Powershell MX L7 Update - Error Bad Request

MarkMoore
Comes here often

Powershell MX L7 Update - Error Bad Request

I am trying to update the MX L7 firewall rules and am getting a 400 Bad Request.  If I compare what my variable looks like that I am using to do the update via the API to what it looks like if I update it in the dashboard and get the rules it appears to be the same.  Below it the main part of the code.  It reads through the existing rules and if the rule I need isn't there is adds it.  Same issue with V0 or V1; this code is currently using V1.

 

#Check and create MX - Layer 7 Firewall Rules
$FW = Get_Meraki("https://dashboard.meraki.com/api/v1/networks/" + $Network.id + "/appliance/firewall/l7FirewallRules")
$Bit_Exist = $false
foreach ($Rule in $FW.rules)
{
if ($Rule.policy -eq "deny" -and $Rule.type -eq "application" -and $Rule.value.id -eq "meraki:layer7/application/110" -and $Rule.value.name -eq "BitTorrent")
{ $Bit_Exist = $true }
}

if ( $Bit_Exist -eq $false )
{
$New_Rule = @()
$New_Rule = "" | Select policy,type,value
$New_Rule.policy = "deny"
$New_Rule.type = "application"

$Value_Rule = @()
$Value_Rule = "" | Select id,name
$Value_Rule.id = "meraki:layer7/application/110"
$Value_Rule.name = "BitTorrent"

$New_Rule.value = $Value_Rule

$FW.rules += $New_Rule

#PUT/networks/{networkId}/appliance/firewall/l7FirewallRules
$json = $FW | ConvertTo-Json
$UpdateURL = "https://" + $Shard + ".meraki.com/api/v1/networks/" + $Network.id + "/appliance/firewall/l7FirewallRules"

#Update Meraki
Start-Sleep -m 300
Try
{
$response = Invoke-RestMethod $UpdateURL -Method Put -Body $json -Headers $headers -ContentType 'application/json'
}
Catch
{
$_.Exception
"Error"
}
}

 

4 Replies 4
PhilipDAth
Kind of a big deal
Kind of a big deal

The call should be to:

https://api.meraki.com/api/v1/networks/

 

Also make sure your code follows redirects (or use api-mp.meraki.com).

 

MarkMoore
Comes here often

I have been using the shard approach for the last year and half or so since Meraki added the redirects, doesn't seem like Powershell likes it from a Security point of view.  I get the following error when using https://api.meraki.com: "The remote server returned an error: (308) Permanent Redirect".

 

I tried https:/api-mp.meraki.com: and got the same error as using the shard: "The remote server returned an error: (400) Bad Request."  Although this looks like it will solve having to use Shard, we will give it a try in one of my other scripts.

 

Thanks

John_on_API
Meraki Employee
Meraki Employee

Hi @MarkMoore! I reviewed your code and didn't see where API key was being passed with the appropriate API key header. Where is the API key being appended to your request--inside $headers I presume? If so, what's the structure of that variable?

 

Please remember to not share your actual API key in your response--just curious where/how it's added to the request.

David-API
Conversationalist

Review my code on: https://github.com/immolate/MerakiAPI

 

It might not be what your code is (a little more detailed than mine) .. But it works and it might give you inspiration to use my ideas to better your own. 

 

cheers... 

 

Dave

Get notified when there are additional replies to this discussion.