AnsweredAssumed Answered

VPN tunnel Reset via API

Question asked by Kim Moberg on Jul 27, 2018
Latest reply on Jul 29, 2018 by Tomer Sole

Hi

I was thinking if there have been any considerations of inplementing any was to reset vpn tunnel via th mgmt API interface?

Heiko Ankenbrand did provide a great hint to to use vpn tu via commandline.

https://community.checkpoint.com/docs/DOC-3021-show-vpn-routing-on-cli 

Commands are:

vpn tu del ipsec all  

vpn tu del ipsec ip-addr 

vpn tu del ipsec ip-addr username 

vpn tu del all  

vpn tu del ip-addr 

vpn tu del ip-addr username


I was thinking since smart monitor can do this from the manager why not also being able to do so from the mgmt API?

We have a lot if ipsec vpn which on Remote site have a lte router in front of a Cisco router. This LTE router being reset daily at midnight but due to missing dead Peer detection old sessions not being reset after reboot of the LTE router.

This cause sometimes we manually need to reset vpn tunnels.

This we would like to deligate to users who are not firewall experts, and do not want to allow them smart monitor or expert access.

Therefore we would like to build a portal where they can login and check connection status’s and reset vpn id wanted.

Would that we easy to implement and easy to solve?


Thanks

Best regards

Kim

Outcomes