Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
chauhac1
Participant

Add Group from one Domain to another

Good Evening All,

I'm new to Check Points so if this has been answered please let me know.

I have a group that is on another Domain in the Smart Console, however, that has 365 networks added.

I need to get that group onto another Domain within Smart Console.

I have got as far as

show group name grp_Office365 --format json

show group name grp_Office365

I have the outputs saved on Notepad ++, however, I'm a little stuck on how I paste the output onto the new domains CLI.

 

Adding the hosts individually via the GUI is taking forever, however, the CLI output took half the time it took me to add 25 entries to the new group! 

Surely, there is a way of getting my show group output into the new domain with a strategic copy and paste.

 

 

0 Kudos
3 Replies
PhoneBoy
Admin
Admin

You're assuming that all of those networks are defined exactly the same way and exactly with the same name on the other domain.
Unless the objects in question are global, that is NOT necessarily a safe assumption.
Further, the API generally limits the number of results returned, so you may need to do queries with limit/offset to get all the results.

Assuming you resolve all that, the command is "set group"
https://sc1.checkpoint.com/documents/latest/APIs/index.html#cli/set-group~v1.7%20
You could iterate through each item and add it to the relevant group:

mgmt_cli set group name "MyGroup" members.add "MyHostName"

 

chauhac1
Participant

Good Morning,

The networks are global.

I thought there may have been an easier way rather than manually doing the copy and paste from the output and putting it into the lines shown below.

I tried to open the JSON in Excel, but that didn't work out for me the way I wanted it to. 

add network name "enet_SFB_13.107.64.0_18" subnet "13.107.64.0" subnet-mask "255.255.192.0"

add group name "grp_Office365."
set group name "grp_Office365." members.1 "ehost_13.107.64.0_18" members.2 "ehost_52.112.0.0_14" members.3 "ehost_52.120.0.0_14" members.4 "ehost_52.238.119.141_32" members.5 "ehost_52.244.160.207_32"

0 Kudos
chauhac1
Participant

add network name enet_SFB_13.107.64.0_18 subnet 13.107.64.0 subnet-mask 255.255.192.0
add network name enet_SFB_52.112.0.0_14 subnet 52.112.0.0 subnet-mask 255.252.0.0

set network name enet_SFB_13.107.64.0_18 groups grp_Office365.
set network name enet_SFB_52.112.0.0_14 groups grp_Office365.

 

I then found out, there are updateable objects, however, the learning curve was great, which means going forwards, I know how to make life easier. 

0 Kudos