I developed program in Go called 'ochepist' which I use to pull list of i.e. Office 365 IP addresses from provided url and write them to the file in CP dbedit format creating group object (see g-o365 in the example below). Retrieving IPs from url and writing them to dbedit can be automated in cron script on management server (I have 77.30, not R80). I can compile it to any platform , doesn't need to run on management server, just the output has to be transported to dbedit. I will be finished with testing in a few days.
Code:
[Expert@provider1:0]# ./ochepist_linux_386 -url="https://minemeld/feeds/office365_IPv4s" -g="g-o365"
wrote 357258 bytes
[Expert@provider1:0]# head results/g-o365-dbedit.txt
create network_object_group g-o365
create address_range r104.210.43.160-104.210.43.160
modify network_objects r104.210.43.160-104.210.43.160 ipaddr_first 104.210.43.160
modify network_objects r104.210.43.160-104.210.43.160 ipaddr_last 104.210.43.160
modify network_objects r104.210.43.160-104.210.43.160 comments "Created by ochepist with dbedit"
update network_objects r104.210.43.160-104.210.43.160
addelement network_objects g-o365 '' network_objects:r104.210.43.160-104.210.43.160
update network_objects g-o365
create address_range r104.41.155.129-104.41.155.129
modify network_objects r104.41.155.129-104.41.155.129 ipaddr_first 104.41.155.129
[Expert@provider1:0]# dbedit -local -globallock -f results/g-o365-dbedit.txt
If that object g-o365 is part of VPN group then it will update split tunneling accordingly after policy is installed on the gateway (policy install can be scheduled on management server too)
Bookmarks