Go to Authentication
> Users to create a new user for the API call. The user type will
need to be Administrator and its profile will require read/write
permissions. This API user is optional, its purpose is to lock the user
down to certain rights in the XG, you can always use the Admin account.
Username = xgapiuser
Name = xgapiuser
Password = xgApiUser123
Profile = Administrator
Group = Open Group
Go to Backup &
Firmware > API to enable the API Configuration and need to add "Firewall Analyzer" installed machine ip address in "Allowed IP Address" field:
This IP address needs to
be in a zone that has access to the HTTPS Admin Services, if not, it
needs a Local Service ACL Exception Rule. Go to Administration > Device Access to verify its associated Zone .
Administration > Device Access page create a Local Service ACL Exception Rule.
Then access below API URL in FWA service installed computer browser (Need to replace FIreallIP, USERNAME and PASSWORD values) : Sophos version 17 or older : https://FIreallIP:4444/webconsole/APIController?reqxml=<Request><Login><Username>USERNAME</Username><Password>PASSWORD</Password></Login><Get><SecurityPolicy></SecurityPolicy></Get></Request>
Sophos version 18 or later: https://FIreallIP:4444/webconsole/APIController?reqxml=<Request><Login><Username>USERNAME</Username><Password>PASSWORD</Password></Login><Get><FirewallRule></FirewallRule></Get></Request>
API - failed case analyze: Download curl tool and extract the downloaded zip file in FWA installed machine (https://curl.haxx.se/download.html) - (only for Windows machine, curl tool by default bundled in linux machines) Go to "AMD64" folder in ...