Operation: Add Zone / Edit Zone / Edit Zone from API
Description: To Add/Edit Zone. Zone is a logical grouping of physical interfaces/ports. 

Sample Configuration
<Zone> <Name>zonename</Name> <Type>LAN/DMZ</Type> <!-- MemberPorts are for readonly purpose --> <Description>Text</Description> <ApplianceAccess> <AdminServices> <HTTPS>Enable/Disable</HTTPS> <SSH>Enable/Disable</SSH> </AdminServices> <AuthenticationServices> <ClientAuthentication>Enable/Disable</ClientAuthentication> <CaptivePortal>Enable/Disable</CaptivePortal> <ADSSO>Enable/Disable</ADSSO> <RadiusSSO>Enable/Disable</RadiusSSO> <ChromebookSSO>Enable/Disable</ChromebookSSO> </AuthenticationServices> <NetworkServices> <DNS>Enable/Disable</DNS> <Ping>Enable/Disable</Ping> </NetworkServices> <VPNServices> <IPsec>Enable/Disable</IPsec> <RED>Enable/Disable</RED> <SSLVPN>Enable/Disable</SSLVPN> <VPNPortal>Enable/Disable</VPNPortal> </VPNServices> <OtherServices> <WebProxy>Enable/Disable</WebProxy> <WirelessProtection>Enable/Disable</WirelessProtection> <UserPortal>Enable/Disable</UserPortal> <DynamicRouting>Enable/Disable</DynamicRouting> <SMTPRelay>Enable/Disable</SMTPRelay> <SNMP>Enable/Disable</SNMP> </OtherServices> </ApplianceAccess> </Zone>



Parameter Mandatory Default Description
NameYes  
Specify a name to identify the Zone.
Name confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
  • Allowed first characters: Alphanumeric characters (A-Za-z1-9) and not a zero (0). For other characters: (A-Za-z0-9_)
  • Maximum characters allowed are 60.
TypeYes LAN 
Select the type of Zone from the available options: LAN or DMZ.
Type confines to:
  • Type is 'SCALAR'.
  • Only 'LAN', 'WAN', 'DMZ', 'LOCAL', 'VPN', 'Discover' are allowed.
MemberPortsNo  
Displays all the member ports of the particular Zone selected.
MemberPorts confines to:
  • Type is 'CSV'.
  • Datatype is 'STRING'.
  • Comma separated values are allowed.
DescriptionNo  
Specify Zone description.
Description confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
  • Maximum characters allowed are 60.
IPsec/WirelessProtection/RadiusSSO/UserPortal/DNS/DynamicRouting/SSH/WebProxy/HTTP/RED/CaptivePortal/HTTPS/ChromebookSSO/VPNPortal/Ping/SMTPRelay/ADSSO/SNMP/ClientAuthentication/SSLVPNNo  
Define the type of administrative access permitted on zone.
IPsec/WirelessProtection/RadiusSSO/UserPortal/DNS/DynamicRouting/SSH/WebProxy/HTTP/RED/CaptivePortal/HTTPS/ChromebookSSO/VPNPortal/Ping/SMTPRelay/ADSSO/SNMP/ClientAuthentication/SSLVPN confines to:
  • Type is 'ARRAY'.
  • Only 'Enable', 'Enable', 'Enable', 'Enable', 'Enable', 'Enable', 'Enable', 'Enable', 'Enable', 'Enable', '12', 'Enable', 'Enable', 'Enable', 'Enable', 'Enable', 'Enable', '40', 'Enable', 'Enable', 'Enable', 'Enable' are allowed.
  • Multiple values are allowed.



Operation   Status   Message
Add Zone200
Add Zone500
Add Zone502
Add Zone510
Edit Zone from API200
Edit Zone from API500
Edit Zone200
Edit Zone500

© Copyright Sophos Firewall Limited. All rights reserved.
Sophos Firewall is registered trademarks of Sophos Firewall Limited and Sophos Firewall Group. All other product and company names mentioned are trademarks or registered trademarks of their respective owners.
No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise unless you are either a valid licensee where the documentation can be reproduced in accordance with the license terms or you otherwise have the prior permission in writing of the copyright owner.