This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Stan_Mazur
Participant
‎2018-07-25 03:54 PM
Jump to solution

Inventory gateway script

New to scripting , how do I run gateway-inventory script on MDS?

1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin
‎2020-02-21 12:50 PM
In response to jekyllsdrk
Jump to solution

You have to work with mgmt_cli exactly the same way as if you were coding against the API.
This means:

  1. Logging in to create a session
  2. Performing whatever changes you wish to make
  3. If you want to commit the changes you made, issue a "publish" action.
  4. When you're done, log out of the session.

If you're on the management server itself, you can use -r true to bypass doing all of the above, but the above happens "under the covers."
When running from a Windows machine, you're obviously not on the management server, so you have to do the entire flow.

For your specific example, this means something like:

C:\Program Files (x86)\CheckPoint\SmartConsole\R80.30\PROGRAM> mgmt_cli -m 3.80.173.165 -u aa -p aaaa login > \temp\sid.txt

This logs in with the username aa, password aaaa, and writes the session information to \temp\sid.txt so it can be used later.
Then you can issue the command to show gateways-and-servers:

C:\Program Files (x86)\CheckPoint\SmartConsole\R80.30\PROGRAM> mgmt_cli -m 3.80.173.65 -s \temp\sid.txt show gateways-and-servers

- uid: "453ea708-cb36-4ca1-8c51-831e86c7a5d3"
  name: "BranchOffice"
  type: "simple-gateway"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
- uid: "7f994e69-f997-47bd-9f80-621cf622941e"
  name: "Corporate-GW"
  type: "simple-gateway"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
- uid: "a9f2d9bd-35e4-4571-bebb-4aeec04730df"
  name: "EuropeBranchGw"
  type: "simple-gateway"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
- uid: "b69b4a9c-1386-4bb1-8057-926551cfcdad"
  name: "HQgw"
  type: "simple-gateway"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
- uid: "e1fdc743-e9c8-df44-95bd-b842bcbac362"
  name: "mgmt"
  type: "CpmiHostCkp"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
- uid: "71ec8bfb-5924-4672-a207-0682e46285ad"
  name: "Remote-1-gw"
  type: "simple-gateway"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
- uid: "95201290-08b3-405f-a4ae-0785f76e8e4b"
  name: "Remote-2-gw"
  type: "simple-gateway"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
- uid: "2c68301f-e1f9-4ce4-af46-8f4ded4a9fd2"
  name: "Remote-3-gw"
  type: "simple-gateway"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
- uid: "167c76ab-12d2-4e34-834a-00ea056289d3"
  name: "Remote-4-gw"
  type: "simple-gateway"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
- uid: "004b689b-797a-4212-b21c-8df4c8b992e3"
  name: "Remote-5-gw"
  type: "simple-gateway"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
- uid: "f6bb4929-a831-406a-93da-af6f95525437"
  name: "RemoteBranchGw"
  type: "simple-gateway"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
- uid: "37b07654-bc93-469a-9991-27a3b757e9aa"
  name: "ThreatEmulationDevice"
  type: "simple-gateway"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
from: 1
to: 12
total: 12

Since you're not making any changes here, no publish is required.
Logout to release the session:

C:\Program Files (x86)\CheckPoint\SmartConsole\R80.30\PROGRAM> mgmt_cli -m 3.80.173.65 -s \temp\sid.txt logout

View solution in original post

0 Kudos
7 Replies
Tomer_Sole
Mentor
Mentor
‎2018-07-26 10:13 AM
Jump to solution

show-gateways-and-servers API command should help.

Check Point - Management API reference 

jekyllsdrk
Participant
‎2020-02-20 02:10 PM
In response to Tomer_Sole
Jump to solution

How do I run this from the SmartConsole server?

0 Kudos
PhoneBoy
Admin
Admin
‎2020-02-20 08:55 PM
In response to jekyllsdrk
Jump to solution

Using the mgmt_cli binary included in the same directory as the SmartConsole binary.
It works the same way as it does on the Check Point management server.
0 Kudos
jekyllsdrk
Participant
‎2020-02-21 07:25 AM
In response to PhoneBoy
Jump to solution

I am presented with a Username prompt when I attempt to run the following command on the management server.

 

[Expert@cpman:0]# mgmt_cli show gateways-and-servers
Username:

 

Why am I receiving this prompt, and what credentials should I use?

0 Kudos
jekyllsdrk
Participant
‎2020-02-21 07:30 AM
In response to jekyllsdrk
Jump to solution

I tried entering the admin credentials but received the following error.

 

[Expert@cpman:0]# mgmt_cli show gateways-and-servers
Username: admin
Password:
message: "Command execution failed. Response body is empty"
code: "generic_error"

0 Kudos
PhoneBoy
Admin
Admin
‎2020-02-21 12:50 PM
In response to jekyllsdrk
Jump to solution

You have to work with mgmt_cli exactly the same way as if you were coding against the API.
This means:

  1. Logging in to create a session
  2. Performing whatever changes you wish to make
  3. If you want to commit the changes you made, issue a "publish" action.
  4. When you're done, log out of the session.

If you're on the management server itself, you can use -r true to bypass doing all of the above, but the above happens "under the covers."
When running from a Windows machine, you're obviously not on the management server, so you have to do the entire flow.

For your specific example, this means something like:

C:\Program Files (x86)\CheckPoint\SmartConsole\R80.30\PROGRAM> mgmt_cli -m 3.80.173.165 -u aa -p aaaa login > \temp\sid.txt

This logs in with the username aa, password aaaa, and writes the session information to \temp\sid.txt so it can be used later.
Then you can issue the command to show gateways-and-servers:

C:\Program Files (x86)\CheckPoint\SmartConsole\R80.30\PROGRAM> mgmt_cli -m 3.80.173.65 -s \temp\sid.txt show gateways-and-servers

- uid: "453ea708-cb36-4ca1-8c51-831e86c7a5d3"
  name: "BranchOffice"
  type: "simple-gateway"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
- uid: "7f994e69-f997-47bd-9f80-621cf622941e"
  name: "Corporate-GW"
  type: "simple-gateway"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
- uid: "a9f2d9bd-35e4-4571-bebb-4aeec04730df"
  name: "EuropeBranchGw"
  type: "simple-gateway"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
- uid: "b69b4a9c-1386-4bb1-8057-926551cfcdad"
  name: "HQgw"
  type: "simple-gateway"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
- uid: "e1fdc743-e9c8-df44-95bd-b842bcbac362"
  name: "mgmt"
  type: "CpmiHostCkp"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
- uid: "71ec8bfb-5924-4672-a207-0682e46285ad"
  name: "Remote-1-gw"
  type: "simple-gateway"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
- uid: "95201290-08b3-405f-a4ae-0785f76e8e4b"
  name: "Remote-2-gw"
  type: "simple-gateway"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
- uid: "2c68301f-e1f9-4ce4-af46-8f4ded4a9fd2"
  name: "Remote-3-gw"
  type: "simple-gateway"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
- uid: "167c76ab-12d2-4e34-834a-00ea056289d3"
  name: "Remote-4-gw"
  type: "simple-gateway"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
- uid: "004b689b-797a-4212-b21c-8df4c8b992e3"
  name: "Remote-5-gw"
  type: "simple-gateway"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
- uid: "f6bb4929-a831-406a-93da-af6f95525437"
  name: "RemoteBranchGw"
  type: "simple-gateway"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
- uid: "37b07654-bc93-469a-9991-27a3b757e9aa"
  name: "ThreatEmulationDevice"
  type: "simple-gateway"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
from: 1
to: 12
total: 12

Since you're not making any changes here, no publish is required.
Logout to release the session:

C:\Program Files (x86)\CheckPoint\SmartConsole\R80.30\PROGRAM> mgmt_cli -m 3.80.173.65 -s \temp\sid.txt logout

0 Kudos
Kaspars_Zibarts
MVP Gold CHKP MVP Gold CHKP
MVP Gold CHKP
‎2018-07-30 12:39 AM
Jump to solution

This was asked before here and I put small script together 

https://community.checkpoint.com/thread/7023-security-gateway-inventory 

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events