Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Conchi_Maseda_P
Participant
Participant

VPN deployment in SMB appliances through Zero Touch

hi, I have a doubt regarding deploying SMB appliances through Zero Touch. We successfully run Zero Touch Orchestrated Rollout in our laboratory, but now we want to stablish a vpn between each SMB appliance (defined in demo-profile) and a central Gateway. Where do you define "vpn domain" in demo-profile?
best regards

5 Replies
G_W_Albrecht
Legend Legend
Legend

Afaik, Zero Touch replaces the First Time Wizard only - VPN config must be deployed using policy install and is defined in dashboard.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Pedro_Espindola
Advisor

You can run a script with zero touch. Use "set vpn site-to-site" command in your script to configure the blade and "add vpn site" command to configure the sites.

Check the Check Point R77.20.80 600/700/1100/1200R/1400 Appliance CLI Guide for more information.

Conchi_Maseda_P
Participant
Participant

Hi Pedro, thank you for your comment, may i write the commands on "rollout.py" file? or am I wrong?

i tried but i get a "SyntaxError: invalid syntax"

best regards

0 Kudos
Pedro_Espindola
Advisor

Just add the script in the "CLI Script" text box of the claimed gateway in the Zero Touch Page.

Once the gateway connects to Zero Touch, it will set the other configs first and then run the commands from the script.

Remember that you have to reset the gateway for it to pull configuration from Zero Touch again.

0 Kudos
G_W_Albrecht
Legend Legend
Legend

Please see CP ZeroTouch Users Guide p. 8:

In the claimed gateways table, double click your gateway to open the Edit window. Modify your gateway settings: CLI Script - Use this text field to add CLI commands that are executed on the gateway after all the other settings are applied.

Here you can use clish commands, see Check Point R77.20.80 600/700/1100/1200R/1400 Appliance CLI Reference Guide for syntax details.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events