I have created a small script for you, so you can try it out, and then modify it for your purpose.
#/bin/bash
#########################################################################
# script created by Kim Moberg, Erowind Energy A/S - October 24th 2018
#
# Use script for extract generic information on VPN communities..
# typically this is done by single lines commands, but as an illustration
# I have create the script how to.
# One have to enter credentials to Check Point API, and then enter a
# known VPN community name to extra the information.
# Please feel free to modify script.
########################################################################
clear
########################################################################
# Login to the API server, and save session to file id.txt
# Remeber when running the script setting the username and password
# without saving the password in the script file.
#
#######################################################################
# ask for credentials from user
echo "Please enter your username and password"
read -p "Enter username and press [ENTER]: " USER
read -s -p "Enter password and press [ENTER]: " PASS
echo
mgmt_cli login user ${USER} password ${PASS} > id.txt
# in case of an error: print to screen the error message and abort
if [ $? -ne 0 ]; then
echo "Login command failed."
cat id.txt
exit 1
fi
######################################################################
# Ask for user to enter a vpn community name
#
######################################################################
echo
echo "Please enter a VPN community name you want to show generic object from"
read -p "Enter VPN community name eg. WP-name [ENTER] : " VPNname
echo
echo "You entered the following VPN community name"
echo $VPNname
echo
echo
vpnuid=$(mgmt_cli -s id.txt show-generic-objects name $VPNname -f json | ${CPDIR}/jq/jq -r '.objects[] | select (.type | contains("vpn-community-star")) | .uid')
echo "VPN community uid found for the entered VPN community is: $vpnuid"
echo
echo
echo "These are all the properties of the selected VPN community."
echo "you can read out all these properties for some kind of backup"
echo "one needs to write a script to read and set these information afterwards in another script or so."
mgmt_cli -s id.txt show generic-object uid $vpnuid
###########################################
# END OF FILE
###########################################
I will try to upload the script file. I think if you just paste it it might fail because of windows vs linux presenation of the code in the text above.
Please enter your username and password
Enter username and press [ENTER]: admin
Enter password and press [ENTER]:
Please enter a VPN community name you want to show generic object from
Enter VPN community name eg. WP-name [ENTER] : WP-Gettrup
You entered the following VPN community name
WP-Gettrup
VPN community uid found for the entered VPN community is: ef980fd9-8b9d-478d-8059-c7dd91154672
These are all the properties of the selected VPN community.
you can read out all these properties for some kind of backup
one needs to write a script to read and set these information afterwards in another script or so.
objectValidationState: null
color: "BLACK"
automaticRimSatellites: false
customerScriptSatellites: false
supportWireMode: false
customerScriptCenter: false
routeRetPackets: false
enableMep: false
participantsDomains: []
type: "intranet_community"
id: 16
satelliteGateways:
- "b3e7fa6d-f97d-4e44-ac16-da0295e7c86a"
disableNat: true
mepMechanism: "SRC"
allowAllEncryptedTraffic: false
topology: "STAR"
extGatewaysSharedSecret:
- objId: "3ec83db0-f51d-478a-8030-da2d5fe88172"
checkPointObjId: null
domainId: "41e821a0-3720-11e3-aa6e-0800200c9fde"
externalGateway: "b3e7fa6d-f97d-4e44-ac16-da0295e7c86a"
sharedSecret: ""
folderPath: "6dc0cdb9-08cd-47ae-bdff-11d9229a9c3e"
text: null
folder: "6dc0cdb9-08cd-47ae-bdff-11d9229a9c3e"
is_owned: false
ownedName: ""
participantGateways:
- "d147b287-cad8-4bbe-8abf-44090fe951f3"
disableNatOn: "BOTH"
permanentTunnelsDef: "NONE"
routeInjectionTrack: "LOG"
routeThroughCenter: "NONE"
selMechanism: "FIRST"
backupStickiness: false
meshedInCenter: false
permanentTunnelParticipantList: []
cryptography:
objId: "21e226f1-0543-4db8-b8ad-0d78f3f4a8ac"
checkPointObjId: null
domainId: "41e821a0-3720-11e3-aa6e-0800200c9fde"
cryptographyTypeSupport: "IKE_V2_ONLY"
cryptographyProfile: "CUSTOM_PROFILE"
folderPath: "6dc0cdb9-08cd-47ae-bdff-11d9229a9c3e"
text: null
folder: "6dc0cdb9-08cd-47ae-bdff-11d9229a9c3e"
is_owned: false
ownedName: ""
automaticRim: true
tunnelGranularity: "PER_SUBNET"
defaultMepRule:
objId: "b55da75b-cbdf-4090-81d8-28fff3d277fd"
checkPointObjId: null
domainId: "41e821a0-3720-11e3-aa6e-0800200c9fde"
icon: "Unknown"
source: []
color: "BLACK"
name: ""
priority3: []
priority2: []
priority1: []
displayName: ""
comments: ""
folderPath: "6dc0cdb9-08cd-47ae-bdff-11d9229a9c3e"
text: null
folder: "6dc0cdb9-08cd-47ae-bdff-11d9229a9c3e"
is_owned: false
ownedName: ""
tags: []
customFields: []
metaInfo: null
features: []
systemTags: []
vpnMepResolverNotification: "LOG"
addRoutedDomain: null
permanentTunnelList: []
allowAllEncryptedTrafficOn: "BOTH"
supportWireModeRouting: false
permanentTunnelUpTrack: "LOG"
permanentTunnelParticipants: "ALL_MEMBERS"
ikeP2:
objId: "07bb6dbd-005f-4cc1-865b-6ef443e485fd"
checkPointObjId: null
domainId: "41e821a0-3720-11e3-aa6e-0800200c9fde"
ikeP2UseSubnets: true
ikeP2UseRekeyKbytes: false
ikeP2RekeyTime: 28800
ikeP2UsePfs: false
ikeP2EncAlg: "AES_MINUS_256"
ikeP2RekeyKbytes: 50000
ikeP2HashAlg: "SHA1"
ikeP2Ipcomp: "NONE"
ikeP2PfsDhGrp: "97aeb629-9aea-11d5-bd16-0090272ccb30"
folderPath: "6dc0cdb9-08cd-47ae-bdff-11d9229a9c3e"
text: null
folder: "6dc0cdb9-08cd-47ae-bdff-11d9229a9c3e"
is_owned: false
ownedName: ""
ikeP1:
objId: "17d527c7-caa2-4d12-91e3-eee716b8ce7f"
checkPointObjId: null
domainId: "41e821a0-3720-11e3-aa6e-0800200c9fde"
ikeP1EncAlg: "AES_MINUS_256"
ikeP1UseAggressive: false
ikeP1UseSharedSecret: true
ikeP1UseSharedSecretForDaip: false
ikeP1UseAggressiveForDaip: false
ikeP1RekeyTime: 60
ikeP1DhGrp: "97aeb62e-9aea-11d5-bd16-0090272ccb30"
ikeP1HashAlg: "SHA1"
folderPath: "6dc0cdb9-08cd-47ae-bdff-11d9229a9c3e"
text: null
folder: "6dc0cdb9-08cd-47ae-bdff-11d9229a9c3e"
is_owned: false
ownedName: ""
manualMepRules: []
excludeSrv:
- "97aeb475-9aea-11d5-bd16-0090272ccb30"
- "07ec4cae-7c50-4b2e-81ed-d75643ab5694"
permanentTunnelDownTrack: "LOG"
uid: "ef980fd9-8b9d-478d-8059-c7dd91154672"
folder:
uid: "6dc0cdb9-08cd-47ae-bdff-11d9229a9c3e"
name: "Global Objects"
domain:
uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
name: "SMC User"
meta-info:
metaOwned: false
lockStateResponse: null
validationState: "OK"
deletable: true
renameable: true
newObject: false
lastModifytime: 1527840038038
lastModifier: "admin"
creationTime: 1527840022948
creator: "admin"
tags: []
name: "WP-Gettrup"
icon: "VPNCommunities/Star"
comments: "Auto generated Site2site VPN community between HQ and a Windpark ZXY "
display-name: "WP-Gettrup"
customFields: []
_original_type: "StarCommunity"