This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Markus_Schambro
Explorer
‎2018-04-20 12:26 AM

How to change install targets in policy with api?

Hi All

We have one policy with more than 1000 rules with 2 install Targets.

We want to clone the policy and using 2 policy for each firewall a single policy.

At the reference guide I could'nt found a command to change or remove a target from an existing policy.

Does someone has any idea?

Regards

Markus

Labels
0 Kudos
5 Replies
Joshua_Hatter
Employee
Employee
‎2018-04-20 07:34 AM

The set-package command provides this functionality.

Link to the command.

Check Point - Management API reference 

MahipalSingh
Participant
‎2022-08-01 04:47 AM

I am looking for the same where I have more then 2 gateways defined in install on target and would to remove all of them from cloned policy package. It is about 3000 rules so would be great if anybody share something helpful to reduce the manual effort. 

0 Kudos
PhoneBoy
Admin
Admin
‎2022-08-01 06:18 AM
In response to MahipalSingh

You would have to iterate over each rule and rewrite the install-on field using the set access-rule API.
https://sc1.checkpoint.com/documents/latest/APIs/index.html#cli/set-access-rule~v1.8%20 

Or, possibly simpler, use SmartConsole and do a "where used" to find and replace all the various occurrences. 

0 Kudos
MahipalSingh
Participant
‎2022-08-01 07:01 AM
In response to PhoneBoy

Hi,

Can we use mulitple gateway name or UID in with "install-on.remove"? If yes can you share the syntax.

I can not user where used option because it is only showing 500 entries and we have many policy packages. I want to remove gateways from specific policy package and that is not showing in those 500 entires.

 

0 Kudos
PhoneBoy
Admin
Admin
‎2022-08-01 09:52 AM
In response to MahipalSingh

Yes, the set-access-rule API should take multiple install-on.remove parameters.
If you're trying to accomplish this using mgmt_cli, you will need to specify it as multiple name/value pairs (e.g. install-on.remove.1 gw-a install-on.remove.2 gw-b).

Most of our APIs limit the number of results returned for performance reasons.
To get additional results, make additional API calls specifying the appropriate offset parameter.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    Top