Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
the_rock
Legend
Legend
Jump to solution

Migrating Azure fw rules to Smart-1 cloud mgmt server

Hey guys,

I hope someone would be able to clarify this for me. I found below link:

New -Easy Migration from Azure Firewall to Check P... - Check Point CheckMates

But, Im wondering, how easy is it to follow the process to say export current Azure rules and import them into brand new S1C instance? Does the link need to be followed to import stuff first into onprem server and then script from S1C portal to migrate the config OR can this be done directly into the cloud?

If there is easier way, happy to hear any suggestions.

Thanks as always for the help.

Best,

Andy

0 Kudos
2 Solutions

Accepted Solutions
Shay_Levin
Admin
Admin

In case that your management is Smart-1 cloud, you have two options: 

1. Open a ticket to TAC, provide them with the two files created during the export process, and ask them to run the import process.

2. Connect with the management APIs in Smart-1 Cloud, explained here

     Extract all the CSV files from the TAR file.

     And import each CSV file with mgmt_cli

    

mgmt_cli add host --batch collectiongroup2-hosts-migrate.csv

mgmt_cli add network --batch collectiongroup2-subnets-migrate.csv

mgmt_cli add address-range --batch collectiongroup2-ipranges-migrate.csv

mgmt_cli add dns-domain --batch collectiongroup2-fqdn-migrate.csv

mgmt_cli add group --batch collectiongroup2-ipgroups-migrate.csv

mgmt_cli add access-layer --batch collectiongroup2-layernames-migrate.csv

mgmt_cli set host --batch collectiongroup2-hosts-with-groups-migrate.csv

mgmt_cli set network --batch collectiongroup2-subnets-with-groups-migrate.csv

mgmt_cli set address-range --batch collectiongroup2-ipranges-with-groups-migrate.csv

mgmt_cli add access-rule --batch collectiongroup2-transformed.csv

View solution in original post

(1)
Tomer_Noy
Employee
Employee

Yes, if you prefer that option, it should work as well.

View solution in original post

5 Replies
the_rock
Legend
Legend

@Shay_Levin ...since you wrote the first link, maybe you have an idea?

Best,

Andy

0 Kudos
Shay_Levin
Admin
Admin

In case that your management is Smart-1 cloud, you have two options: 

1. Open a ticket to TAC, provide them with the two files created during the export process, and ask them to run the import process.

2. Connect with the management APIs in Smart-1 Cloud, explained here

     Extract all the CSV files from the TAR file.

     And import each CSV file with mgmt_cli

    

mgmt_cli add host --batch collectiongroup2-hosts-migrate.csv

mgmt_cli add network --batch collectiongroup2-subnets-migrate.csv

mgmt_cli add address-range --batch collectiongroup2-ipranges-migrate.csv

mgmt_cli add dns-domain --batch collectiongroup2-fqdn-migrate.csv

mgmt_cli add group --batch collectiongroup2-ipgroups-migrate.csv

mgmt_cli add access-layer --batch collectiongroup2-layernames-migrate.csv

mgmt_cli set host --batch collectiongroup2-hosts-with-groups-migrate.csv

mgmt_cli set network --batch collectiongroup2-subnets-with-groups-migrate.csv

mgmt_cli set address-range --batch collectiongroup2-ipranges-with-groups-migrate.csv

mgmt_cli add access-rule --batch collectiongroup2-transformed.csv

(1)
the_rock
Legend
Legend

Thanks for that. Question...can I do say what I described in my post, for example, import things into regular lab onprem mgmt and then use script from S1C to import it there? Would that work?

Best,

Andy

0 Kudos
Tomer_Noy
Employee
Employee

Yes, if you prefer that option, it should work as well.

the_rock
Legend
Legend

Thanks Tomer, appreciate that. Lets us see how these guys would like to proceed, though Im sure they would not care as long as we can make it work.

Thanks mate.

Best,

Andy

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    Tue 23 Apr 2024 @ 08:00 AM (CDT)

    South US: HTTPS Inspection Best Practices

    Tue 23 Apr 2024 @ 11:00 AM (EDT)

    East US: What's New in R82

    Thu 25 Apr 2024 @ 11:00 AM (SGT)

    APAC: CPX 2024 Recap

    Tue 30 Apr 2024 @ 03:00 PM (CDT)

    EMEA: CPX 2024 Recap

    Tue 23 Apr 2024 @ 08:00 AM (CDT)

    South US: HTTPS Inspection Best Practices

    Tue 23 Apr 2024 @ 11:00 AM (EDT)

    East US: What's New in R82

    Thu 25 Apr 2024 @ 11:00 AM (SGT)

    APAC: CPX 2024 Recap

    Tue 30 Apr 2024 @ 03:00 PM (CDT)

    EMEA: CPX 2024 Recap

    Thu 02 May 2024 @ 11:00 AM (SGT)

    APAC: What's new in R82
    CheckMates Events