Hi Team
I have been working on automating site2site vpn with a Check Point Gateway and an Interoperable device, and setting up a vpn community.
https://community.checkpoint.com/message/18635-how-to-add-interoperative-device-via-api
The next step my search to complete my use of API is Add my site2site firewall rule to gateway cluster Security policy.
When I use the active example from the API doc it us being published to the standard security profile. I’ve multiple profile to each of my rule set per secure gateway.
I have been able find my security profiles by using commands to extract uid.
And I also had to find out how to extract and set values I dont find any documentation of.
For example how to set ipsec and ike rekey values because Cisco device ASA5506 or Cisco router 1921/1941 have been configured differnetly than default vpn community values as 1440 min, and 86400 sec.
I can publish a firewall rule
#############################
# Add FW rule
#############################
# Name of rule WP-<Parkname>
# source "Hobro_Scada_Internal" & "WP_Gettrup_Internal_Network"
# destination "WP_Gettrup_Internal_Network" & "Hobro_Scada_Internal"
# services "Vestas Park Services"
# vpn-community "WP-Gettrup"
# action "Accept"
# track "Log"
# install-on "gwcluster"mgmt_cli -u admin add access-rule layer "Network" position 1 name "Windpark Getrrup" source.1 "Hobro_Scada_Internal" source.2 "WP_Gettrup_Internal_Network" destination.1 "WP_Gettrup_Internal_Network" destination.2 "Hobro_Scada_Internal" service.1 "Vestas Park Services" vpn "WP-Gettrup" action "Accept" track.type "Log" install-on "gwcluster"
As you can see it add itself to the security policy [Standard]
How do I select a security profile by either using the name or uid to publish my new firewall rule?
Thanks
Kim
| User | Count |
|---|---|
| 2 | |
| 2 | |
| 2 | |
| 1 | |
| 1 | |
| 1 |
Tue 12 Nov 2024 @ 03:00 PM (AEDT)
No Suits, No Ties: From Calm to Chaos: the sudden impact of ransomware and its effects (APAC)Tue 12 Nov 2024 @ 10:00 AM (CET)
No Suits, No Ties: From Calm to Chaos: the sudden impact of ransomware and its effects (EMEA)Tue 12 Nov 2024 @ 02:00 PM (CET)
Part 1: Harnessing AI to Prevent Cyber Attacks and Enhance Defense - EMEATue 12 Nov 2024 @ 11:00 AM (EST)
No Suits, No Ties: From Calm to Chaos: the sudden impact of ransomware and its effects (AMERICAS)Tue 12 Nov 2024 @ 02:00 PM (EST)
Part 1: Harnessing AI to Prevent Cyber Attacks and Enhance Defense - AmericasTue 12 Nov 2024 @ 03:00 PM (AEDT)
No Suits, No Ties: From Calm to Chaos: the sudden impact of ransomware and its effects (APAC)Tue 12 Nov 2024 @ 10:00 AM (CET)
No Suits, No Ties: From Calm to Chaos: the sudden impact of ransomware and its effects (EMEA)Tue 12 Nov 2024 @ 02:00 PM (CET)
Part 1: Harnessing AI to Prevent Cyber Attacks and Enhance Defense - EMEATue 12 Nov 2024 @ 11:00 AM (EST)
No Suits, No Ties: From Calm to Chaos: the sudden impact of ransomware and its effects (AMERICAS)Tue 12 Nov 2024 @ 02:00 PM (EST)
Part 1: Harnessing AI to Prevent Cyber Attacks and Enhance Defense - AmericasWed 20 Nov 2024 @ 05:00 PM (CET)
Under the Hood: DO NOT Renew your WAF without watching THIS!!Tue 19 Nov 2024 @ 12:00 PM (MST)
Salt Lake City: Infinity External Risk Management and Harmony SaaSWed 20 Nov 2024 @ 02:00 PM (MST)
Denver South: Infinity External Risk Management and Harmony SaaSThu 21 Nov 2024 @ 02:00 PM (MST)
Denver North: Infinity External Risk Management and Harmony SaaSTue 03 Dec 2024 @ 10:00 AM (GMT)
UK Community CNAPP Training Day 1: Cloud Risk Management Workshop
