Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Kim_Moberg
Advisor

How to find generic-object that is not defined in the API?

Hi Team

Where can I read out the available object name used in the below example to create a interoperable device?

Is it found in dbedit editor?

mgmt_cli -s id.txt add generic-object create "com.checkpoint.objects.classes.dummy.CpmiGatewayPlain" name "interdev_2" ipaddr "10.1.1.2" thirdPartyEncryption "True" osInfo.osName "Gaia" vpn.create "com.checkpoint.objects.classes.dummy.CpmiVpn" vpn.owned-object.vpnClientsSettingsForGateway.create "com.checkpoint.objects.classes.dummy.CpmiVpnClientsSettingsForGateway" vpn.owned-object.vpnClientsSettingsForGateway.owned-object.endpointVpnClientSettings.create "com.checkpoint.objects.classes.dummy.CpmiEndpointVpnClientSettingsForGateway" vpn.owned-object.vpnClientsSettingsForGateway.owned-object.endpointVpnClientSettings.owned-object.endpointVpnEnable "True" vpn.owned-object.ike.create "com.checkpoint.objects.classes.dummy.CpmiIke" vpn.owned-object.sslNe.create "com.checkpoint.objects.classes.dummy.CpmiSslNetworkExtender" vpn.owned-object.sslNe.owned-object.sslEnable "False" vpn.owned-object.sslNe.owned-object.gwCertificate "defaultCert" manualEncdomain $vpn_enc_domain encdomain "MANUAL"

Best Regards
Kim
4 Replies
Robert_Decker
Advisor

I don't understant your question...

What are you trying to accomplish exactly? View an object created by a generic objects API?

0 Kudos
Kim_Moberg
Advisor

Hi Robert

I am trying to fill out the gap from my https://community.checkpoint.com/thread/7701-missing-api-possibility-to-set-vpn-community-star-objec... 


And then I wonder how and were you were able to find these field values! How I can find then myself and use the fields?


So i was thinking if I could run the command 

To show all object of a vpn-community which used perfect forward secret and set DH on Ipsec Phase 2


Please the my latest post below. 

Best Regards
Kim
0 Kudos
Kim_Moberg
Advisor

By running this commenad

 mgmt_cli -u admin show  generic-object uid 11fa48eb-d89b-4f70-9ff1-bbe82abc54d1

I ask to show uid of an active vpn-community-star 

There I have found some values, that I might select to use?

#enable Perfect Forward Secrecy true/false
ikeP2.ikeP2UsePfs true

#use DH group 5
ikeP2.ikeP2PfsDhGrp: "97aeb629-9aea-11d5-bd16-0090272ccb30"

#Rekey phase1 and phase2

ikeP1.ikeP1RekeyTime "60"

ikeP2.ikeP2RekeyTime "28800"

how would I be able to set or add settings to a created vpn-community-start via a API something like this?

mgmt_cli add generic-object set "com.checkpoint.objects.classes.dummy.CpmiGatewayPlain" name "interdev_2"  ikeP2.ikeP2UsePfs "true" ikeP2.ikeP2PfsDhGrp "97aeb629-9aea-11d5-bd16-0090272ccb30" ikeP1.ikeP1RekeyTime "60" ikeP2.ikeP2RekeyTime "28800"

Thanks

Kim

Best Regards
Kim
0 Kudos
Robert_Decker
Advisor

As I've already mentioned in your other post, when Management API lacks some settings, and this can happen, you can combine it along with dbedit API, as you did in interoperable device update.

The show-objects command and show-generic-objects command show the whole list of settings that can be accessed via dbedit API.

Robert.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events