This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
tali1974
Explorer
Wednesday

Check Point Terraform Provider v1.9.1

terraform plan give me this error.

 

│ Error: failed to execute API call
│ Status: 400 Bad Request
│ Code: generic_err_invalid_parameter
│ Message: Could not parse [<MyPublicIP>, <Zscaler IP>]

│ with provider["registry.terraform.io/checkpointsw/checkpoint"],
│ on main.tf line 10, in provider "checkpoint":
│ 10: provider "checkpoint" {

 

on the management server

[Expert@cpcgmgmt01:0]# api status

API Settings:
---------------------
Accessibility: Require local
Require ip <Zscaler IP>/255.255.255.0 <MyPublicIP>
Automatic Start: Enabled

If I allow ALL IP addresses ("Require all granted" as shown below.)  in the API settings it works just fine. Any idea what the issue can be ?

API Settings:
---------------------
Accessibility: Require all granted
Automatic Start: Enabled

0 Kudos
3 Replies
PhoneBoy
Admin
Admin
Wednesday

That, to me, suggests access isn't happening from the IP you think it is.
Check with tcpdump when you trying to execute terraform to verify what the precise IP that is trying to access.
If you have the correct IP and it still fails, open a TAC case.

0 Kudos
tali1974
Explorer
Thursday
In response to PhoneBoy

Thanks for your reply. the access is happing from that IP, When i open for ALL ips, i can see in the SmartConsole >> ViewSessions 

Connected from is <Zscaler IP>,<MyPublicIP>

0 Kudos
PhoneBoy
Admin
Admin
Thursday
In response to tali1974

This sounds like a bug and you'll need a TAC case to get the issue resolved.

0 Kudos