Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 

Show VPN topology on gateways

Danny
Champion Champion
Champion

📕 Referenced in the book Max Power 2020
ℹ️ Supported from R80.30+

SmartConsole Extension to show the installed VPN topology on gateways.
Extension URL: https://dannyjung.de/vpntopo.json

vpn topology.png

import_vpntopo.png
vpntopo.png

Uses the One-liner developed in this thread.

SMB / VSX gateways aren't supported yet (need to implement loading of VS environment and changing to VS)

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free

Disclaimer: Check Point does not provide maintenance services or technical or customer support for third party content provided on this Site, including in CheckMates Toolbox. See also our Third Party Software Disclaimer.




11 Replies

Tomer_Sole
Mentor
Mentor

Very cool! 

So basically reading CPProdUtil and adding that great information to SmartConsole - I like! And you can probably extend it to additional buttons that take data from CPProdUtil and that you find useful.

If this was just a regular gateway, not a cluster, you could also get it from the Management API Command "show simple-gateway" and the property vpn-settings.vpn-domain https://sc1.checkpoint.com/documents/latest/APIs/index.html#cli/show-simple-gateway~v1.6%20

I also lik

...;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

Danny
Champion Champion
Champion

Thanks  @Tomer_Sole , I really appreciate your feedback!

As it's all just basic HTML I already have plans to use CSS stylesheets and SVGs in future for better appearance in SmartConsole.

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

Norbert_Bohusch
Advisor

I just tried it in my lab environment and clicking the button makes my SmartConsole hang and I have to force close it (task never shows up in SmartConsole, neither as done or error). Same happens btw. for your other extension. My version is R80.40 JHF 25 for mgmt and gw.

I troubleshooted it a bit and extracted the relevant code from the .htm.

edited post (my fault):

If I only run the cpprod_util, the command is working and also with mgmt_cli it runs the task. Here the out

...;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

Tomer_Sole
Mentor
Mentor

can you share the hang offline immediately after the hang occurs?

%LocalAppData%\Check Point\R80.40 as zip folder

$MDS_FWDIR/log/cpm*.elg* as zip folder

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

Norbert_Bohusch
Advisor
@Tomer_Sole: I sent them to you via email.
;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

Daniel_Hainich
Collaborator
hi, thanks for your work. is it possible to use your extensions in my smart-console? if i want to add, i got error that manifest is not valid.

thanks, daniel

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

Danny
Champion Champion
Champion

This extension is supported from R80.30+ onwards. You probably tried to import it in an older version.

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

Daniel_Hainich
Collaborator
ok, iam running R80.20.

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

Feridun_ÖZTOK
Contributor

Hi Danny,

We using R80.40 in our test environment and latest build smartconsole but i try to run script smartconsole freeze and not responding.
We need to special setting for this script and other once ? Additional info; Windows 10 x64 1909 build my computer os.

Edit: Perfectly running now. Thanks for help and script Danny.

 

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

johnnyringo
Advisor

Curious what exactly are the connectivity requirements?  Does the CP Manager SSH need to SSH to the gateways?

We have a few clusters in GCP where the cluster IP configured in SmartConsole is actually a public IP address.  But we don't allow inbound SSH to the gateways via internet for obvious security reasons.  

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

Danny
Champion Champion
Champion

There are no connectivity requirements, just use it as it is.

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos