Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

mgmt_cli and add-vpn-community-star

Hello,

in https://sc1.checkpoint.com/documents/latest/APIs/index.html#cli/add-vpn-community-star~v1.4%20, it says:

 

add-vpn-community-star (with shared secrets)

 

Command

mgmt_cli add vpn-community-star name "New_VPN_Community_Star_1" center-gateways "External_Gateway_1" use-shared-secret true shared-secrets.1.external-gateway "External_Gateway_1" shared-secrets.1.shared-secret "mysharedsecret1" --version 1.4 --format json
 • "--format json" is optional. By default the output is presented in plain text.

 

Why is the external gateway listed under "central-gateways"? Typo?

Regards, Christian Riede

0 Kudos
4 Replies
Highlighted

Re: mgmt_cli and add-vpn-community-star

With External Gateway the only thing I can think of is your gateway at the perimeter, as you can have a external and an Internal gateway.
For the Remote side I would use the term Remote Gateway as to describe the gateway at the other side.
Regards, Maarten
0 Kudos
Highlighted

Re: mgmt_cli and add-vpn-community-star

Hello Checkpoint,

can you please update the documentation? This is obviously inconsistent.

Thanks in advance.

Christian Riede

0 Kudos
Highlighted

Re: mgmt_cli and add-vpn-community-star

Hi @Christian_Riede ,

This is not a Typo. In Star community you have Central Gateway and Satellite Gateways. These Gateways can be Check-Point Gateways or Externally Managed Gateways (see image below).

In this example "External_Gateway_1" is of type Externally Managed, it was set in the community as a Central Gateway and since it is Externally Managed, it should be configured with shared secret. This is why it is being listed twice.

 

externally-managed.png

0 Kudos
Highlighted

Re: mgmt_cli and add-vpn-community-star

OK, understood. I our installation (and probably in 99% of all worldwide installations), the center gateway is an internal gateway, so this example is not wrong, but counterintuitive and somehow misleading.

0 Kudos