Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Contributor

API - Adding network objects with the same IP than others already created

Jump to solution

HI!

I am trying to create network objects in a checkpoint due to a migration. As in ASA we could have created objects with the same network range(duplicated objects), I am having several problems to migrate it succesfully.

I am using a csv file in which I have included the objects with the syntax that Checkpoint allows. I use the following command:

mgmt_cli add network -r true --batch prueba.csv -d IBDL_CALES

I have also added the ignore-warnings field, ignore-errors and set-if-exists fields but none of them let me create the object that has the same IP or IP range than the ones that are created in the Checkpoint. The output I get is the following:

Line 2: code: "err_validation_failed"
message: "Validation failed with 1 warning"
warnings:
- message: "More than one network have the same IP x.x.x.x/y.y.y.y"

Does Any of you know how to supress that warnings and create that duplicated objects?

 

It's important to me creating them because they are a lot of objects(I have the same problem ith the hosts) and then We want to migrate the policies too and we must have the same objects than in the ASA.

1 Solution

Accepted Solutions
Contributor

I have just found out how to solve it. The problem was that it's compulsory to include it in the csv file as a field and you can't type it as a field in the mgmt_cli command.

Thanks for the support!!!

View solution in original post

0 Kudos
Reply
10 Replies
Admin
Admin
Just to clarify, you have an object that covers x.y.z.w/a.b.c.d and want to create another with a different name?
Are you adding set-of-exists true to your CLI command or the CSV?
0 Kudos
Reply
set-if-exists will update the object not create a second one. If he is trying to create different named objects but same subnet it would just update the name.
Contributor
This is not what I am noticing. This is what I am seeing:
Created Test-1( 1.1.1.0 /24) using Smartconsole CLI like this :
> add network name Test-1 subnet 1.1.1.0 subnet-mask 255.255.255.0 color blue
Published the change.
Then did this, expecting the name will change:
> add network name Test-2 subnet 1.1.1.0 subnet-mask 255.255.255.0 color blue set-if-exits true ignore-warnings true ignore-errors true
But it did create two objects "Test-1" and "Test-2" with same network 1.1.1.0/24

Can you please guide me? My API version is 1.1

Thanks.
0 Kudos
Reply
Admin
Admin
set-if-exists true will only work if you create an object with the same name, not if you create an object with a different name for the same IP.
Further, you suppressed knowledge of this with ignore-warnings true, which should have prevented you from doing that.

This is expected behavior.
0 Kudos
Reply
Contributor



So, what should I do if I want to "Create a new object with an IP but just edit the name and parameters like comments and color if another object with that IP does exist"? Or in other words how do I make "set-if-exists" to look for IP address instead of name?
Thanks in advance!
0 Kudos
Reply

I’m going to send you a direct message and we can work through this. 

0 Kudos
Reply
add this to your command 'ignore-warnings true ignore-errors true'

That will ignore the errors...
Contributor

As I have mentioned before, I have already tried to put that ignore errors field and the warnings field and I continue receiving the following error:

Line 2: code: "err_validation_failed"
message: "Validation failed with 1 warning"
warnings:
- message: "More than one network have the same IP x.x.x.x/y.y.y.y"


Executed command failed. Changes are discarded.

0 Kudos
Reply
Contributor

I have just found out how to solve it. The problem was that it's compulsory to include it in the csv file as a field and you can't type it as a field in the mgmt_cli command.

Thanks for the support!!!

View solution in original post

0 Kudos
Reply
Participant

Hello DPB_Point ,

 

what is the exact syntax in csv file?

 

I tried to put ignore_warnings ignore_errors, ignore-warnings, ignore-errors in the first line, but still giving an error:

 

error message:

Line 4: code: "err_validation_failed"
message: "Validation failed with 1 warning"
warnings:
- message: "Multiple objects have the same IP address 1.1.1.3"


Executed command failed. Changes are discarded.

 

Thank you,

 

Marko

 

 

0 Kudos
Reply