...
| Code Block | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||
{
"serviceTypeId": "/v0/firewall/pan",
"configName": "AFTTFwPolicy1Config",
"deploymentOption": {
"deployNow": false
},
"securityZoneId": "cloudsite:dev1a",
"vendorServiceId": "vipr",
"vendorSpecificData": {
"idMap": [{
"astraId": "cloudsite:dev1a",
"vendorId": "deviceGroup:dev"
}]
},
"serviceGroups": [{
"name": "SSH",
"description": "Ssh service entry in service list",
"type": "SERVICE",
"transportProtocol": "tcp",
"appProtocol": null,
"ports": "22"
}],
"addressGroups": [{
"name": "CiscoVCE",
"description": "Destination CiscoCVE",
"members": [{
"type": "SUBNET",
"value": "12.63.31.61/12"
}]
}, {
"name": "HOHOServers",
"description": "Source HOHOServers for first testing",
"members": [{
"type": "SUBNET",
"value": "12.60.32.11/23"
}]
}],
"firewallRuleList": [{
"position": "1",
"ruleName": "FWRuleHOHOServerToCiscoVCE",
"fromZones": ["UntrustedZoneCiscoCVEName"],
"toZones": ["TrustedZoneHOHOName"],
"negateSource": false,
"negateDestination": false,
"sourceList": [{
"type": "REFERENCE",
"name": "HOHOServers"
}],
"destinationList": [{
"type": "REFERENCE",
"name": "CiscoVCE"
}],
"sourceServices": [],
"destServices": [{
"type": "REFERENCE",
"name": "SSH"
}],
"action": "accept",
"description": "FW rule for HOHO source to CiscoVCE destination",
"enabled": true,
"log": true
}]
} |
...