Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Maarten_Sjouw
Champion
Champion

Export of the VPN communities

Is there anyone who knows about the license information tool script?

It is available on management and collects information from management and all gateways (if online) and exports all this information to a XML file. You can upload this to Check Point to update this info in the usercenter.

We use this script for collecting info about the inventory and this way make sure our CMDB is up to date. However there is one piece that is not collected and would be very useful for us to also have this part collected.

The piece missing is information about VPN's, to us the name of all the different VPN communities would be sufficient but I can imagine that others might like more info about each VPN.

Just a side note, the tool does not run in R80.10 on our MDS but we are working on it with TAC.

Regards, Maarten
0 Kudos
9 Replies
PhoneBoy
Admin
Admin

I'm not sure why a script designed primarily to collect information about licenses would also collect VPN information.

What information specifically are you looking to export about VPNs? 

You can show the information about the various VPN Communities defined by using the following CLI commands:

  • show vpn-communities-star
  • show vpn-communities-meshed

See also: Check Point - Management API reference 

0 Kudos
Maarten_Sjouw
Champion
Champion

Dameon,

The amount of information collected by the tool is way more than just License info. 

We have a 3 server Multi domain environment with around 150 domains, we have a script that uses the tool to collect data per domain and this is the only missing bit in the XML file. As said all I need is the name of each VPN community, but I could imagine some other people would also like to know the participating gateways and VPN encryption settings.

Regards, Maarten
0 Kudos
PhoneBoy
Admin
Admin

The above commands I list should show you which gateways are participating in the communities and the various settings.

0 Kudos
Maarten_Sjouw
Champion
Champion

Tried the command on the MDS, on both R77.30 and R80.10, after a <set domainname xxx > I tried the show commands, but all you can do here is <show vpn tunnel(s)>.

Regards, Maarten
0 Kudos
PhoneBoy
Admin
Admin

The commands I listed above are mgmt_cli commands, which means they are only relevant in R80+ management (not in R77.30 and earlier).

On my system (which is admittedly not MDM and not using VPN), you should still be able to see some output.

[Expert@R8010:0]# mgmt_cli -r true show vpn-communities-meshed

objects:

- uid: "6b8e4ed1-ccd4-43e2-ba94-1ee35d652cf7"

  name: "MyIntranet"

  type: "vpn-community-meshed"

  domain:

    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"

    name: "SMC User"

    domain-type: "domain"

from: 1

to: 1

total: 1

0 Kudos
Maarten_Sjouw
Champion
Champion

yep that works on the R80.10, but we only have 3 doamins on R80.10 and the rest is still on R77.30...

Regards, Maarten
0 Kudos
Maarten_Sjouw
Champion
Champion

It even gets worse, I just got word that the License Information tool is no longer supported, even though the SK88240 shows how to use it on R80.10.

Regards, Maarten
0 Kudos
Gaurav_Pandya
Advisor

Hi,

For health check and license information, you can refer sk121447 where automated script is already available. But it is not taking community information.

You can make script and add commands which are suggested by Dameon.

0 Kudos
Maarten_Sjouw
Champion
Champion

Tried the command on the MDS, on both R77.30 and R80.10, after a <set domainname xxx > I tried the show commands, but all you can do here is <show vpn tunnel(s)>.

The trick is to either get the info added to XML file so we can parse the XML file to our CMDB or create a file per CMA, but then you need a working command.

Regards, Maarten
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events