This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Thias
Participant
‎2025-04-23 02:18 AM
Jump to solution

Change some VPN Community settings with mgmt_cli

Hello 

I'm creating a script to configure VPN Communities. 

Mgmt_cli is used for this. 

The creation is not the problem. That work fine. 

I'm looking for a solution to set the "Permanent Tunnels" and the "VPN Routing" settings. 

The communities are VPN Star Communities. 

On the management api referece there is no solution documented by  "add vpn-community-star" or "set vpn-community-start".

Or I don't see it 🙂 

Can anybody help me? 

 

Regards 

Matthias 

0 Kudos
1 Solution

Accepted Solutions
Thias
Participant
‎2025-04-23 04:40 AM
Jump to solution

Hello again 

I found a solution. 

Here is an old thead. But it still work. 

https://community.checkpoint.com/t5/API-CLI-Discussion/Missing-API-possibility-to-set-vpn-community-...

 Kim_Moberg has do it with a generic-object. And this is also working for the VPN Routing settings. 

Here is my code via powershell

 & $MGMTCLI  set generic-object uid `
    (& $MGMTCLI show vpn-community-star name ("VPNCommunity-" + $a.VPNComName) -f json -s $SessionID | ConvertFrom-Json).UID `
    routeThroughCenter TO_OTHER_SATELLITE `
    -f json -s $SessionID

For the VPN routing the routeThroughCenter must be set.

Values are

NONE --> To center only

TO_OTHER_SATELLITE --> To center and to other satellites through center 

BY_DEFAULT --> To center or through the center to outher satellites, to Internet and other VPN targets

I hope it is helpful for some one 

Matthias 

View solution in original post

0 Kudos
1 Reply
Thias
Participant
‎2025-04-23 04:40 AM
Jump to solution

Hello again 

I found a solution. 

Here is an old thead. But it still work. 

https://community.checkpoint.com/t5/API-CLI-Discussion/Missing-API-possibility-to-set-vpn-community-...

 Kim_Moberg has do it with a generic-object. And this is also working for the VPN Routing settings. 

Here is my code via powershell

 & $MGMTCLI  set generic-object uid `
    (& $MGMTCLI show vpn-community-star name ("VPNCommunity-" + $a.VPNComName) -f json -s $SessionID | ConvertFrom-Json).UID `
    routeThroughCenter TO_OTHER_SATELLITE `
    -f json -s $SessionID

For the VPN routing the routeThroughCenter must be set.

Values are

NONE --> To center only

TO_OTHER_SATELLITE --> To center and to other satellites through center 

BY_DEFAULT --> To center or through the center to outher satellites, to Internet and other VPN targets

I hope it is helpful for some one 

Matthias 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events