cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question

VPN deployment in SMB appliances through Zero Touch

hi, I have a doubt regarding deploying SMB appliances through Zero Touch. We successfully run Zero Touch Orchestrated Rollout in our laboratory, but now we want to stablish a vpn between each SMB appliance (defined in demo-profile) and a central Gateway. Where do you define "vpn domain" in demo-profile?
best regards

5 Replies

Re: VPN deployment in SMB appliances through Zero Touch

Afaik, Zero Touch replaces the First Time Wizard only - VPN config must be deployed using policy install and is defined in dashboard.

0 Kudos

Re: VPN deployment in SMB appliances through Zero Touch

You can run a script with zero touch. Use "set vpn site-to-site" command in your script to configure the blade and "add vpn site" command to configure the sites.

Check the Check Point R77.20.80 600/700/1100/1200R/1400 Appliance CLI Guide for more information.

Re: VPN deployment in SMB appliances through Zero Touch

Hi Pedro, thank you for your comment, may i write the commands on "rollout.py" file? or am I wrong?

i tried but i get a "SyntaxError: invalid syntax"

best regards

0 Kudos

Re: VPN deployment in SMB appliances through Zero Touch

Just add the script in the "CLI Script" text box of the claimed gateway in the Zero Touch Page.

Once the gateway connects to Zero Touch, it will set the other configs first and then run the commands from the script.

Remember that you have to reset the gateway for it to pull configuration from Zero Touch again.

0 Kudos

Re: VPN deployment in SMB appliances through Zero Touch

Please see CP ZeroTouch Users Guide p. 8:

In the claimed gateways table, double click your gateway to open the Edit window. Modify your gateway settings: CLI Script - Use this text field to add CLI commands that are executed on the gateway after all the other settings are applied.

Here you can use clish commands, see Check Point R77.20.80 600/700/1100/1200R/1400 Appliance CLI Reference Guide for syntax details.

0 Kudos