This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
aharihara
Contributor
‎2022-09-07 02:06 AM
Jump to solution

Command to view interface-security_zone mapping

Hi Checkmates!

 

I would like to see all the interfaces and the security zones mapped to them in CLI. I can see this in Smart Console, but one interfaces in one gateway at a time. It is so painful when you have a hundreds of interfaces in a VSX environment and plenty of zones. Im looking for a way to document the configuration which will also help us in everyday operations. I tried looking in the forums with no luck. I believe that there should be a way to do this CLI. However if there is any other method I would be glad to know that. Can any of you come across a similar situation and can guide me on how to do this?

 

Best Regards,

Hari

Labels
0 Kudos
1 Solution

Accepted Solutions
Danny
MVP Platinum
MVP Platinum
‎2022-09-07 04:04 AM
Jump to solution

I would go from here and adjust according to your demand.

View solution in original post

6 Replies
Chris_Atkinson
MVP Platinum CHKP MVP Platinum CHKP
MVP Platinum CHKP
‎2022-09-07 03:35 AM
Jump to solution

Currently there is a process available via TAC that leverages the MGMT API and some Gateway side output to achieve this.

You could request the same from them and tailor it to your needs but caution should be used since we don't support 3rd party scripts

CCSM R77/R80/ELITE
aharihara
Contributor
‎2022-09-07 04:42 AM
In response to Chris_Atkinson
Jump to solution

Thanks! I will try via TAC if I don't find any other way to do this.

0 Kudos
Danny
MVP Platinum
MVP Platinum
‎2022-09-07 04:04 AM
Jump to solution

I would go from here and adjust according to your demand.

aharihara
Contributor
‎2022-09-07 04:53 AM
In response to Danny
Jump to solution

Thanks a lot Danny!😊 I'm quite new when it comes to scripting . So I'm very sceptical about running those one liners in the production firewalls. However I will use this as a starting point to learn scripting in Checkpoint. My worry is that if I run these one liners, will it make any changes to the firewall. Whenever I see the word topology in a command, I'm a bit scared if it would fetch new topology and eventually change it(like how it happens in Smart Console) 😐

0 Kudos
Danny
MVP Platinum
MVP Platinum
‎2022-09-07 05:01 AM
In response to aharihara
Jump to solution

You asked for "way to do this CLI" and now you are sceptical to run standard CLI commands that already won prizes and are referenced in several books after being heavily tested by this community? The one-liner I referenced doesn't change anything on your system and just greps through some config files and formats the output for your pleasure. It couldn't be simpler.

aharihara
Contributor
‎2022-09-07 05:33 AM
In response to Danny
Jump to solution

Thanks Danny! I told that I was sceptical only because of my little experience with checkpoint CLI. My experience is limited to day to day operational commands. I'll try this one-liner since I'm assured that doesn't change anything in the system. 😊

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events