Hi,

Sorry but we are not the owners of GAIA APIs. 

Please talk to @CHKP-majds (majds@checkpoint.com) - I also sent him link to this post.

Thanks!

Hello @ameera this doesn't really make sense. The collection leverages the mgmt api so there must be a way to target specific gateways, as there is with the web api collection (module target parameter). You mention you "provide our gaia APIs to configure one gateway" - how do you connect to a single gateway via the mgmt api to process gaia api commands? 

this is what I did:

I added the following lines to "/etc/ansible/hosts" in ansible machine

[check_point]
172.23.21.103
[check_point:vars]
ansible_httpapi_use_ssl=True
ansible_httpapi_validate_certs=False
ansible_user=<user_name>
ansible_password=<password>
ansible_network_os=check_point.gaia.checkpoint

again, this is in ansible machine which should configure the gateways

now how to add more than one gateway I don't know

maybe you just want to add more IPs under [check_point], but I didn't try that

I was under the impression, based on the README of the collection and github repo, that this new collection would allowed  control of a gateway using management web-services API. 

So Ansible hosts file would be configured as below

[check_point]
%CHECK_POINT_MANAGEMENT_SERVER_IP%
[check_point:vars]
ansible_httpapi_use_ssl=True
ansible_httpapi_validate_certs=False
ansible_user=%CHECK_POINT_GAIA_USER%
ansible_password=%CHECK_POINT_GAIA_PASSWORD%
ansible_network_os=check_point.gaia.checkpoint

Meaning you would target the gateways in the yaml via the targets parameter. 

https://galaxy.ansible.com/check_point/gaia 

https://github.com/CheckPointSW/CheckPointAnsibleGAIACollection

@ameera can you please check this internally. 

@ameera ? 

Can you highlight the confusing part in the readme regarding targets?

Rather if the intent of the corresponding GAiA API is unclear please refer sk143612.

maybe you are referring to management API ?

it is another collection differ from gaia collection
https://galaxy.ansible.com/check_point/mgmt 

https://github.com/CheckPointSW/CheckPointAnsibleMgmtCollection 

No I'm not referring to the management API. 

We already use the management API extensively. 

Understood the same. Never figured it out...

With the Gaia API, you don't necessarily use the management server's IP, you use the IP of the thing you're trying to work with. For example, you could use Ansible with the Gaia API to set the login banner. The login banner can be set on management servers and on firewalls. If you want to set it on a firewall, your Ansible configuration needs to include the IP (or name, if you have DNS) of that firewall.

maybe the %CHECK_POINT_MANAGEMENT_SERVER_IP% is confusing and it was misunderstand able 

we are referring it to any gaia IP ( firewall IP or management IP )

This is basic Ansible stuff in my view.

Howabout

[check_point]
10.0.0.2
10.0.0.3
10.0.0.12
10.0.0.23

Now it is up to your playbook to determine which settings needs to be done on all hosts and which are done per host.