https://community.checkpoint.com/t5/Ansible/Enable-the-access-rule-to-correct-policy-package/m-p/50596#M243 <P>Hi Team,</P><P>&nbsp;</P><P>&nbsp;i am adding the rulebase via ansible&nbsp; and having 2 policy package like "standard and Test_APP" policy package.whatever rule in publishing its going to standard only not going to APP policy&nbsp; package.is there any way to publish the rule to APP policy package.</P><P>Please find the below script:</P><P>&nbsp;</P><P>- name: "create rule at the top of a section called 'script rules'"<BR />check_point_mgmt:<BR />command: add-access-rule<BR />parameters:<BR />layer: "network"<BR />name: "created by me"<BR />position:<BR />top: "web"<BR />source:<BR />- "host2"<BR />destination:<BR />- "host3"<BR />service:<BR />- "tcp_77"<BR />action: "accept"<BR />session-data: "{{login_response}}"</P><P>- name: "publish"<BR />check_point_mgmt:<BR />command: publish<BR />session-data: "{{login_response}}"</P><P>- name: "install policy"<BR />check_point_mgmt:<BR />command: install-policy<BR />parameters:<BR />policy-package: "Test_APP"<BR />session-data: "{{login_response}}"</P><P>rule is publishing on standard policy package.but policy is installing on Test_APP&nbsp; targeted gateway. i need help on publishing the policy on correct policy package.</P><P>&nbsp;</P><P>Regards</P><P>Aathi</P><P>&nbsp;</P> Thu, 11 Apr 2019 13:40:53 GMT Aathi 2019-04-11T13:40:53Z https://community.checkpoint.com/t5/Ansible/Enable-the-access-rule-to-correct-policy-package/m-p/50596#M243 <P>Hi Team,</P><P>&nbsp;</P><P>&nbsp;i am adding the rulebase via ansible&nbsp; and having 2 policy package like "standard and Test_APP" policy package.whatever rule in publishing its going to standard only not going to APP policy&nbsp; package.is there any way to publish the rule to APP policy package.</P><P>Please find the below script:</P><P>&nbsp;</P><P>- name: "create rule at the top of a section called 'script rules'"<BR />check_point_mgmt:<BR />command: add-access-rule<BR />parameters:<BR />layer: "network"<BR />name: "created by me"<BR />position:<BR />top: "web"<BR />source:<BR />- "host2"<BR />destination:<BR />- "host3"<BR />service:<BR />- "tcp_77"<BR />action: "accept"<BR />session-data: "{{login_response}}"</P><P>- name: "publish"<BR />check_point_mgmt:<BR />command: publish<BR />session-data: "{{login_response}}"</P><P>- name: "install policy"<BR />check_point_mgmt:<BR />command: install-policy<BR />parameters:<BR />policy-package: "Test_APP"<BR />session-data: "{{login_response}}"</P><P>rule is publishing on standard policy package.but policy is installing on Test_APP&nbsp; targeted gateway. i need help on publishing the policy on correct policy package.</P><P>&nbsp;</P><P>Regards</P><P>Aathi</P><P>&nbsp;</P> Thu, 11 Apr 2019 13:40:53 GMT https://community.checkpoint.com/t5/Ansible/Enable-the-access-rule-to-correct-policy-package/m-p/50596#M243 Aathi 2019-04-11T13:40:53Z https://community.checkpoint.com/t5/Ansible/Enable-the-access-rule-to-correct-policy-package/m-p/50604#M244 <P>I don't know enough about ansible, but when using the mgmt_cli tool I have to reference the policy name as well as the layer in order for the rule to be accepted.</P> <P>If you change your playbook from:</P> <LI-CODE lang="markup">check_point_mgmt: command: add-access-rule parameters: layer: "network" name: "created by me" ....</LI-CODE> <P>To:</P> <LI-CODE lang="markup">check_point_mgmt: command: add-access-rule parameters: layer: "Test_APP Network" name: "created by me" position:</LI-CODE> <P>&nbsp;</P> <P>Does it put the access rule in the proper policy package and layer?</P> <P>&nbsp;</P> <P>&nbsp;</P> Thu, 11 Apr 2019 14:16:37 GMT https://community.checkpoint.com/t5/Ansible/Enable-the-access-rule-to-correct-policy-package/m-p/50604#M244 masher 2019-04-11T14:16:37Z https://community.checkpoint.com/t5/Ansible/Enable-the-access-rule-to-correct-policy-package/m-p/50674#M245 When you add a rule, it must be added to the correct policy layer.<BR />You can only install a policy package to a gateway, which contains one or more layers.<BR />Can you verify your rule is being added to the correct layer? Fri, 12 Apr 2019 01:39:40 GMT https://community.checkpoint.com/t5/Ansible/Enable-the-access-rule-to-correct-policy-package/m-p/50674#M245 PhoneBoy 2019-04-12T01:39:40Z https://community.checkpoint.com/t5/Ansible/Enable-the-access-rule-to-correct-policy-package/m-p/50680#M246 <P>Thanks Team for your excellent support and guidance.</P><P>Now i m able to publish the policy in correct policy package.</P><P>Regards</P><P>Aathi</P> Fri, 12 Apr 2019 03:03:14 GMT https://community.checkpoint.com/t5/Ansible/Enable-the-access-rule-to-correct-policy-package/m-p/50680#M246 Aathi 2019-04-12T03:03:14Z