Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Markus_Schambro
Explorer

How to change install targets in policy with api?

Hi All

We have one policy with more than 1000 rules with 2 install Targets.

We want to clone the policy and using 2 policy for each firewall a single policy.

At the reference guide I could'nt found a command to change or remove a target from an existing policy.

Does someone has any idea?

Regards

Markus

0 Kudos
5 Replies
Joshua_Hatter
Employee
Employee

The set-package command provides this functionality.

Link to the command.

Check Point - Management API reference 

MahipalSingh
Participant

I am looking for the same where I have more then 2 gateways defined in install on target and would to remove all of them from cloned policy package. It is about 3000 rules so would be great if anybody share something helpful to reduce the manual effort. 

0 Kudos
PhoneBoy
Admin
Admin

You would have to iterate over each rule and rewrite the install-on field using the set access-rule API.
https://sc1.checkpoint.com/documents/latest/APIs/index.html#cli/set-access-rule~v1.8%20 

Or, possibly simpler, use SmartConsole and do a "where used" to find and replace all the various occurrences. 

0 Kudos
MahipalSingh
Participant

Hi,

Can we use mulitple gateway name or UID in with "install-on.remove"? If yes can you share the syntax.

I can not user where used option because it is only showing 500 entries and we have many policy packages. I want to remove gateways from specific policy package and that is not showing in those 500 entires.

 

0 Kudos
PhoneBoy
Admin
Admin

Yes, the set-access-rule API should take multiple install-on.remove parameters.
If you're trying to accomplish this using mgmt_cli, you will need to specify it as multiple name/value pairs (e.g. install-on.remove.1 gw-a install-on.remove.2 gw-b).

Most of our APIs limit the number of results returned for performance reasons.
To get additional results, make additional API calls specifying the appropriate offset parameter.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events