Meraki

Community

IP Version for updateNetworkWirelessSsidFirewallL3FirewallRules

Solved
FrankVeprek
Here to help
‎Apr 19 2024 11:30 AM
‎Apr 19 2024 11:30 AM

IP Version for updateNetworkWirelessSsidFirewallL3FirewallRules

Hi there. New to this forum and VERY new to APIs and any sort of programming, so please forgive any wrong terminology I may use.

I'm trying to utilize "updateNetworkWirelessSsidFirewallL3FirewallRules" to insert rules that I've pulled from one of my networks into another. However, there doesn't seem to be a schema definition for IP Version. My rules are IPv4, but the rules default to IPv6 so 99% of my rules return an error that " ['At least one of your firewall rules is invalid: "ssid[firewall_rules][1][dst_cidr] For ACL rules applied to both IPv4 and IPv6, Destination address must be \'any\'", "ssid[firewall_rules][4][dst_cidr] For ACL rules applied to both IPv4 and IPv6, Destination address must be \'any\'", etc.., etc..

I can't seem to find anything in their documentation that tells me what the schema field is for IP Version. If anyone knows, I'd appreciate the assistance. Thanks!

0 Kudos
1 Accepted Solution
alemabrahao
Kind of a big deal
Kind of a big deal
‎Apr 19 2024 12:23 PM
‎Apr 19 2024 12:23 PM

I reported this in another discussion, as there is no this information in the documentation. See the link below.

 

https://community.meraki.com/t5/Developers-APIs/Wireless-Outbound-Firewall-Rules/m-p/231710#M10407

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

View solution in original post

4 Replies 4
alemabrahao
Kind of a big deal
Kind of a big deal
‎Apr 19 2024 12:23 PM
‎Apr 19 2024 12:23 PM

I reported this in another discussion, as there is no this information in the documentation. See the link below.

 

https://community.meraki.com/t5/Developers-APIs/Wireless-Outbound-Firewall-Rules/m-p/231710#M10407

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
In response to alemabrahao
FrankVeprek
Here to help
‎Apr 19 2024 12:32 PM
‎Apr 19 2024 12:32 PM

Thanks! That's exactly what I needed.

0 Kudos
RicardoD
Meraki Employee
Meraki Employee
‎Apr 19 2024 2:32 PM
‎Apr 19 2024 2:32 PM

I was testing this out and you need to use another field for the IP Version. The field name is ipVer

This is an example of a rule: {'rules': [{'comment': 'Test-L3-Rules', 'ipVer': 'ipv4', 'policy': 'deny', 'protocol': 'tcp', 'destPort': 'Any', 'destCidr': '172.16.16.0/24'}]}

 

In response to RicardoD
alemabrahao
Kind of a big deal
Kind of a big deal
‎Apr 19 2024 2:59 PM
‎Apr 19 2024 2:59 PM

It would be interesting to update the documentation on this.

 

If you see in the other discussion, that was exactly what we identified.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
© 2024 Cisco Systems, Inc.