Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
aharihara
Contributor
Jump to solution

Command to view interface-security_zone mapping

Hi Checkmates!

 

I would like to see all the interfaces and the security zones mapped to them in CLI. I can see this in Smart Console, but one interfaces in one gateway at a time. It is so painful when you have a hundreds of interfaces in a VSX environment and plenty of zones. Im looking for a way to document the configuration which will also help us in everyday operations. I tried looking in the forums with no luck. I believe that there should be a way to do this CLI. However if there is any other method I would be glad to know that. Can any of you come across a similar situation and can guide me on how to do this?

 

Best Regards,

Hari

0 Kudos
1 Solution

Accepted Solutions
Danny
Champion Champion
Champion

I would go from here and adjust according to your demand.

View solution in original post

6 Replies
Chris_Atkinson
Employee Employee
Employee

Currently there is a process available via TAC that leverages the MGMT API and some Gateway side output to achieve this.

You could request the same from them and tailor it to your needs but caution should be used since we don't support 3rd party scripts

CCSM R77/R80/ELITE
aharihara
Contributor

Thanks! I will try via TAC if I don't find any other way to do this.

0 Kudos
Danny
Champion Champion
Champion

I would go from here and adjust according to your demand.

aharihara
Contributor

Thanks a lot Danny!😊 I'm quite new when it comes to scripting . So I'm very sceptical about running those one liners in the production firewalls. However I will use this as a starting point to learn scripting in Checkpoint. My worry is that if I run these one liners, will it make any changes to the firewall. Whenever I see the word topology in a command, I'm a bit scared if it would fetch new topology and eventually change it(like how it happens in Smart Console) 😐

0 Kudos
Danny
Champion Champion
Champion

You asked for "way to do this CLI" and now you are sceptical to run standard CLI commands that already won prizes and are referenced in several books after being heavily tested by this community? The one-liner I referenced doesn't change anything on your system and just greps through some config files and formats the output for your pleasure. It couldn't be simpler.

aharihara
Contributor

Thanks Danny! I told that I was sceptical only because of my little experience with checkpoint CLI. My experience is limited to day to day operational commands. I'll try this one-liner since I'm assured that doesn't change anything in the system. 😊

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events