Manage VLANs on Scanner
Click to view navigation pane


Manage VLANs on Scanner

POST/api/2.0/fo/appliance/?action=update (virtual appliance)

POST/api/2.0/fo/appliance/physical/?action=update (physical appliance)

Use these APIs to manage VLANs (set, remove) on scanner appliances. Your account must have the VLANs and static routes feature enabled.

Set VLANsSet VLANs

Parameter "set_vlans"

Use the "set_vlans" parameter to set one or more VLANs. The format for a single VLAN is

<VLAN_ID> | <IPv4_ADDRESS> | <NETMASK> | <VLAN_NAME> | ipv6_static or ipv6_auto | <IPv6_ADDRESS> with pipe (|) used as a delimiter.

To skip IPv4 attributes (IPv4 address and netmask), you must include an empty space in place of each attribute. Multiple VLANs can be assigned using a comma separated list.

Attribute

Description

<VLAN_ID>

Customer-defined ID (not assigned by Qualys). Must be in the range 0 to 4096, inclusive.

<IPv4_ADDRESS>

A valid IPv4 IP address (dotted quad), such as 10.10.10.1. Leave empty when specifying an IPv6 address.

<NETMASK>

A valid network mask (dotted quad), such as 255.255.255.0. eave empty when specifying an IPv6 address.

<VLAN_NAME>

A valid name (can be empty). The name can be a maximum of 256 ASCII characters. The character : (colon) is permitted.

These characters are not permitted: , (comma), < (less than), > (greater than), " (double quote), & (ampersand), | (pipe), = (equals).

ipv6_static or ipv6_auto

Specify ipv6_static to provide a static IPv6 address. Specify ipv6_auto to auto-configure IPv6 using SLAAC on the VLAN.

<IPv6_ADDRESS>

A valid IPv6 address is required when “ipv6_static” is specified, such as fdd1:0:1:107::500. Leave empty when “ipv6_auto” is specified.

Samples for Virtual Scanner AppliancesSamples for Virtual Scanner Appliances

Sample - Set one IPv6 VLAN

API Request

curl -u "USERNAME:PASSWORD" -H "X-Requested-With: Curl" -d "action=update&id=126209&set_vlans=1234|||Name1234|ipv6_static|fdd1:0:1:109::500" "https://<qualys_base_url>/api/2.0/fo/appliance/"

Sample - Set one IPv4 VLAN

API Request

curl -u "USERNAME:PASSWORD" -H "X-Requested-With: Curl" -d "action=update&id=126209&set_vlans=5678|123.123.123.123|255.255.255.255|Name5678" "https://<qualys_base_url>/api/2.0/fo/appliance/"

Sample - Set Mix of IPv4 and IPv6 VLANs

API Request

curl -u "USERNAME:PASSWORD" -H "X-Requested-With: Curl" -d "action=update&id=126209&set_vlans=1234|||Name1234|ipv6_static|fdd1:0:1:108::500,5678|123.123.123.123|255.255.255.255|Name5678,9012|244.244.244.244|255.255.255.0|Name9012|ipv6_auto,3456|12.12.12.12|255.255.255.0|Name3456|ipv6_static|fdd1:0:1:107::500" "https://<qualys_base_url>/api/2.0/fo/appliance/"

XML Output

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE SIMPLE_RETURN SYSTEM "https://https://<qualys_base_url>/api/2.0/simple_return.dtd">
<SIMPLE_RETURN>
  <RESPONSE>
    <DATETIME>2018-07-20T11:45:03Z</DATETIME>
    <TEXT>Virtual scanner updated successfully</TEXT>
    <ITEM_LIST>
      <ITEM>
        <KEY>ID</KEY>
        <VALUE>126209</VALUE>
      </ITEM>
    </ITEM_LIST>
  </RESPONSE>
</SIMPLE_RETURN>

Sample for Physical Scanner AppliancesSample for Physical Scanner Appliances

Set VLANs on physical scanner appliances in the same way a virtual scanner appliances. The only difference is the URL endpoint.

Sample - Physical Appliance, Set one IPV6 VLAN

API Request

curl -u "USERNAME:PASSWORD" -H "X-Requested-With: Curl" -d "action=update&id=126209&set_vlans=1234|||Name1234|ipv6_static|fdd1:0:1:109::500" "https://<qualys_base_url>/api/2.0/fo/appliance/physical"

XML Output

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE SIMPLE_RETURN SYSTEM "https://<qualys_base_url>/api/2.0/simple_return.dtd">
<SIMPLE_RETURN>
  <RESPONSE>
    <DATETIME>2018-07-20T11:58:06Z</DATETIME>
    <TEXT>Physical scanner updated successfully</TEXT>
    <ITEM_LIST>
      <ITEM>
        <KEY>ID</KEY>
        <VALUE>126209</VALUE>
      </ITEM>
    </ITEM_LIST>
  </RESPONSE>
</SIMPLE_RETURN>

View Scanner Appliances with VLANsView Scanner Appliances with VLANs

Use the parameters “action=list” and “output_mode=full”.

API Request

curl -u "USERNAME:PASSWD" -H "X-Requested-With: Curl" -X "GET" "https://qualysapi.qualys.com/api/2.0/fo/appliance/?action=list&id s=43463&output_mode=full"

XML Output

...   
<VLANS>
    <SETTING>Enabled</SETTING>
    <VLAN>
        <ID>0</ID>
        <NAME>vlan1</NAME>
        <IP_ADDRESS>10.10.10.1</IP_ADDRESS>
        <NETMASK>255.255.255.0</NETMASK>
    </VLAN>
</VLANS>
<STATIC_ROUTES>
    <ROUTE>
        <NAME>Route1</NAME>
        <IP_ADDRESS>10.10.25.0</IP_ADDRESS>
        <NETMASK>255.255.255.0</NETMASK>
        <GATEWAY>10.10.25.255</GATEWAY>
    </ROUTE>
    <ROUTE>
        <NAME>Route2</NAME>
        <IP_ADDRESS>10.10.26.0</IP_ADDRESS>
        <NETMASK>255.255.255.0</NETMASK>
        <GATEWAY>10.10.26.255</GATEWAY>
    </ROUTE>
</STATIC_ROUTES> ...

Delete all VLANsDelete all VLANs

Use the "set_vlans" parameter and set it to " (empty string).

Sample - Delete all VLAN Records

API Request

curl -u "USERNAME:PASSWD" -H "X-Requested-With: -d "id=43463&set_vlans=""https://<qualys_base_url>/api/2.0/fo/appliance/?action=update"

XML Output

?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE SIMPLE_RETURN SYSTEM "https://<qualys_base_url>/api/2.0/simple_return.dtd">
<SIMPLE_RETURN>
  <RESPONSE>
    <DATETIME>2018-05-10T08:49:18Z</DATETIME>
    <TEXT>Virtual scanner updated successfully</TEXT>
...

DTD

<platform API server>/api/2.0/simple_return.dtd

 

 

success Thank you! We're glad to hear that this topic was useful.
success We appreciate your feedback. We'll work to make this topic better for you in the future.