This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Joe_Dillig
Employee Alumnus
Employee Alumnus
‎2018-05-02 07:45 AM

Creating VSX Virtual Systems using REST API

This is a very simple solution for creating VSX virtual systems using the 'run-script' REST api call on R80.X management versions. The vsx provisioning tool api is not exposed outside of the Check Point management server so scripting the creation of virtual systems could only happen from inside the management server. This api call will allow you to add/delete/modify virtual systems from a third-party automation/orchestration server.

I have attached some bash script code examples that you can use to reference,expand, and develop your own solution.

The run-script api call has to have both a "target" and "script" values . This target needs to be the name of the Check Point Management server. In the example below the management server's name is 'R80.10'. 

The "script" value needs to be the vsx_provisioning_tool configuration.The example below shows a very simple VS being created on VSX. More information on the syntax of this command can be found HERE on the user center site.

Create VS Example:

#!/bin/bash

cp_api_url='https://192.168.30.95'

#Login and retrieve the session_id
SID=`curl -k -H "Content-Type: application/json" -H "Accept: bla" -X POST '{"user":"admin","password":"mypass"}' $cp_api_url/web_api/login | ./jq-linux64 '.sid' | sed s/\"//g`

#VSX VS Deployment
curl -k \
-H "Content-Type: application/json" \
-H "Accept: bla" \
-H "X-chkp-sid: $SID" \
-X POST -d '{"script-name":"VSX Provisioning","script":"vsx_provisioning_tool -s localhost -u admin -p mypass -o add vd name VS1 vsx VSX type vs main_ip 192.168.30.101, add interface name eth1 ip 192.168.30.101/24, add interface name eth2 ip 10.10.10.1/24","targets":"R80.10"}' \
$cp_api_url/web_api/run-script | ./jq-linux64

#publish

curl -k \
-H "Content-Type: application/json" \
-H "Accept: bla" \
-H "X-chkp-sid: $SID" \
-X POST -d '{}' \
$cp_api_url/web_api/publish | ./jq-linux64

#logout
curl -k -H "Content-Type: application/json" -H "Accept: bla" -H "X-chkp-sid: $SID" -X POST -d '{}' $cp_api_url/web_api/logout

Enjoy

VsxProvisionExampleScripts.tgz
2 Replies
ias_gc-dk
Contributor
‎2020-02-26 03:53 AM

I realize this post is a little old, but this is what I am struggling a bit with now.

 

How do I find the value for ,"targets": which is "R80.10" in this example? Is it the hostname of the management-station or something else?

Could someone point out how I get a hold of this information?

0 Kudos
Alexko
Explorer
‎2020-09-18 05:40 AM
In response to ias_gc-dk

The answer comes a little late, but for all the future visitors the "targets" are the names of the Objects you want to run the script on. In this case the VSX Gateway.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    Top