Search code examples
ibm-cloud-infrastructure

Can't see the type of the Multi-Vlan Firewall in Softlayer via Softlayer Rest Api

When we order a Multi-Vlan Firewall we select the type of the Firewall it is and the addon configurations. I need to know the type of the device a MultiVlan Firewall is ie. Fortigate Security Appliance or anything else. I don't get this from the api to list the Multi-Vlan Firewalls in my account. This is the api that i use to get the Multi-Vlan Firewalls in my account.

https://api.softlayer.com/rest/v3/SoftLayer_Account/getNetworkGateways?objectMask=mask[id,name,networkFirewall[id,customerManagedFlag,datacenter.name],publicIpAddress.ipAddress,publicVlan[id,primaryRouter.hostname],privateIpAddress.ipAddress,insideVlans[id],memberCount,status.keyName]

But I don't see the type of the firewall and the add on configuration that i have ordered with the firewall while getting the list of firewalls. Please tell me which api I should use for this purpose?

Solution

  • This seems to be managed by the control portal which uses the API response to define the type displayed through it in the Firewall List (i.e.: "FortiGate Security Appliance" and "Dedicated Firewall" types, both Single FortiGate Security Appliance and High Availability FortiGate Security Appliance respectively when they are being ordered).

    The api call provided is ok, but the type of the Firewall list mentioned above and that you can see in the UI is going to be defined by the property "customerManagedFlag", when this is "true" then it will be a FortiGate FW, and the difference between FortiGate and Dedicated Firewall types will be defined by the memberCount property which states that memberCount = 1 means "Standalone" and memberCount > 1 means "High Availability".

    In the Api response compare your MultiVlan Firewalls against the others and verify their properties for those mentioned previously.

    For example see below: - FortiGate:

    {
    "id": 8888888,
    "name": "multiVlanFW",
    "memberCount": 1,
    "insideVlans": [],
    "networkFirewall": {
        "customerManagedFlag": true,
        "id": 12345,
        "datacenter": {
            "name": "dal10"
        }
    },
......

    High Availability FortiGate:

    {
    "id": 999999,
    "name": "multiVlanFWwithHA",
    "memberCount": 2,
    "insideVlans": [],
    "networkFirewall": {
        "customerManagedFlag": true,
        "id": 67890,
        "datacenter": {
            "name": "dal13"
        }
    },

    Regarding to the addons when ordered I improved the request so you could retrieve them with the same call or using SoftLayer_Network_Vlan_Firewall::getObject method directly over the id of your FG Firewall.

    I`ll post both, please see below:

    https://api.softlayer.com/rest/v3/Account/getNetworkGateways?objectMask=mask[id,name,networkFirewall[id,customerManagedFlag,datacenter.name, billingItem[id,notes,orderItemId,activeChildren[categoryCode, description]]],publicIpAddress.ipAddress,publicVlan[id,primaryRouter.hostname],privateIpAddress.ipAddress,insideVlans[id],memberCount,status.keyName]

    or

    https://api.softlayer.com/rest/v3/Network_Vlan_Firewall/12345/getObject?objectMask=mask[datacenter.name,billingItem[id,cancellationDate,nextBillDate,activeChildren.categoryCode],networkGateway[id,name,status.name,publicIpAddress.ipAddress,publicIpv6Address.ipAddress,privateIpAddress.ipAddress,memberCount,publicVlan[primaryRouter.hostname,vlanNumber],privateVlan[primaryRouter.hostname,vlanNumber],insideVlans[id,bypassFlag,networkVlan[id,vlanNumber,name,networkSpace]]]]