Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
NickT
Explorer

Python Import Error

I am getting the following error when trying to importing access rules via the API using the Python script

 

Failed to import access-rule with name [Cleanup rule]. Error: message: Missing parameter: [layer]

 

python import_export_package.py -op import -sid "xxxxx" -m 1.1.1.1 -n TEST -f importing/policy.tar.gz

 

I have tried referencing the layer by name and UID, to no avail

action,layer,action-settings.enable-identity-captive-portal,comments,content-direction,content-negate,content.0,custom-fields.field-1,custom-fields.field-2,custom-fields.field-3,destination-negate,enabled,install-on.0,name,position,service-negate,source-negate,time.0,track.accounting,track.alert,track.per-connection,track.per-session,track.type,vpn.0,destination.0,service.0,source.0,source.1
Drop,77da8da0-9bd6-49ec-89a1-9fe3de97f7d1,,,any,false,Any,,,,false,true,Policy Targets,Cleanup rule,3,false,false,Any,false,none,false,false,None,Any,Any,,,Any,,Any,

 

Any help would be much appreciated

Thanks

Nick

5 Replies
Sigbjorn
Advisor
Advisor

Make sure you don't confuse policy package with layer.

You can do a "show-packages" / "show-package name "xxx"" to see which layers are added to it.

NickT
Explorer

Hey

This is the output from show package name XXXX

There is only one layer, which is referenced in the import CSV posted above. 
I get the same behaviour when trying to import access sections

 

[Expert@iedub-cpmgmt01:0]# mgmt_cli -s id.txt show packages
packages:
- uid: "60540955-9cd5-4dab-b5e9-8c3622694f29"
name: "REMOTE-OFFICE"
type: "package"
domain:
uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
name: "SMC User"
domain-type: "domain"

- uid: "55cc9342-d886-4cfd-bf5e-d438bb5e698e"
name: "REMOTE-OFFICES"
type: "package"
domain:
uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
name: "SMC User"
domain-type: "domain"

 



mgmt_cli -s id.txt show package name REMOTE-OFFICES
uid: "55cc9342-d886-4cfd-bf5e-d438bb5e698e"
name: "REMOTE-OFFICES"
type: "package"
domain:
uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
name: "SMC User"
domain-type: "domain"
access: true
access-layers:
- uid: "77da8da0-9bd6-49ec-89a1-9fe3de97f7d1"
name: "Network"
type: "access-layer"
domain:
uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
name: "SMC User"
domain-type: "domain"

Sigbjorn
Advisor
Advisor

Looks like the layer is just named "Network" which is the default.

So if you try the following command, does it fail? ;

mgmt_cli -s id.txt add access-section layer Network name FirstSection position top

NickT
Explorer

Hi

That command works with no errors. This command is what I had to revert to manually importing the rules. 

It is weird, as I created a new policy with one access rule, exported it via the Python script, tried to import it. Fails straight away.

Sigbjorn
Advisor
Advisor

Sounds like something the authors should look into.

@Inbar_Moskovich @Robert_Decker 

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    Tue 18 Mar 2025 @ 09:30 AM (EET)

    CheckMates Live Greece

    Tue 25 Mar 2025 @ 12:00 PM (MDT)

    Salt Lake City: CPX 2025 Recap

    Tue 08 Apr 2025 @ 12:00 PM (MDT)

    Denver: CPX 2025 Recap
    CheckMates Events