Manage VLANs on Scanner
Click to view navigation pane


Manage VLANs on Scanner

POST/api/2.0/fo/appliance/?action=update (virtual appliance)

POST/api/2.0/fo/appliance/physical/?action=update (physical appliance)

Use these APIs to manage VLANs (set, remove) on scanner appliances. Your account must have the VLANs and static routes feature enabled.

Set VLANsSet VLANs

Parameter "set_vlans"

Use the "set_vlans" parameter to set one or more VLANs. The format for a single VLAN is

<VLAN_ID> | <IPv4_ADDRESS> | <NETMASK> | <VLAN_NAME> | ipv6_static or ipv6_auto | <IPv6_ADDRESS> with pipe (|) used as a delimiter.

To skip IPv4 attributes (IPv4 address and netmask), you must include an empty space in place of each attribute. Multiple VLANs can be assigned using a comma separated list.

Attribute

Description

<VLAN_ID>

Customer-defined ID (not assigned by Qualys). Must be in the range 0 to 4096, inclusive.

<IPv4_ADDRESS>

A valid IPv4 IP address (dotted quad), such as 10.10.10.1. Leave empty when specifying an IPv6 address.

<NETMASK>

A valid network mask (dotted quad), such as 255.255.255.0. eave empty when specifying an IPv6 address.

<VLAN_NAME>

A valid name (can be empty). The name can be a maximum of 256 ASCII characters. The character : (colon) is permitted.

These characters are not permitted: , (comma), < (less than), > (greater than), " (double quote), & (ampersand), | (pipe), = (equals).

ipv6_static or ipv6_auto

Specify ipv6_static to provide a static IPv6 address. Specify ipv6_auto to auto-configure IPv6 using SLAAC on the VLAN.

<IPv6_ADDRESS>

A valid IPv6 address is required when “ipv6_static” is specified, such as fdd1:0:1:107::500. Leave empty when “ipv6_auto” is specified.

Samples for Virtual Scanner AppliancesSamples for Virtual Scanner Appliances

Sample - Set one IPv6 VLAN

API Request

curl -u "USERNAME:PASSWORD" -H "X-Requested-With: Curl" -d "action=update&id=126209&set_vlans=1234|||Name1234|ipv6_static|fdd1:0:1:109::500" "https://<qualys_base_url>/api/2.0/fo/appliance/"

Sample - Set one IPv4 VLAN

API Request

curl -u "USERNAME:PASSWORD" -H "X-Requested-With: Curl" -d "action=update&id=126209&set_vlans=5678|123.123.123.123|255.255.255.255|Name5678" "https://<qualys_base_url>/api/2.0/fo/appliance/"

Sample - Set Mix of IPv4 and IPv6 VLANs

API Request

curl -u "USERNAME:PASSWORD" -H "X-Requested-With: Curl" -d "action=update&id=126209&set_vlans=1234|||Name1234|ipv6_static|fdd1:0:1:108::500,5678|123.123.123.123|255.255.255.255|Name5678,9012|244.244.244.244|255.255.255.0|Name9012|ipv6_auto,3456|12.12.12.12|255.255.255.0|Name3456|ipv6_static|fdd1:0:1:107::500" "https://<qualys_base_url>/api/2.0/fo/appliance/"

XML Output

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE SIMPLE_RETURN SYSTEM "https://https://<qualys_base_url>/api/2.0/simple_return.dtd">
<SIMPLE_RETURN>
  <RESPONSE>
    <DATETIME>2018-07-20T11:45:03Z</DATETIME>
    <TEXT>Virtual scanner updated successfully</TEXT>
    <ITEM_LIST>
      <ITEM>
        <KEY>ID</KEY>
        <VALUE>126209</VALUE>
      </ITEM>
    </ITEM_LIST>
  </RESPONSE>
</SIMPLE_RETURN>

Sample for Physical Scanner AppliancesSample for Physical Scanner Appliances

Set VLANs on physical scanner appliances in the same way a virtual scanner appliances. The only difference is the URL endpoint.

Sample - Physical Appliance, Set one IPV6 VLAN

API Request

curl -u "USERNAME:PASSWORD" -H "X-Requested-With: Curl" -d "action=update&id=126209&set_vlans=1234|||Name1234|ipv6_static|fdd1:0:1:109::500" "https://<qualys_base_url>/api/2.0/fo/appliance/physical"

XML Output

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE SIMPLE_RETURN SYSTEM "https://<qualys_base_url>/api/2.0/simple_return.dtd">
<SIMPLE_RETURN>
  <RESPONSE>
    <DATETIME>2018-07-20T11:58:06Z</DATETIME>
    <TEXT>Physical scanner updated successfully</TEXT>
    <ITEM_LIST>
      <ITEM>
        <KEY>ID</KEY>
        <VALUE>126209</VALUE>
      </ITEM>
    </ITEM_LIST>
  </RESPONSE>
</SIMPLE_RETURN>

View Scanner Appliances with VLANsView Scanner Appliances with VLANs

Use the parameters “action=list” and “output_mode=full”.

API Request

curl -u "USERNAME:PASSWD" -H "X-Requested-With: Curl" -X "GET" "https://qualysapi.qualys.com/api/2.0/fo/appliance/?action=list&id s=43463&output_mode=full"

XML Output

...   
<VLANS>
    <SETTING>Enabled</SETTING>
    <VLAN>
        <ID>0</ID>
        <NAME>vlan1</NAME>
        <IP_ADDRESS>10.10.10.1</IP_ADDRESS>
        <NETMASK>255.255.255.0</NETMASK>
    </VLAN>
</VLANS>
<STATIC_ROUTES>
    <ROUTE>
        <NAME>Route1</NAME>
        <IP_ADDRESS>10.10.25.0</IP_ADDRESS>
        <NETMASK>255.255.255.0</NETMASK>
        <GATEWAY>10.10.25.255</GATEWAY>
    </ROUTE>
    <ROUTE>
        <NAME>Route2</NAME>
        <IP_ADDRESS>10.10.26.0</IP_ADDRESS>
        <NETMASK>255.255.255.0</NETMASK>
        <GATEWAY>10.10.26.255</GATEWAY>
    </ROUTE>
</STATIC_ROUTES> ...

Delete all VLANsDelete all VLANs

Use the "set_vlans" parameter and set it to " (empty string).

Sample - Delete all VLAN Records

API Request

curl -u "USERNAME:PASSWD" -H "X-Requested-With: -d "id=43463&set_vlans=""https://<qualys_base_url>/api/2.0/fo/appliance/?action=update"

XML Output

?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE SIMPLE_RETURN SYSTEM "https://<qualys_base_url>/api/2.0/simple_return.dtd">
<SIMPLE_RETURN>
  <RESPONSE>
    <DATETIME>2018-05-10T08:49:18Z</DATETIME>
    <TEXT>Virtual scanner updated successfully</TEXT>
...

DTD

<platform API server>/api/2.0/simple_return.dtd

 

 

Was this topic helpful?

success Thank you! We're glad to hear that this topic was useful.
success We appreciate your feedback. We'll work to make this topic better for you in the future.