device configuration information
To return device configuration, issue the GET method. For example, using curl:
$ curl -k -u admin https://ip-address/cgi-bin/config.cgi/value/path -X GET
where:
-
ip-address is the IP address of the IX20 device.
-
path is the path location in the configuration for the information being returned.
To determine allowed values for path from the Admin CLI:
- Select the device in Remote Manager and click Actions > Open Console, or log into the IX20 local command line as a user with full Admin access rights.
Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
- At the command line, type config to enter configuration mode:
> config (config)>
-
At the config prompt, type ? (question mark):
(config)> ? auth Authentication cloud Central management firewall Firewall monitoring Monitoring network Network serial Serial service Services system System vpn VPN (config)>
The allowed values for path are listed in the first (left) column.
- To determine further allowed path location values by using the ? (question mark) with the path name:
(config> service ? Services Additional Configuration ------------------------------------------------------------------------------- dns DNS iperf IPerf location Location mdns Service Discovery (mDNS) modbus_gateway Modbus Gateway multicast Multicast ntp NTP ping Ping responder snmp SNMP ssh SSH telnet Telnet web_admin Web administration (config)> service
- Select the device in Remote Manager and click Actions > Open Console, or log into the IX20 local command line as a user with full Admin access rights.
For example, to use curl to return the ssh configuration:
$ curl -k -u admin https://192.168.210.1/cgi-bin/config.cgi/value/service/ssh -X GET
Enter host password for user 'admin':
{
ok": true,
"result": {
"type": "object",
"path": "service.ssh"
, "collapsed": {
"acl.zone.0": "internal"
,
"acl.zone.1": "edge"
,
"acl.zone.2": "ipsec"
,
"acl.zone.3": "setup"
,
"enable": "true"
,
"key": ""
,
"mdns.enable": "true"
,
"mdns.name": ""
,
"mdns.type": "_ssh._tcp."
,
"port": "22"
,
"protocol.0": "tcp"
}
}
}
$
You can also use the GET method to return the configuration parameters associated with an item:
curl -k -u admin https://192.168.210.1/cgi-bin/config.cgi/keys/service/ssh -X GET
Enter host password for user 'admin':
{ "ok": true, "result": [ "acl", "custom", "enable", "key", "mdns", "port", "protocol" ] }
$
Use the POST method to modify device configuration parameters and list arrays
Use the POST method to modify device configuration parameters
To modify configuration parameters, use the POST method with the path and value parameters.
$ curl -k -u admin "https://ip-address/cgi-bin/config.cgi/value?path=path&value=new_value" -X POST
where:
-
path is the path to the configuration parameter, in dot notation (for example, ssh.service.enable).
-
new_value is the new value for the parameter.
For example, to disable the ssh service using curl:
$ curl -k -u admin "https://192.168.210.1/cgi-bin/config.cgi/value?path=service.ssh.enable&value=false" -X POST
Enter host password for user 'admin':
{ "ok": true }
$
Use the POST method to add items to a list array
To add items to a list array, use the POST method with the path and append parameters. For example, to add the external firewall zone to the ssh service:
$ curl -k -u admin "https://192.168.210.1/cgi-bin/config.cgi/value?path=service.ssh.acl.zone&append=true&value=external" -X POST
Enter host password for user 'admin':
{ "ok": true, "result": "service.ssh.acl.zone.4" }
$
Use the POST method to add objects to a list array
Objects in an array that require one or more underlying values can be set using the collapsed URI parameter. We recommend including the -g option as well, to instruct curl to turn off globbing. The below example would add a new static route for the WAN interface for the 1.2.4.0/24 destination network:
$ curl -g -k -u admin "https://192.168.210.1/cgi-bin/config.cgi/value?path=network.route.static&append=true&collapsed[dst]=1.2.4.0/24&collapsed[interface]=/network/interface/wan" -X POST
Enter host password for user 'admin':
{ "ok": true, "result": "network.route.static.1" }
$
Use the DELETE method to remove items from a list array
To remove items from a list array, use the DELETE method. For example, using curl:
$ curl -k -u admin "https://192.168.210.1/cgi-bin/config.cgi/value?path=path
where path is the path to the list item, including the list number, in dot notation (for example, service.ssh.acl.zone.4).
For example, to remove the external firewall zone to the ssh service:
-
Use the GET method to determine the SSH service's list number for the external zone:
$ curl -k -u admin "https://192.168.210.1/cgi-bin/config.cgi/value?path=service/ssh/acl/zone -X GET { "ok": true, "result": { "type": "array", "path": "service.ssh.acl.zone" , "collapsed": { "0": "internal" , "1": "edge" , "2": "ipsec" , "3": "setup" , "4": "external" } } } $ -
Use the DELETE method to remove the external zone (list item 4).
$ curl -k -u admin https://192.168.210.1/cgi-bin/config.cgi/value?path=service.ssh.acl.zone.4 -X DELETE Enter host password for user 'admin': { "ok": true } $
PDF
