cp_mgmt_vpn_community_meshed – Manages vpn-community-meshed objects on Check Point over Web Services API¶
New in version 2.9.
Synopsis¶
Manages vpn-community-meshed objects on Check Point devices including creating, updating and removing objects.
All operations are performed over Web Services API.
Parameters¶
Parameter | Choices/Defaults | Comments | |
---|---|---|---|
auto_publish_session
boolean
|
|
Publish the current session if changes have been performed after task completes.
|
|
color
string
|
|
Color of the object. Should be one of existing colors.
|
|
comments
string
|
Comments string.
|
||
details_level
string
|
|
The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed representation of the object.
|
|
encryption_method
string
|
|
The encryption method to be used.
|
|
encryption_suite
string
|
|
The encryption suite to be used.
|
|
gateways
list
|
Collection of Gateway objects identified by the name or UID.
|
||
ignore_errors
boolean
|
|
Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
|
|
ignore_warnings
boolean
|
|
Apply changes ignoring warnings.
|
|
ike_phase_1
dictionary
|
Ike Phase 1 settings. Only applicable when the encryption-suite is set to [custom].
|
||
data_integrity
string
|
|
The hash algorithm to be used.
|
|
diffie_hellman_group
string
|
|
The Diffie-Hellman group to be used.
|
|
encryption_algorithm
string
|
|
The encryption algorithm to be used.
|
|
ike_phase_2
dictionary
|
Ike Phase 2 settings. Only applicable when the encryption-suite is set to [custom].
|
||
data_integrity
string
|
|
The hash algorithm to be used.
|
|
encryption_algorithm
string
|
|
The encryption algorithm to be used.
|
|
name
string
/ required
|
Object name.
|
||
shared_secrets
list
|
Shared secrets for external gateways.
|
||
external_gateway
string
|
External gateway identified by the name or UID.
|
||
shared_secret
string
|
Shared secret.
|
||
state
string
|
|
State of the access rule (present or absent). Defaults to present.
|
|
tags
list
|
Collection of tag identifiers.
|
||
use_shared_secret
boolean
|
|
Indicates whether the shared secret should be used for all external gateways.
|
|
version
string
|
Version of checkpoint. If not given one, the latest version taken.
|
||
wait_for_task
boolean
|
|
Wait for the task to end. Such as publish task.
|
Examples¶
- name: add-vpn-community-meshed
cp_mgmt_vpn_community_meshed:
encryption_method: prefer ikev2 but support ikev1
encryption_suite: custom
ike_phase_1:
data_integrity: sha1
diffie_hellman_group: group 19
encryption_algorithm: aes-128
ike_phase_2:
data_integrity: aes-xcbc
encryption_algorithm: aes-gcm-128
name: New_VPN_Community_Meshed_1
state: present
- name: set-vpn-community-meshed
cp_mgmt_vpn_community_meshed:
encryption_method: ikev2 only
encryption_suite: custom
ike_phase_1:
data_integrity: sha1
diffie_hellman_group: group 19
encryption_algorithm: aes-128
ike_phase_2:
data_integrity: aes-xcbc
encryption_algorithm: aes-gcm-128
name: New_VPN_Community_Meshed_1
state: present
- name: delete-vpn-community-meshed
cp_mgmt_vpn_community_meshed:
name: New_VPN_Community_Meshed_1
state: absent
Return Values¶
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
cp_mgmt_vpn_community_meshed
dictionary
|
always, except when deleting the object. |
The checkpoint object created or updated.
|
Status¶
This module is not guaranteed to have a backwards compatible interface. [preview]
This module is maintained by the Ansible Community. [community]
Authors¶
Or Soffer (@chkp-orso)
Hint
If you notice any issues in this documentation, you can edit this document to improve it.