cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Highlighted
Employee+
Employee+

Creating VSX Virtual Systems using REST API

This is a very simple solution for creating VSX virtual systems using the 'run-script' REST api call on R80.X management versions. The vsx provisioning tool api is not exposed outside of the Check Point management server so scripting the creation of virtual systems could only happen from inside the management server. This api call will allow you to add/delete/modify virtual systems from a third-party automation/orchestration server.

I have attached some bash script code examples that you can use to reference,expand, and develop your own solution.

The run-script api call has to have both a "target" and "script" values . This target needs to be the name of the Check Point Management server. In the example below the management server's name is 'R80.10'. 

The "script" value needs to be the vsx_provisioning_tool configuration.The example below shows a very simple VS being created on VSX. More information on the syntax of this command can be found HERE on the user center site.

Create VS Example:

#!/bin/bash

cp_api_url='https://192.168.30.95'

#Login and retrieve the session_id
SID=`curl -k -H "Content-Type: application/json" -H "Accept: bla" -X POST '{"user":"admin","password":"mypass"}' $cp_api_url/web_api/login | ./jq-linux64 '.sid' | sed s/\"//g`

#VSX VS Deployment
curl -k \
-H "Content-Type: application/json" \
-H "Accept: bla" \
-H "X-chkp-sid: $SID" \
-X POST -d '{"script-name":"VSX Provisioning","script":"vsx_provisioning_tool -s localhost -u admin -p mypass -o add vd name VS1 vsx VSX type vs main_ip 192.168.30.101, add interface name eth1 ip 192.168.30.101/24, add interface name eth2 ip 10.10.10.1/24","targets":"R80.10"}' \
$cp_api_url/web_api/run-script | ./jq-linux64

#publish

curl -k \
-H "Content-Type: application/json" \
-H "Accept: bla" \
-H "X-chkp-sid: $SID" \
-X POST -d '{}' \
$cp_api_url/web_api/publish | ./jq-linux64

#logout
curl -k -H "Content-Type: application/json" -H "Accept: bla" -H "X-chkp-sid: $SID" -X POST -d '{}' $cp_api_url/web_api/logout

Enjoy