Hi All
We need to configure some firewall rules on some MX appliances, we have lots of objects on one of them.
I would like to export all the objects from this org and import them into another.
What is the easiest way of doing this?
I am not an API person so if it does involve things like Python etc, please explain the steps in detail 🙂
Many thanks
Hi,
You can use this one.
mx_firewall_control/mxfirewallcontrol.py: Script to display, modify and create backups of MX Layer 3 firewall rulesets. Can be used as a command line utility or a backend process for a custom management portal. See also mxfirewallcontrol_manual.pdf and mxfirewallcontrol_example_input_file.txt in this directory.
https://developer.cisco.com/codeexchange/github/repo/meraki/automation-scripts/
You could get them using this page and then send(post) them to the other org.
Or try starting with postman/tutorial that should be doable when starting with api's
https://developer.cisco.com/meraki/api-v1/get-organization-policy-objects/
https://developer.cisco.com/meraki/build/meraki-postman-collection-getting-started/
Do you also use Object Groups?
Hi, yes we do
It is not possible to export from one organization to another except via API.
I couldn't really wrap my head around mapping New Objects to the New Groups, but here's the gist of it.
Unless you modify it yourself to map them, you'll have to do so manually in the dashboard.
I have only just written this. I have not tested it.
#! /usr/bin/env python3
import meraki
SRC_ORG_ID = ""
DEST_ORG_ID = ""
def GetObjectsAndGroups(p_dashboard,p_OrgId):
print(f"Retrieving Policy Objects for {p_OrgId}..")
PolicyObjects = p_dashboard.organizations.getOrganizationPolicyObjects(
p_OrgId, total_pages='all'
)
print("Done!")
print(f"Retrieving Policy Objects Groups for {p_OrgId}..")
PolicyObjectGroups = p_dashboard.organizations.getOrganizationPolicyObjectsGroups(
p_OrgId, total_pages='all'
)
print("Done!")
result = {
"objects": PolicyObjects,
"groups": PolicyObjectGroups
}
return result
def PostObject(p_dashboard,p_OrgId,p_Objects):
NewPolicyObjects = []
print("Creating new object, one-by-one..")
for item in p_Objects:
print(f"Pushing Obj: {item['name']}...")
response = p_dashboard.organizations.createOrganizationPolicyObject(
p_OrgId, item['name'], item['category'], item['type'],
groupIds=[]
)
print(f"Done! New object id is {response['id']}")
NewPolicyObjects.append(response)
return NewPolicyObjects
def PostObjGroup(p_dashboard,p_OrgId,p_Groups):
NewPolicyObjGroups = []
print("Creating new group, one-by-one..")
for item in p_Groups:
print(f"Pushing Group: {item['name']}...")
response = p_dashboard.organizations.createOrganizationPolicyObjectsGroup(
p_OrgId, item['name'],
objectIds=[]
)
print(f"Done! New group id is {response['id']}")
NewPolicyObjGroups.append(response)
return NewPolicyObjGroups
def main():
dashboard = meraki.DashboardAPI(
suppress_logging=True,
simulate=False
)
# Pull objects from source Organisatiion
Src_PolicyObjects = GetObjectsAndGroups(dashboard,SRC_ORG_ID)
# Push object to destination Organization
NewPolicyObjects = PostObject(dashboard,DEST_ORG_ID,Src_PolicyObjects['objects'])
#Push object groups
NewPolicyObjectGroups = PostObjGroup(dashboard,DEST_ORG_ID,Src_PolicyObjects['groups'])
### TODO: Map Objects to Groups
if __name__ == "__main__":
main()
Edit: Remove simulate param, and added missing colon to method definition.
I haven't used it, but I believe Boundless Digital might offer a tool to do this.
https://www.boundlessdigital.com/network-management/meraki-automation/move-devices-and-networks/