Description:

If a Unified Firewall is managed in the LANCOM Management Cloud (LMC), by default all of the networks are transmitted via the ETH1 interface. Although the LMC allows you to assign the networks to a different interface via the menu Project specifications → Basic → Extended settings, these settings apply globally to all Unified Firewalls in the project. The LMC API can be used to activate the variable UF_DEFAULT_IF, which can then be used to set the interface for a specific Unified Firewall or site.

This article describes how the LMC API is used to activate the variable UF_DEFAULT_IF in an LMC project, so making it available to individual Unified Firewalls or a specific project.

Requirements:

  • Access to the LMC including your own LMC project
  • User role Technical Administrator or Project Administrator
  • Basic knowledge of the developer console in the web browser

Procedure:

1) Calling the LMC API:

1.1) In the LMC, click System Information

1.2) Under Service Information, click Show information to display the LMC services.

1.3) Click the service service-config (1).

You can alternatively use the service service-config (2) or service-config (3). These are used to ensure reliability.



2) Reading out the LMC bearer tokens via the web browser’s developer console:

Open a separate instance of your LMC project in your web browser. Then open the developer console in your web browser (here using Firefox as an example) and switch to the Network

Click on a current entry and read out the bearer token under Request Headers > Authorization (omitting the preceding Bearer).

A bearer token is valid for 120 seconds only. Therefore, make sure that you read out a current entry. Furthermore, steps 3 and 4 must be carried out within this time window.



3) Login to the LMC API:

3.1) In the LMC API, click Authorize.

3.2) Under bearer (apiKey), enter the value for the bearer token copied in step 2) and click Authorize.

3.3) Click Close to exit the window.



4) Enabling the variable UF_DEFAULT_IF:

4.1) Scroll down to the section ConfigVariable and, for the POST /configvariable/accounts/{accountId}/variables, click the “arrow” symbol to access the advanced settings for this method.

4.2) Click Try it out to specify the variable and the account ID.

4.3) Enter the following parameters and then click Execute:

  • accountId: Enter the account ID for your LMC project.
  • variable: Enter the following code.

{
"name": "UF_DEFAULT_IF",
"restricted": "false",
"system": "true",
"value": "auto",
"defaultValue": "auto"

}

When you open your LMC project in the web browser, you can see the account ID in the address line of your web browser after project/.

4.4) Successful execution is acknowledged by the code 200 (HTTP 200 OK).

If the code 401 (HTTP 401 Unauthorized) is shown here, the bearer token is either incorrect or has expired. In this case, read out the bearer token again as described in step 2) and authorize yourself again as described in step 3).



5) Assigning the variable UF_DEFAULT_IF in the LMC:

The variable UF_DEFAULT_IF can now be assigned to a specific device or a specific location in the LMC (in this example the default interface is set to eth2). The variable can then be referenced in an add-in.

All LANCOM products and software versions are subject to LANCOM Software Lifecycle Management.
You can find information on our website at https://www.lancom-systems.com/products/firmware/software-lifecycle-management

© 2019-2024 LANCOM Systems GmbH