{"id":548,"date":"2020-10-18T22:54:52","date_gmt":"2020-10-18T21:54:52","guid":{"rendered":"http:\/\/192.168.8.14\/?p=548"},"modified":"2020-10-18T23:01:39","modified_gmt":"2020-10-18T22:01:39","slug":"edge-gateway-export-script","status":"publish","type":"post","link":"https:\/\/www.jasonstreet.com\/?p=548","title":{"rendered":"Edge Gateway export script"},"content":{"rendered":"\n

I have been searching for something that will export\/audit an Edge gateways firewall and NAT rules or over a year.<\/p>\n\n\n\n

Although not perfect, this export is better then typing out an edge config in to excel one rule at a time. More so now as I have almost removed one of my fingers with a power tool.<\/p>\n\n\n\n

There is a limitation with this script. When exporting a firewall rule with more then one port defined, the script will only export the first port. If other ports are defined they are simply not returned by vCloud.<\/p>\n\n\n\n

here is the function<\/p>\n\n\n

\n$cred = Get-Credential\n\n## Start of functions ##\nFunction Get-EdgeConfig ($EdgeGateway)\n{\n    $Edgeview = $EdgeGateway | get-ciview\n\n    $webclient = New-Object system.net.webclient\n    $webclient.Headers.Add("x-vcloud-authorization", $EdgeView.Client.SessionKey)\n    $webclient.Headers.Add("accept", $EdgeView.Type + ";version=32.0")\n\n    [xml]$EGWConfXML = $webclient.DownloadString($EdgeView.href)\n\n    $tmpObj = "" | Select Firewall,NAT,LoadBalancer,DHCP\n    $tmpObj.Firewall = $EGWConfXML.EdgeGateway.Configuration.EdgegatewayServiceConfiguration.FirewallService.FirewallRule\n    $tmpObj.NAT = $EGWConfXML.EdgeGateway.Configuration.EdgegatewayServiceConfiguration.NatService.NatRule\n    $tmpObj.LoadBalancer = $EGWConfXML.EdgeGateway.Configuration.EdgegatewayServiceConfiguration.LoadBalancerService.VirtualServer\n    $tmpObj.DHCP = $EGWConfXML.EdgeGateway.Configuration.EdgegatewayServiceConfiguration.GatewayDHCPService.Pool\n\n    Return $tmpObj\n}\n\n## End of functions ##\n\n## connect to vcloud director tenant org \nconnect-ciserver mycloud.mycloudprovider.com -org MyOrg \n\n# get an array of edge gateways \n$Gateways = Search-Cloud -QueryType EdgeGateway\n\n# I have selected edge gateway [1] from the array\n$Config = Get-EdgeConfig -EdgeGateway $Gateways[1]\n\n# exporting config arrays. there are also DHCP and \n$Config.Firewall      | Export-csv -path firewallrules.csv\n$Config.NAT           | Export-csv -path NATrules.csv\n$Config.LoadBalancer  | Export-csv -path LoadBalancer.csv\n$Config.DHCP         | Export-csv -path DHCP.csv\n\n<\/pre><\/div>\n\n\n
When running this script you will get a CSV file for each of Firewall\/NAT\/LoadBalancer and DHCP rules.<\/p>\n\n\n\n
This function will work on the Provider or the Tenant portal. <\/p>\n\n\n\n
<\/p>\n","protected":false},"excerpt":{"rendered":"
I have been searching for something that will export\/audit an Edge gateways firewall and NAT rules or over a year. Although not perfect, this export is better then typing out an edge config in to excel one rule at a time. More so now as I have almost removed one of my fingers with a…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[69],"tags":[78,105,80,79,81,82,71],"class_list":["post-548","post","type-post","status-publish","format-standard","hentry","category-vcloud","tag-edge","tag-export","tag-firewall","tag-gateway","tag-nat","tag-rules","tag-vcloud-director"],"_links":{"self":[{"href":"https:\/\/www.jasonstreet.com\/index.php?rest_route=\/wp\/v2\/posts\/548","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.jasonstreet.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.jasonstreet.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.jasonstreet.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.jasonstreet.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=548"}],"version-history":[{"count":4,"href":"https:\/\/www.jasonstreet.com\/index.php?rest_route=\/wp\/v2\/posts\/548\/revisions"}],"predecessor-version":[{"id":568,"href":"https:\/\/www.jasonstreet.com\/index.php?rest_route=\/wp\/v2\/posts\/548\/revisions\/568"}],"wp:attachment":[{"href":"https:\/\/www.jasonstreet.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=548"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.jasonstreet.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=548"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.jasonstreet.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=548"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}