API Request to Backup a Fortinet Firewall

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hello everyone this is ali and welcome to my channel in this video i'm going to create a python script that has an api call that will backup the configurations of the fortinet firewall that i have at home so i'm gonna log into the firewall here with the admin account i tried with my account even though my account is an admin account but it didn't really work uh because with a demand account with this account i have to create a rest api user just from here create rest api admin and i just call it api underscore user i set trusted hosts where this user can log in from and i created a profile for that user that is read only but it didn't work for me the backup didn't work until i put read write under system you can give it read write but under system here the administrator users need read and write i don't know why it didn't work with read only so this is the profile i created uh the api user and and you can generate a token unless you're under the admin account the admin that comes with uh with the device with the 49 device so i'm going to regenerate i'm going to copy this token and i'm going to put it on the side here and i'm going to click ok so i'm going to back up from a linux virtual machine here i'm connecting i'll show you real quick so this is my firewall this is a virtual machine we'll be running my script uh it has the ip address 192.1625.100 this has 192 168 25.1 this is the gateway for that machine if you want to run the script um or if you want to run the request to another ip you have to create a policy on the firewall that will allow this network or this machine to access that other ip i'm gonna put this back here and i'm gonna start with the script so i'm just gonna say nano i usually create them under scripts i'm going to say backup just for example here backup.pi and first of all i'm going to import requests so that we can uh um send a send a an api request this is the requests library and in python so i'm going to create a variable called api url and here i'm gonna put a string of the url so https and firewall is at 192.168.25.1 if you were using another port you can add it here for example if you're using something custom like one two four four three or something you can do that but i'm not doing any of that and then the rest of the url api v2 monitor system config backup and we'll specify scope equal global so the global configurations and uh we'll set up we'll specify that act token access token equal and the token i'll just copy paste from here so this is the token so this will be my the api url that i will i will put it inside this get requests so requests dot get and i'm gonna pass in api url or you can just type in this whole this whole string inside here and then let's say i'm gonna save the data actually i'm gonna save it in a variable called data because i'm gonna save it in a file or you can you can call it response or whatever and i'm just gonna print [Music] data dot status code just want to make sure we have uh 200 status code [Music] okay yes now i'm gonna run this script home now let's see okay certificate verify failed and this happened and i found i found this online this line requests dot packages dot url lib3 disable warnings i'll try that so control x i'm using nano yes and save python three let's see oh there's another one i have to specify right here in the request and inside the get request there's this one verify equal false uh let's see i think it's working status quo 200 okay so i printed the status code but we need to print the data and let's try to print the data and to print the data i have to say data.txt okay and this these are the and this is the end of the file the configuration file so it works i'm gonna go back here i don't want this and i'm gonna save this data file or this data variable inside a file i'm gonna do with open and inside here i have to specify where i want to save it and write and i have to say b for um to write it in binary or binary mode as file or f i'll just keep it f for now and here is where i save the file so i have a directory it's called um 40 gate backups i think and i will save the file as um let's api backup dot conf okay and then from here three four four line and this data i'm gonna loop through every line there's an eight one two three four and i'm gonna write every line to this file object [Music] okay and this should save this response i'm just going to call this oh i'll keep it data so this is gonna this is going to save the response of the of the get request in a file called apibackup.conf so this is the most important piece https the ip address of the for the api v2 monitor system config backup question mark scope equal global i think it could be um you can specify which vdom you want and then access underscore token and you put the token i'm gonna save that control x enter i'm gonna run the script again all right we're not printing anything so let's say ls-l home for the gate backups okay and this is the file i just created and i'm gonna look at the file here i'll use more api okay this is my file it starts with this line and always and config system global this is my 40 gate that is correct and you can go all the way to the bottom okay so i'll just put this here again [Music] you import requests module um this is the api url that you want to pass into the get request so it is right here and access underscore token and the and the token that you generated over here inside the 40 gate and then you just disable warnings and use this and then you save it in a file and i have another video to run this script automatically with the chrome tab i'll i'll link it to this video or put it in the description box and if you like the video please like and subscribe and thank you for watching

Info

Channel: Ali Younes - Go4IT

Views: 1,280

Rating: undefined out of 5

Keywords: #Fortinet, #Python, #API

Id: NfHcUI85-MA

Channel Id: undefined

Length: 11min 45sec (705 seconds)

Published: Wed Feb 10 2021