Sophos XG API - Troubleshoot Dcoument

Sophos XG API - Troubleshoot Dcoument

  1. Before checking API access, please confirm that the password contains special characters other than those listed below:
    @ ! # $ ^ ( * } { ) - = , . / ? | ] [
  2. Since the Sophos XG XML API does not support other special character values, we have confirmed that the above list alone works fine for API access.

How to enable API:
  1. Go to Authentication > Users to create a new user for the API call. The user type will need to be Administrator and its profile will require read/write permissions. This API user is optional, its purpose is to lock the user down to certain rights in the XG, you can always use the Admin account.
    1. Username = xgapiuser
    2. Name = xgapiuser
    3. Password = xgApiUser123
    4. = Administrator
    5. Profile = Administrator
    6. Group = Open Group

  2. Go to Backup & Firmware > API to enable the API Configuration and need to add "Firewall Analyzer" installed machine ip address in "Allowed IP Address" field:

  3. This IP address needs to be in a zone that has access to the HTTPS Admin Services, if not, it needs a Local Service ACL Exception Rule.
    Go to Administration > Device Access to verify its associated Zone .

  4. Administration > Device Access page create a Local Service ACL Exception Rule.

  5. Then access below API URL in FWA service installed computer browser (Need to replace  FIreallIP, USERNAME and  PASSWORD values) :
           Sophos version 17 or older : https://FIreallIP:4444/webconsole/APIController?reqxml=<Request><Login><Username>USERNAME</Username><Password>PASSWORD</Password></Login><Get><SecurityPolicy></SecurityPolicy></Get></Request>

       Sophos version 18 or later: https://FIreallIP:4444/webconsole/APIController?reqxml=<Request><Login><Username>USERNAME</Username><Password>PASSWORD</Password></Login><Get><FirewallRule></FirewallRule></Get></Request>

                  New to ADManager Plus?

                    New to ADSelfService Plus?

                      • Related Articles

                      • Checkpoint Device rule - Troubleshooting Tips

                        API - failed case analyze: Download curl tool and extract the downloaded zip file in FWA installed machine ( - (only for Windows machine, curl tool by default bundled in linux machines) Go to "AMD64" folder in ...