delta-source/sonicwall-mcp

SonicMCP -- SonicWall Firewall Management via MCP

A Model Context Protocol (MCP) server for full-featured management of SonicWall firewalls through their REST API. Built with Python and the FastMCP SDK, designed to be used from Cursor or any MCP-compatible AI assistant.

What It Does

SonicMCP gives an AI assistant authenticated access to your SonicWall's entire management API. The assistant can read configuration, create and modify resources, and commit changes -- covering network segmentation, access rules, NAT, DHCP, VPN, and every other domain the SonicOS API exposes.

Tools

Read Tools (Network Segmentation)

• list_zones / get_zone -- Firewall zones and security types
• list_interfaces / get_interface -- Physical and VLAN interfaces
• list_vlan_interfaces -- VLAN sub-interfaces
• list_access_rules / get_access_rule -- IPv4 access rules
• list_security_policies / get_security_policy -- IPv4 security policies
• list_address_objects / get_address_object -- IPv4 address objects
• list_address_groups / get_address_group -- IPv4 address groups
• list_nat_policies -- IPv4 NAT policies
• list_service_objects / list_service_groups -- Service definitions
• get_dhcp_server_config / list_dhcp_scopes -- DHCP configuration
• get_routing_config -- Routing configuration
• get_pending_changes -- Uncommitted configuration changes

Write Tools (with dry-run safety)

• create_zone / update_zone / delete_zone
• create_address_object / update_address_object / delete_address_object
• create_address_group / update_address_group / delete_address_group
• create_access_rule / update_access_rule / delete_access_rule
• create_nat_policy / delete_nat_policy
• create_dhcp_scope / delete_dhcp_scope
• commit_pending_changes / rollback_pending_changes

Generic Tools (escape hatch for any API endpoint)

• raw_api_get / raw_api_post / raw_api_put / raw_api_delete
• explore_api -- Browse any API endpoint
• get_system_status -- Verify connectivity

All write tools default to dry-run mode (confirm=False). They show what they would do without making changes. The AI must explicitly pass confirm=True after you approve.

Prerequisites

1. SonicWall with SonicOS API enabled and RFC-2617 HTTP Basic Auth enabled
2. Python 3.13+
3. 1Password CLI (op) for credential management
4. 1Password item named sonic_mcp with fields: username, password, and TOTP configured

Setup

# Clone/navigate to the project
cd sonicwall-mcp

# Create virtual environment and install dependencies
python3 -m venv venv
source venv/bin/activate
pip install -r requirements.txt

Cursor Configuration

Add to ~/.cursor/mcp.json:

{
  "mcpServers": {
    "sonicmcp": {
      "command": "/path/to/sonicwall-mcp/venv/bin/python",
      "args": ["/path/to/sonicwall-mcp/src/main.py"],
      "cwd": "/path/to/sonicwall-mcp",
      "env": {
        "PYTHONPATH": "/path/to/sonicwall-mcp/src"
      }
    }
  }
}

Environment Variables

Credentials are fetched from 1Password CLI. If you prefer environment variables, set SONICWALL_USERNAME, SONICWALL_PASSWORD, and SONICWALL_TOTP.

Architecture

• FastMCP -- uses the modern MCP Python SDK with @mcp.tool() decorators
• Auto-reconnect -- fetches a fresh TOTP from 1Password on every re-authentication, solving the stale-TOTP problem
• Token lifecycle -- tracks bearer token expiry, proactively refreshes before timeout
• Dry-run safety -- all write operations preview changes before execution
• Generic escape hatch -- raw_api_* tools can hit any API endpoint, so the server is never missing a capability

File Structure

src/
  main.py              -- FastMCP server, all tool definitions
  sonicwall_client.py  -- API client with auth interceptor
  credentials.py       -- 1Password credential fetching

Warning

This tool can modify firewall configurations. All write operations require explicit confirmation. Test in a non-production environment before using on critical infrastructure.