This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Veeraselvam_man
Contributor
Thursday
Jump to solution

Request for API Documentation and Guidance for Access Rules on Checkpoint Devices

Hi all,

I'm seeking assistance on how to retrieve access rules information from the Physical Checkpoint Router and Checkpoint Firewall 1590 Appliance using API.

Could you please provide the API documentation and any necessary steps or guidance? This will help me access the rule information effectively.

Thank you!

 

M.Veeraselvam.

0 Kudos
1 Solution

Accepted Solutions
daniel1820815
Employee
Employee
Friday
Jump to solution

Hi @Veeraselvam_man,

on the link below you will find the landing page for the Check Point API references: Check Point - API Reference

For your specific case, take a look at the Spark Management API reference if centrally managed from the Infinity portal or look at the Locally Managed Administration Guide to use the RESTful API on the device.

Let us know here if you need further help to get started.

Daniel

View solution in original post

0 Kudos
7 Replies
daniel1820815
Employee
Employee
Friday
Jump to solution

Hi @Veeraselvam_man,

on the link below you will find the landing page for the Check Point API references: Check Point - API Reference

For your specific case, take a look at the Spark Management API reference if centrally managed from the Infinity portal or look at the Locally Managed Administration Guide to use the RESTful API on the device.

Let us know here if you need further help to get started.

Daniel

0 Kudos
Veeraselvam_man
Contributor
Saturday
In response to daniel1820815
Jump to solution

@daniel1820815 , Could you please share which API is applicable for the Checkpoint Router and Checkpoint Firewall 1590 Appliance? I can't seem to find the exact one.

 

M.Veeraselvam

0 Kudos
PhoneBoy
Admin
Admin
Saturday
In response to Veeraselvam_man
Jump to solution

It's the run-clish-command endpoint described here: https://sc1.checkpoint.com/documents/SMB_R81.10.X/AdminGuides_Locally_Managed/EN/Content/Topics/REST... 
The various clish commands you can run are documented here: https://sc1.checkpoint.com/documents/SMB_R81.10.X/CLI/EN/Content/Topics/CLI-Syntax.htm 

0 Kudos
Veeraselvam_man
Contributor
Sunday
In response to PhoneBoy
Jump to solution

Thank you @PhoneBoy , From your input, it seems the REST API access documentation you shared is applicable to both the physical Checkpoint Router and the Checkpoint Firewall 1590 Appliance. Is this correct?https://sc1.checkpoint.com/documents/SMB_R81.10.X/AdminGuides_Locally_Managed/EN/Content/Topics/REST...

 

 

M.Veeraselvam

0 Kudos
PhoneBoy
Admin
Admin
yesterday
In response to Veeraselvam_man
Jump to solution

Yes, because clish is used to manage both elements on locally managed SMB appliances.

0 Kudos
Veeraselvam_man
Contributor
yesterday
In response to PhoneBoy
Jump to solution

Here is the revised text:

Thank you @PhoneBoy , I want to retrieve the access rules and the corresponding network and service objects from the Checkpoint Router and the Checkpoint Firewall 1590 Appliance. How can I obtain this information using the REST API? Please provide the API commands along with the REST API documentation.

 

M.Veeraselvam

0 Kudos
PhoneBoy
Admin
Admin
12 hours ago
In response to Veeraselvam_man
Jump to solution

It is covered in the links I've already provided you.
Here's a screenshot of the API call format:

image.png

If you're wanting a simple dump of the rules in a viewable format, you need the following two clish commands:

  • show access-rules type incoming-internal-and-vpn
  • show access-rules type outgoing

For full details, then you need the output of "show configuration" which will give you everything (including the router and access policy configuration).
The actual commands sent in the API call must be base64 encoded, as described in the documentation.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events