This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
hichem
Explorer
‎2022-04-28 06:57 AM

Checkpoint L2L inventory using CLI/API - automation

What is the best way to get the inventory of the L2L VPN on Checkpoint firewalls?

I used the CLI commands VPN TU TLIST & VPN TU LIST IKE on the gateways to get the output. With the help of ansible I end up with the following VPN Peer IP, VPN Name, Encryption method, Local hosts, remote hosts and Ike version. I believe I'm still missing the IKE phase1 and IKE phase2 encryption/integrity details. is there another CLI command that can provide that? in addition, I believe that the CLI command provide the list of active tunnels at the command execution time. If the interesting traffic is not crossing a specific tunnel, then we will miss that specific tunnel inventory. right?  

 

I found also some documented APIs, I didn't try them yet. However, from the documentation it looks like we may end up with few information like VPN Name, encryption method, IKE phase 1 and IKE phase 2 encryption/integrity algorithm.

 

Now, I'm thinking to combine the output of the CLI and API to get the maximum information about the inventory. 

Any suggestions is highly appreciated!

 

0 Kudos
1 Reply
Art_Zalenekas
Employee
Employee
‎2022-06-06 09:54 AM

You can get all the information through the API about S2S VPNs, Star or Mesh. You got it right. Good luck!

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events