Checkpoint policy installation through ansible

Aathi · ‎2019-04-01

Hi Team,

we are automating checkpoint firewall rule creation through Ansible playbook.in that we are able to install the rule on one policy package.similarly same rule can we install it on 2 policy packages.Instead of running playbook every gateway separately.

working :

- name: "install policy"
check_point_mgmt:
command: install-policy
parameters:
policy-package: "OOBFW_POLICY"
session-data: "{{login_response}}"

Need to work:

- name: "install policy"
check_point_mgmt:
command: install-policy
parameters:
policy-package: "OOBFW_POLICY and APP Policy"
session-data: "{{login_response}}"

Regards

Aathi

PhoneBoy · ‎2019-04-02

A gateway can only have one policy package installed.
A policy package can include multiple policy layers.
Likewise, you can only install one policy package at a time, though that policy can be installed on multiple gateways.

Can you explain in more detail what exactly you are trying to do?

Aathi · ‎2019-04-02

HI,

Thanks for the update.Same policy ( i mean the access rule) i have to install it on 2 different gateway.

For example lets consider the below access rule

Source :10.0.0.10

destination: 192.168.10.10

port:443

I have to install this rule on 2 difference gateway on single playbook.instead of running the 2 different playbooks for 2 gateways.

Regards

Aathi

Are you a member of CheckMates?

Checkpoint policy installation through ansible