Zero Touch API Commands for Small Office Gateways

In This Section:

add-template

Description

Create a new Small Office Gateway template for an account-id.

If the gateway is ready for deployment with its final configuration and deployment decisions, the under-construction parameter should remain at its default (false). The gateway will be enabled for downloads from Zero Touch immediately when it is claimed.

If the gateway needs additional editing, under-construction should be set to true in the template to prevent downloads until the final configuration editing is complete.

The Small Office Gateway only has access to its template when it is being claimed. Edits to the template afterward have no effect on the gateway.

Use the set-claimed-gateway-configuration command to edit the Small Office Gateway and to change under-construction to false to allow the Zero Touch downloads to start.

Request URL

POST
https://zerotouch.checkpoint.com/ZeroTouch/web_api/v2/add-template

Request Headers

Header Name	Value	Description
`Content-Type`	application /json	Send JSON object to use the API Web Services
`X-chkp-sid`	string token	Session unique identifier as the response to the login request

Request Body

Parameter Name	Value	Description
`name` Required	string	The new template's name
`time-zone` Required	string	Time zone for the gateway
`wireless-country` Required	string	Country in which the gateway will be deployed
`admin-password` Required	string	Administrator password for the gateway The `admin-password` is returned as “`******`” in the JSON response
`account-id` Required	int	The User Center account to which gateways and templates belong
`admin-access` Required	string	Networks and IP addresses from which an administrator can access the gateway For example: `"10.2.3.56",` `"192.1.1.2,10.1.1.7/255.255.255.0"` An empty string means “any IP address”
`limit-source-ip-mode` Required	string	Source IP mode If `admin-access` is an empty string, use: "`LIMIT_SRC_IP_MODE.NO_LIMIT"` If `admin-access` is an IPv4 address, or a network and a subnet, use: "`LIMIT_SRC_IP_MODE.ALL_INTERFACES`"
`under-construction`	boolean	A `true` value prevents downloads to the gateway until the final configuration and deployment decisions are complete Default value: `false`
`template-id`	int	The template's unique identifier
`user-script`	string	CLI commands execute on the gateway immediately after all other settings are applied In multiline CLISH scripts, use end line ("`\n`") at the end of each command line `"user-script": "set static-route 192.0.2.100 nexthop gateway address 192.0.2.155 on\nset static-route 192.0.3.0/24 nexthop blackhole\n"` Before executing the script, the gateway locks the database automatically No need to add the `"lock database override"` command to the script
`accept-lan`	boolean	Administrator has access to the gateway from a LAN, if `true` Default value: `true`
`accept-wifi`	boolean	Administrator has access to the gateway from a trusted WiFi, if `true` Default value: `true`
`accept-vpn`	boolean	Administrator has access to the gateway from a VPN, if `true` Default value: `true`
`accept-wan`	boolean	Administrator has access to the gateway from the internet, if `true` Default value: `true`
`upload-info`	boolean	If `true`, improves product experience by sending data to Check Point
`service-center`	string	IP address or the DNS of the SMP server To manage your gateway from SMP, fill these fields: `service-center`, `registration-key`, `and portal` (used by the gateway for cloud activation)
`registration-key`	string	Key obtained from the gateway page in the SMP server To manage your gateway from SMP, fill these fields: `service-center`, `registration-key`, `portal` (Used by the gateway for cloud activation)
`ignore-cert-verification`	boolean	If `true`, ignores certificate (if your SMP has a certificate from a CA that is not known to the gateway) Default value: `false`
`use-cpn-tp-server`	boolean	Use Check Point NTP servers `False` indicates not using them Default value: `true`
`auto-gateway-creation`	boolean	To automatically create the gateway in the SMP, set to `true` If `true`, these fields are required: `plan`, `service-center`, `registration-key,` `portal` If `false`, `plan` must be empty Default value: `false`
`activate-rmd`	boolean	If `true`, then the gateway uses "Reach My Device" to be accessible while using NAT (Network Address Translation) within an organization
`comments`	string	General comments
`portal`	string	Service domain name for the gateway To manage your gateway from SMP, fill these fields: `service-center`, `registration-key`, `portal` (Used by the gateway for cloud activation)
`plan`	string	Plan name from the SMP If you fill this field, these fields are required: `auto-gateway-creation`, `service-center`, `registration-key` and `portal` If `auto-gateway-creation` is `false, plan` must be empty

Response

On Success, HTTP Return code: 200

Parameter Name	Value	Description
`creation-time`	object	Timestamps for creating a template
`last-modify-time`	object	Timestamps for last modifying a template

Parameter Name	Value	Description
`account-id`	int	The User Center account to which gateways and templates belong
`template-id`	int	The template's unique identifier
`creating-user`	string	The `user` who created the template
`last-modifying-user`	string	The `user` who last modified the template
`service-center`	string	IP address or the DNS of the SMP server To manage your gateway from SMP, fill these fields: `service-center`, `registration-key`, `and portal` (used by the gateway for cloud activation)
`registration-key`	string	Key obtained from the gateway page in the SMP server To manage your gateway from SMP, fill these fields: `service-center`, `registration-key`, `portal` (Used by the gateway for cloud activation)
`user-script`	string	CLI commands execute on the gateway immediately after all other settings are applied In multiline CLISH scripts, use end line ("`\n`") at the end of each command line `"user-script": "set static-route 192.0.2.100 nexthop gateway address 192.0.2.155 on\nset static-route 192.0.3.0/24 nexthop blackhole\n"` Before executing the script, the gateway locks the database automatically No need to add the `"lock database override"` command to the script
`wireless-country`	string	Country in which the gateway will be deployed
`admin-password`	string	Administrator password for the gateway The `admin-password` is returned as “`******`” in the JSON response
`admin-access`	string	Networks and IP addresses from which an administrator can access the gateway For example: `"10.2.3.56",` `"192.1.1.2,10.1.1.7/255.255.255.0"` An empty string means “any IP address”
`accept-lan`	boolean	Administrator has access to the gateway from a LAN, if `true` Default value: `true`
`accept-wifi`	boolean	Administrator has access to the gateway from a trusted WiFi, if `true` Default value: `true`
`accept-vpn`	boolean	Administrator has access to the gateway from a VPN, if `true` Default value: `true`
`accept-wan`	boolean	Administrator has access to the gateway from the internet, if `true` Default value: `true`
`limit-source-ip-mode`	string	Source IP mode If `admin-access` is an empty string, use: "`LIMIT_SRC_IP_MODE.NO_LIMIT"` If `admin-access` is an IPv4 address, or a network and a subnet, use: "`LIMIT_SRC_IP_MODE.ALL_INTERFACES`"
`ignore-cert-verification`	boolean	If `true`, ignores certificate (if your SMP has a certificate from a CA that is not known to the gateway) Default value: `false`
`use-cpn-tp-server`	boolean	Use Check Point NTP servers `False` indicates not using them Default value: `true`
`auto-gateway-creation`	boolean	To automatically create the gateway in the SMP, set to `true` If `true`, these fields are required: `plan`, `service-center`, `registration-key,` `portal` If `false`, `plan` must be empty Default value: `false`
`activate-rmd`	boolean	If `true`, then the gateway uses "Reach My Device" to be accessible while using NAT (Network Address Translation) within an organization
`under-construction`	boolean	A `true` value prevents downloads to the gateway until the final configuration and deployment decisions are complete Default value: `false`
`upload-info`	boolean	If `true`, improves product experience by sending data to Check Point
`time-zone`	string	Time zone for the gateway
`comments`	string	General comments
`portal`	string	Service domain name for the gateway To manage your gateway from SMP, fill these fields: `service-center`, `registration-key`, `portal` (Used by the gateway for cloud activation)
`plan`	string	Plan name from the SMP If you fill this field, these fields are required: `auto-gateway-creation`, `service-center`, `registration-key` and `portal` If `auto-gateway-creation` is `false, plan` must be empty
`name`	string	The template name

creation-time

Parameter Name	Value	Description
`posix`	int	The value is the number of milliseconds that have elapsed since 00:00:00, 1 January 1970
`iso-8601`	string	Date and time represented in international ISO 8601 format

last-modify-time

Parameter Name	Value	Description
`posix`	int	The value is the number of milliseconds that have elapsed since 00:00:00, 1 January 1970
`iso-8601`	string	Date and time represented in international ISO 8601 format

On Failure, HTTP Return code: 400, 401, 500

Parameter Name	Value	Description
`message`	string	Operation status
`messages`	List: string	List of validation errors
`code`	string	Error code

Request

{

"time-zone": "GMT(Greenwich-Mean-Time/Dublin/Edinburgh/Lisbon/London)",

"account-id": 7899567,

"template-id": 608212,

"user-script": "",

"accept-lan": true,

"accept-wifi": true,

"accept-vpn": true,

"accept-wan": true,

"upload-info": true,

"service-center": "",

"registration-key": "",

"wireless-country": "GB",

"admin-password": "f5f5f5f5",

"admin-access": "",

"limit-source-ip-mode": "LIMIT_SRC_IP_MODE.NO_LIMIT",

"ignore-cert-verification": false,

"use-cpn-tp-server": true,

"auto-gateway-creation": false,

"under-construction": false,

"activate-rmd": false,

"name": "Template A",

"comments": "My comments",

"portal": "",

"plan": ""

}

Response

{

"account-id": 7899567,

"template-id": 8988937,

"creating-user": "user@domain.com",

"last-modifying-user": "user@domain.com",

"service-center": "",

"registration-key": "",

"user-script": "",

"wireless-country": "GB",

"admin-password": "******",

"admin-access": "",

"accept-lan": true,

"accept-wifi": true,

"accept-vpn": true,

"accept-wan": true,

"limit-source-ip-mode": "LIMIT_SRC_IP_MODE.NO_LIMIT",

"ignore-cert-verification": false,

"use-cpn-tp-server": true,

"auto-gateway-creation": false,

"activate-rmd": false,

"under-construction": false,

"upload-info": true,

"creation-time": {

"posix": 1530099088,

"iso-8601": "2018-06-27T11:31"

"last-modify-time": {

"posix": 1530099088,

"iso-8601": "2018-06-27T11:31"

"time-zone": "GMT(Greenwich-Mean-Time/Dublin/Edinburgh/Lisbon/London)",

"comments": "My comments",

"portal": "",

"plan": "",

"name": "Template A"

}

clone-smb-templates

Description

Copy selected templates from source-account-id to target-account-id.

The user should have administrator rights on both source-account-id and target-account-id.

To create copies under the same account, set identical values to the source-account-id and the target-account-id fields.

Request URL

POST
https://zerotouch.checkpoint.com/ZeroTouch/web_api/v2/clone-smb-templates

Request Headers

Header Name	Value	Description
`Content-Type`	application /json	Send JSON object to use the API Web Services
`X-chkp-sid`	string token	Session unique identifier as the response to the login request

Request Body

Parameter Name	Value	Description
`source-account-id` Required	int	The User Center account to which templates belong
`target-account-id` Required	int	The User Center account to which templates should be copied
`items-to-clone` Required	List: object	List of templates to be copied

Parameter Name

Value

Description

source-account-id

Required

int

The User Center account to which templates belong

target-account-id

Required

int

The User Center account to which templates should be copied

items-to-clone

Required

List: object

List of templates to be copied

items-to-clone

Parameter Name	Value	Description
`item-id` Required	int	The template's unique identifier
`item-new-name` Required	string	Name given to the copied template under target account

Parameter Name

Value

Description

item-id

Required

int

The template's unique identifier

item-new-name

Required

string

Name given to the copied template under target account

Response

On Success, HTTP Return code: 200

Parameter Name	Value	Description
`source-account-id`	int	The User Center account to which templates belong
`target-account-id`	int	The User Center account to which templates should be copied
`items-to-clone`	List: object	List of templates to be copied

items-to-clone

Parameter Name	Value	Description
`item-id`	int	The template's unique identifier
`item-new-name`	string	Name given to the copied template under target account
`message`	string	Operation status for the item

On Failure, HTTP Return code: 400, 401, 500

Parameter Name	Value	Description
`message`	string	Operation status
`messages`	List: string	List of validation errors
`code`	string	Error code

Request

{

"source-account-id": 7899567,

"target-account-id": 6301812,

"items-to-clone": [

{

"item-id": 87352492,

"item-new-name": "copy_one"

},

{

"item-id": 57359031,

"item-new-name": "copy_two"

}

]

}

Response

[

{

"source-account-id": 7899567,

"target-account-id": 6301812,

"items-to-clone": [

{

"item-id": 87352492,

"item-new-name": "copy_one",

"message": "Clone operation succeeded"

},

{

"item-id": 57359031,

"item-new-name": "copy_two",

"message": "Clone operation succeeded"

}

]

}

]

show-template

Description

Retrieve an existing Small Office Gateway template by its template-id.

Request URL

POST
https://zerotouch.checkpoint.com/ZeroTouch/web_api/v2/show-template

Request Headers

Header Name	Value	Description
`Content-Type`	application /json	Send JSON object to use the API Web Services
`X-chkp-sid`	string token	Session unique identifier as the response to the login request

Request Body

Parameter Name	Value	Description
`template-id` Required	int	The template's unique identifier
`account-id` Required	int	The User Center account to which gateways and templates belong

Parameter Name

Value

Description

template-id

Required

int

The template's unique identifier

account-id

Required

int

The User Center account to which gateways and templates belong

Response

On Success, HTTP Return code: 200

Parameter Name	Value	Description
`creation-time`	object	Timestamps for creating a template
`last-modify-time`	object	Timestamps for last modifying a template

Parameter Name	Value	Description
`account-id`	int	The User Center account to which gateways and templates belong
`template-id`	int	The template's unique identifier
`creating-user`	string	The `user` who created the template
`last-modifying-user`	string	The `user` who last modified the template
`service-center`	string	IP address or the DNS of the SMP server To manage your gateway from SMP, fill these fields: `service-center`, `registration-key`, `and portal` (used by the gateway for cloud activation)
`registration-key`	string	Key obtained from the gateway page in the SMP server To manage your gateway from SMP, fill these fields: `service-center`, `registration-key`, `portal` (Used by the gateway for cloud activation)
`user-script`	string	CLI commands execute on the gateway immediately after all other settings are applied In multiline CLISH scripts, use end line ("`\n`") at the end of each command line `"user-script": "set static-route 192.0.2.100 nexthop gateway address 192.0.2.155 on\nset static-route 192.0.3.0/24 nexthop blackhole\n"` Before executing the script, the gateway locks the database automatically No need to add the `"lock database override"` command to the script
`wireless-country`	string	Country in which the gateway will be deployed
`admin-password`	string	Administrator password for the gateway The `admin-password` is returned as “`******`” in the JSON response
`admin-access`	string	Networks and IP addresses from which an administrator can access the gateway For example: `"10.2.3.56",` `"192.1.1.2,10.1.1.7/255.255.255.0"` An empty string means “any IP address”
`accept-lan`	boolean	Administrator has access to the gateway from a LAN, if `true` Default value: `true`
`accept-wifi`	boolean	Administrator has access to the gateway from a trusted WiFi, if `true` Default value: `true`
`accept-vpn`	boolean	Administrator has access to the gateway from a VPN, if `true` Default value: `true`
`accept-wan`	boolean	Administrator has access to the gateway from the internet, if `true` Default value: `true`
`limit-source-ip-mode`	string	Source IP mode If `admin-access` is an empty string, use: "`LIMIT_SRC_IP_MODE.NO_LIMIT"` If `admin-access` is an IPv4 address, or a network and a subnet, use: "`LIMIT_SRC_IP_MODE.ALL_INTERFACES`"
`ignore-cert-verification`	boolean	If `true`, ignores certificate (if your SMP has a certificate from a CA that is not known to the gateway) Default value: `false`
`use-cpn-tp-server`	boolean	Use Check Point NTP servers `False` indicates not using them Default value: `true`
`auto-gateway-creation`	boolean	To automatically create the gateway in the SMP, set to `true` If `true`, these fields are required: `plan`, `service-center`, `registration-key,` `portal` If `false`, `plan` must be empty Default value: `false`
`activate-rmd`	boolean	If `true`, then the gateway uses "Reach My Device" to be accessible while using NAT (Network Address Translation) within an organization
`under-construction`	boolean	A `true` value prevents downloads to the gateway until the final configuration and deployment decisions are complete Default value: `false`
`upload-info`	boolean	If `true`, improves product experience by sending data to Check Point
`time-zone`	string	Time zone for the gateway
`comments`	string	General comments
`portal`	string	Service domain name for the gateway To manage your gateway from SMP, fill these fields: `service-center`, `registration-key`, `portal` (Used by the gateway for cloud activation)
`plan`	string	Plan name from the SMP If you fill this field, these fields are required: `auto-gateway-creation`, `service-center`, `registration-key` and `portal` If `auto-gateway-creation` is `false, plan` must be empty
`name`	string	The template name

creation-time

Parameter Name	Value	Description
`posix`	int	The value is the number of milliseconds that have elapsed since 00:00:00, 1 January 1970
`iso-8601`	string	Date and time represented in international ISO 8601 format

last-modify-time

Parameter Name	Value	Description
`posix`	int	The value is the number of milliseconds that have elapsed since 00:00:00, 1 January 1970
`iso-8601`	string	Date and time represented in international ISO 8601 format

On Failure, HTTP Return code: 400, 401, 500

Parameter Name	Value	Description
`message`	string	Operation status
`messages`	List: string	List of validation errors
`code`	string	Error code

Request

{

"template-id": 8988937,

"account-id": 7899567

}

Response

{

"account-id": 7899567,

"template-id": 8988937,

"creating-user": "user@domain.com",

"last-modifying-user": "user@domain.com",

"service-center": "",

"registration-key": "",

"user-script": "",

"wireless-country": "GB",

"admin-password": "******",

"admin-access": "",

"accept-lan": true,

"accept-wifi": true,

"accept-vpn": true,

"accept-wan": true,

"limit-source-ip-mode": "LIMIT_SRC_IP_MODE.NO_LIMIT",

"ignore-cert-verification": false,

"use-cpn-tp-server": true,

"auto-gateway-creation": false,

"activate-rmd": false,

"under-construction": false,

"upload-info": true,

"creation-time": {

"posix": 1530099088,

"iso-8601": "2018-06-27T11:31"

"last-modify-time": {

"posix": 1530099088,

"iso-8601": "2018-06-27T11:31"

"time-zone": "GMT(Greenwich-Mean-Time/Dublin/Edinburgh/Lisbon/London)",

"comments": "My comments",

"portal": "",

"plan": "",

"name": "Template A"

}

show-all-templates

Description

Retrieve all Small Office Gateway templates for an account-id.

Request URL

POST
https://zerotouch.checkpoint.com/ZeroTouch/web_api/v2/show-all-templates

Request Headers

Header Name	Value	Description
`Content-Type`	application /json	Send JSON object to use the API Web Services
`X-chkp-sid`	string token	Session unique identifier as the response to the login request

Request Body

Parameter Name	Value	Description
`account-ids` Required	List: int	List of User Center account IDs to which templates belong

Parameter Name

Value

Description

account-ids

Required

List: int

List of User Center account IDs to which templates belong

Response

On Success, HTTP Return code: 200

Parameter Name	Value	Description
`creation-time`	object	Timestamps for creating a template
`last-modify-time`	object	Timestamps for last modifying a template

Parameter Name	Value	Description
`account-id`	int	The User Center account to which gateways and templates belong
`template-id`	int	The template's unique identifier
`creating-user`	string	The `user` who created the template
`last-modifying-user`	string	The `user` who last modified the template
`service-center`	string	IP address or the DNS of the SMP server To manage your gateway from SMP, fill these fields: `service-center`, `registration-key`, `and portal` (used by the gateway for cloud activation)
`registration-key`	string	Key obtained from the gateway page in the SMP server To manage your gateway from SMP, fill these fields: `service-center`, `registration-key`, `portal` (Used by the gateway for cloud activation)
`user-script`	string	CLI commands execute on the gateway immediately after all other settings are applied In multiline CLISH scripts, use end line ("`\n`") at the end of each command line `"user-script": "set static-route 192.0.2.100 nexthop gateway address 192.0.2.155 on\nset static-route 192.0.3.0/24 nexthop blackhole\n"` Before executing the script, the gateway locks the database automatically No need to add the `"lock database override"` command to the script
`wireless-country`	string	Country in which the gateway will be deployed
`admin-password`	string	Administrator password for the gateway The `admin-password` is returned as “`******`” in the JSON response
`admin-access`	string	Networks and IP addresses from which an administrator can access the gateway For example: `"10.2.3.56",` `"192.1.1.2,10.1.1.7/255.255.255.0"` An empty string means “any IP address”
`accept-lan`	boolean	Administrator has access to the gateway from a LAN, if `true` Default value: `true`
`accept-wifi`	boolean	Administrator has access to the gateway from a trusted WiFi, if `true` Default value: `true`
`accept-vpn`	boolean	Administrator has access to the gateway from a VPN, if `true` Default value: `true`
`accept-wan`	boolean	Administrator has access to the gateway from the internet, if `true` Default value: `true`
`limit-source-ip-mode`	string	Source IP mode If `admin-access` is an empty string, use: "`LIMIT_SRC_IP_MODE.NO_LIMIT"` If `admin-access` is an IPv4 address, or a network and a subnet, use: "`LIMIT_SRC_IP_MODE.ALL_INTERFACES`"
`ignore-cert-verification`	boolean	If `true`, ignores certificate (if your SMP has a certificate from a CA that is not known to the gateway) Default value: `false`
`use-cpn-tp-server`	boolean	Use Check Point NTP servers `False` indicates not using them Default value: `true`
`auto-gateway-creation`	boolean	To automatically create the gateway in the SMP, set to `true` If `true`, these fields are required: `plan`, `service-center`, `registration-key,` `portal` If `false`, `plan` must be empty Default value: `false`
`activate-rmd`	boolean	If `true`, then the gateway uses "Reach My Device" to be accessible while using NAT (Network Address Translation) within an organization
`under-construction`	boolean	A `true` value prevents downloads to the gateway until the final configuration and deployment decisions are complete Default value: `false`
`upload-info`	boolean	If `true`, improves product experience by sending data to Check Point
`time-zone`	string	Time zone for the gateway
`comments`	string	General comments
`portal`	string	Service domain name for the gateway To manage your gateway from SMP, fill these fields: `service-center`, `registration-key`, `portal` (Used by the gateway for cloud activation)
`plan`	string	Plan name from the SMP If you fill this field, these fields are required: `auto-gateway-creation`, `service-center`, `registration-key` and `portal` If `auto-gateway-creation` is `false, plan` must be empty
`name`	string	The template name

creation-time

Parameter Name	Value	Description
`posix`	int	The value is the number of milliseconds that have elapsed since 00:00:00, 1 January 1970
`iso-8601`	string	Date and time represented in international ISO 8601 format

last-modify-time

Parameter Name	Value	Description
`posix`	int	The value is the number of milliseconds that have elapsed since 00:00:00, 1 January 1970
`iso-8601`	string	Date and time represented in international ISO 8601 format

On Failure, HTTP Return code: 400, 401, 500

Parameter Name	Value	Description
`message`	string	Operation status
`messages`	List: string	List of validation errors
`code`	string	Error code

Request

{

"account-ids": [8044839]

}

Response

[

{

"account-id": 7899567,

"template-id": 8988937,

"creating-user": "user@domain.com",

"last-modifying-user": null,

"service-center": "",

"registration-key": "",

"user-script": "",

"wireless-country": "GB",

"admin-password": "******",

"admin-access": "",

"accept-lan": true,

"accept-wifi": true,

"accept-vpn": true,

"accept-wan": true,

"limit-source-ip-mode": "LIMIT_SRC_IP_MODE.NO_LIMIT",

"ignore-cert-verification": false,

"use-cpn-tp-server": true,

"auto-gateway-creation": false,

"activate-rmd": false,

"under-construction": false,

"upload-info": true,

"creation-time": {

"posix": 1530099088,

"iso-8601": "2018-06-27T11:31"

"last-modify-time": {

"posix": 1530099088,

"iso-8601": "2018-06-27T11:31"

"time-zone": "GMT(Greenwich-Mean-Time/Dublin/Edinburgh/Lisbon/London)",

"comments": "My comments",

"portal": "",

"plan": "",

"name": "Template A"

}

]

set-template

Description

Edit an existing Small Office Gateway template for an account-id.

The request changes the object for the fields that you include.

Request URL

POST
https://zerotouch.checkpoint.com/ZeroTouch/web_api/v2/set-template

Request Headers

Header Name	Value	Description
`Content-Type`	application /json	Send JSON object to use the API Web Services
`X-chkp-sid`	string token	Session unique identifier as the response to the login request

Request Body

Parameter Name	Value	Description
`account-id` Required	int	The User Center account to which gateways and templates belong
`template-id` Required	int	The template's unique identifier
`time-zone`	string	Time zone for the gateway
`user-script`	string	CLI commands execute on the gateway immediately after all other settings are applied In multiline CLISH scripts, use end line ("`\n`") at the end of each command line `"user-script": "set static-route 192.0.2.100 nexthop gateway address 192.0.2.155 on\nset static-route 192.0.3.0/24 nexthop blackhole\n"` Before executing the script, the gateway locks the database automatically No need to add the `"lock database override"` command to the script
`accept-lan`	boolean	Administrator has access to the gateway from a LAN, if `true` Default value: `true`
`accept-wifi`	boolean	Administrator has access to the gateway from a trusted WiFi, if `true` Default value: `true`
`accept-vpn`	boolean	Administrator has access to the gateway from a VPN, if `true` Default value: `true`
`accept-wan`	boolean	Administrator has access to the gateway from the internet, if `true` Default value: `true`
`upload-info`	boolean	If `true`, improves product experience by sending data to Check Point
`service-center`	string	IP address or the DNS of the SMP server To manage your gateway from SMP, fill these fields: `service-center`, `registration-key`, `and portal` (used by the gateway for cloud activation)
`registration-key`	string	Key obtained from the gateway page in the SMP server To manage your gateway from SMP, fill these fields: `service-center`, `registration-key`, `portal` (Used by the gateway for cloud activation)
`wireless-country`	string	Country in which the gateway will be deployed
`admin-password`	string	Administrator password for the gateway The `admin-password` is returned as “`******`” in the JSON response
`admin-access`	string	Networks and IP addresses from which an administrator can access the gateway For example: `"10.2.3.56",` `"192.1.1.2,10.1.1.7/255.255.255.0"` An empty string means “any IP address”
`limit-source-ip-mode`	string	Source IP mode If `admin-access` is an empty string, use: "`LIMIT_SRC_IP_MODE.NO_LIMIT"` If `admin-access` is an IPv4 address, or a network and a subnet, use: "`LIMIT_SRC_IP_MODE.ALL_INTERFACES`"
`ignore-cert-verification`	boolean	If `true`, ignores certificate (if your SMP has a certificate from a CA that is not known to the gateway) Default value: `false`
`use-cpn-tp-server`	boolean	Use Check Point NTP servers `False` indicates not using them Default value: `true`
`auto-gateway-creation`	boolean	To automatically create the gateway in the SMP, set to `true` If `true`, these fields are required: `plan`, `service-center`, `registration-key,` `portal` If `false`, `plan` must be empty Default value: `false`
`under-construction`	boolean	A `true` value prevents downloads to the gateway until the final configuration and deployment decisions are complete Default value: `false`
`activate-rmd`	boolean	If `true`, then the gateway uses "Reach My Device" to be accessible while using NAT (Network Address Translation) within an organization
`name`	string	The template name
`comments`	string	General comments
`portal`	string	Service domain name for the gateway To manage your gateway from SMP, fill these fields: `service-center`, `registration-key`, `portal` (Used by the gateway for cloud activation)
`plan`	string	Plan name from the SMP If you fill this field, these fields are required: `auto-gateway-creation`, `service-center`, `registration-key` and `portal` If `auto-gateway-creation` is `false, plan` must be empty

Response

On Success, HTTP Return code: 200

Parameter Name	Value	Description
`creation-time`	object	Timestamps for creating a template
`last-modify-time`	object	Timestamps for last modifying a template

Parameter Name	Value	Description
`account-id`	int	The User Center account to which gateways and templates belong
`template-id`	int	The template's unique identifier
`creating-user`	string	The `user` who created the template
`last-modifying-user`	string	The `user` who last modified the template
`service-center`	string	IP address or the DNS of the SMP server To manage your gateway from SMP, fill these fields: `service-center`, `registration-key`, `and portal` (used by the gateway for cloud activation)
`registration-key`	string	Key obtained from the gateway page in the SMP server To manage your gateway from SMP, fill these fields: `service-center`, `registration-key`, `portal` (Used by the gateway for cloud activation)
`user-script`	string	CLI commands execute on the gateway immediately after all other settings are applied In multiline CLISH scripts, use end line ("`\n`") at the end of each command line `"user-script": "set static-route 192.0.2.100 nexthop gateway address 192.0.2.155 on\nset static-route 192.0.3.0/24 nexthop blackhole\n"` Before executing the script, the gateway locks the database automatically No need to add the `"lock database override"` command to the script
`wireless-country`	string	Country in which the gateway will be deployed
`admin-password`	string	Administrator password for the gateway The `admin-password` is returned as “`******`” in the JSON response
`admin-access`	string	Networks and IP addresses from which an administrator can access the gateway For example: `"10.2.3.56",` `"192.1.1.2,10.1.1.7/255.255.255.0"` An empty string means “any IP address”
`accept-lan`	boolean	Administrator has access to the gateway from a LAN, if `true` Default value: `true`
`accept-wifi`	boolean	Administrator has access to the gateway from a trusted WiFi, if `true` Default value: `true`
`accept-vpn`	boolean	Administrator has access to the gateway from a VPN, if `true` Default value: `true`
`accept-wan`	boolean	Administrator has access to the gateway from the internet, if `true` Default value: `true`
`limit-source-ip-mode`	string	Source IP mode If `admin-access` is an empty string, use: "`LIMIT_SRC_IP_MODE.NO_LIMIT"` If `admin-access` is an IPv4 address, or a network and a subnet, use: "`LIMIT_SRC_IP_MODE.ALL_INTERFACES`"
`ignore-cert-verification`	boolean	If `true`, ignores certificate (if your SMP has a certificate from a CA that is not known to the gateway) Default value: `false`
`use-cpn-tp-server`	boolean	Use Check Point NTP servers `False` indicates not using them Default value: `true`
`auto-gateway-creation`	boolean	To automatically create the gateway in the SMP, set to `true` If `true`, these fields are required: `plan`, `service-center`, `registration-key,` `portal` If `false`, `plan` must be empty Default value: `false`
`activate-rmd`	boolean	If `true`, then the gateway uses "Reach My Device" to be accessible while using NAT (Network Address Translation) within an organization
`under-construction`	boolean	A `true` value prevents downloads to the gateway until the final configuration and deployment decisions are complete Default value: `false`
`upload-info`	boolean	If `true`, improves product experience by sending data to Check Point
`time-zone`	string	Time zone for the gateway
`comments`	string	General comments
`portal`	string	Service domain name for the gateway To manage your gateway from SMP, fill these fields: `service-center`, `registration-key`, `portal` (Used by the gateway for cloud activation)
`plan`	string	Plan name from the SMP If you fill this field, these fields are required: `auto-gateway-creation`, `service-center`, `registration-key` and `portal` If `auto-gateway-creation` is `false, plan` must be empty
`name`	string	The template name

creation-time

Parameter Name	Value	Description
`posix`	int	The value is the number of milliseconds that have elapsed since 00:00:00, 1 January 1970
`iso-8601`	string	Date and time represented in international ISO 8601 format

last-modify-time

Parameter Name	Value	Description
`posix`	int	The value is the number of milliseconds that have elapsed since 00:00:00, 1 January 1970
`iso-8601`	string	Date and time represented in international ISO 8601 format

On Failure, HTTP Return code: 400, 401, 500

Parameter Name	Value	Description
`message`	string	Operation status
`messages`	List: string	List of validation errors
`code`	string	Error code

Request

{

"time-zone": "GMT(Greenwich-Mean-Time/Dublin/Edinburgh/Lisbon/London)",

"account-id": 7899567,

"template-id": 8988937,

"user-script": "",

"accept-lan": true,

"accept-wifi": true,

"accept-vpn": true,

"accept-wan": true,

"upload-info": true,

"creating-user": "user@domain.com",

"last-modifying-user": "user@domain.com",

"service-center": "",

"registration-key": "",

"wireless-country": "GB",

"admin-password": "******",

"admin-access": "",

"limit-source-ip-mode": "LIMIT_SRC_IP_MODE.NO_LIMIT",

"ignore-cert-verification": false,

"use-cpn-tp-server": true,

"auto-gateway-creation": false,

"activate-rmd": false,

"under-construction": false,

"name": "Template A",

"comments": "My comments",

"portal": "",

"plan": ""

}

Response

{

"account-id": 7899567,

"template-id": 8988937,

"creating-user": "user@domain.com",

"last-modifying-user": "user@domain.com",

"service-center": "",

"registration-key": "",

"user-script": "",

"wireless-country": "GB",

"admin-password": "******",

"admin-access": "",

"accept-lan": true,

"accept-wifi": true,

"accept-vpn": true,

"accept-wan": true,

"limit-source-ip-mode": "LIMIT_SRC_IP_MODE.NO_LIMIT",

"ignore-cert-verification": false,

"use-cpn-tp-server": true,

"auto-gateway-creation": false,

"activate-rmd": false,

"under-construction": false,

"upload-info": true,

"creation-time": {

"posix": 1530099088,

"iso-8601": "2018-06-27T11:31"

"last-modify-time": {

"posix": 1530099088,

"iso-8601": "2018-06-27T11:31"

"time-zone": "GMT(Greenwich-Mean-Time/Dublin/Edinburgh/Lisbon/London)",

"comments": "My comments",

"portal": "",

"plan": "",

"name": "Template A"

}

delete-template

Description

Delete an existing Small Office Gateway template.

Request URL

POST
https://zerotouch.checkpoint.com/ZeroTouch/web_api/v2/delete-template

Request Headers

Header Name	Value	Description
`Content-Type`	application /json	Send JSON object to use the API Web Services
`X-chkp-sid`	string token	Session unique identifier as the response to the login request

Request Body

Parameter Name	Value	Description
`template-id` Required	int	The template's unique identifier
`account-id` Required	int	The User Center account to which gateways and templates belong

Parameter Name

Value

Description

template-id

Required

int

The template's unique identifier

account-id

Required

int

The User Center account to which gateways and templates belong

Response

On Success, HTTP Return code: 200

Parameter Name	Value	Description
`message`	string	Operation status
`code`	string	Success code

On Failure, HTTP Return code: 400, 401, 500

Parameter Name	Value	Description
`message`	string	Operation status
`messages`	List: string	List of validation errors
`code`	string	Error code

Request

{

"template-id": 8988937,

"account-id": 7899567

}

Response

{

"message": "Template action ended successfully ",

"code": "17999"

}

claim-gateway

Description

Claim a Small Office Gateway with a template-id.

If the gateway is ready for deployment with its final configuration and deployment decisions, the under-construction parameter should be at its default (false) in the Small Office template that is used to claim the gateway. The gateway is then enabled for downloads from Zero Touch immediately.

If the Small Office Gateway needs additional editing, under-construction should be set to true in the Small Office template used to claim the gateway. This prevent downloads until the final configuration editing is complete.

Edits to the template after the gateway is claimed have no effect on the gateway.

Use the set-claimed-gateway-configuration command to edit the gateway and to change under-construction to false to allow the Zero Touch downloads to start.

Request URL

POST
https://zerotouch.checkpoint.com/ZeroTouch/web_api/v2/claim-gateway

Request Headers

Header Name	Value	Description
`Content-Type`	application /json	Send JSON object to use the API Web Services
`X-chkp-sid`	string token	Session unique identifier as the response to the login request

Request Body

Parameter Name	Value	Description
`object-name` Required	string	The gateway's name, a required field when claiming a gateway
`account-id` Required	int	The User Center account to which gateways and templates belong
`template-id` Required	int	The template's unique identifier
`mac` Required	string	Unique Media Access Control address for the gateway

Response

On Success, HTTP Return code: 200

Parameter Name	Value	Description
`gateway-configuration`	object	Gateway configuration information
`creation-time`	object	Timestamps for claiming a gateway
`last-modify-time`	object	Timestamps for last modifying a gateway
`gateway-status`	object	Gateway status information

gateway-configuration

Parameter Name	Value	Description
`object-name`	string	The gateway's name, a required field when claiming a gateway
`account-id`	int	The User Center account to which gateways and templates belong
`template-id`	int	The template's unique identifier
`template-name`	string	The name of the template used to claim this gateway
`creating-user`	string	The user who claims a gateway
`last-modifying-user`	string	The user who last modified a gateway
`service-center`	string	IP address or the DNS of the SMP server To manage your gateway from SMP, fill these fields: `service-center`, `registration-key`, `and portal` (used by the gateway for cloud activation)
`registration-key`	string	Key obtained from the gateway page in the SMP server To manage your gateway from SMP, fill these fields: `service-center`, `registration-key`, `portal` (Used by the gateway for cloud activation)
`user-script`	string	CLI commands execute on the gateway immediately after all other settings are applied In multiline CLISH scripts, use end line ("`\n`") at the end of each command line `"user-script": "set static-route 192.0.2.100 nexthop gateway address 192.0.2.155 on\nset static-route 192.0.3.0/24 nexthop blackhole\n"` Before executing the script, the gateway locks the database automatically No need to add the `"lock database override"` command to the script
`wireless-country`	string	Country in which the gateway is deployed
`admin-password`	string	Administrator password for the gateway The `admin-password` is returned as “`******`” in the JSON response
`admin-access`	string	Networks and IP addresses from which an administrator can access the gateway For example: `"10.2.3.56",` `"192.1.1.2,10.1.1.7/255.255.255.0"` An empty string means “any IP address”
`accept-lan`	boolean	Administrator has access to the gateway from a LAN, if `true` Default value: `true`
`accept-wifi`	boolean	Administrator has access to the gateway from a trusted WiFi, if `true` Default value: `true`
`accept-vpn`	boolean	Administrator has access to the gateway from a VPN, if `true` Default value: `true`
`accept-wan`	boolean	Administrator has access to the gateway from the internet, if `true` Default value: `true`
`limit-source-ip-mode`	string	If `true`, ignores certificate (if your SMP has a certificate from a CA that is not known to the gateway) Default value: `false`
`ignore-cert-verification`	boolean	If `true`, ignores certificate (if your SMP has a certificate from a CA that is not known to the gateway) Default value: `false`
`use-cpn-tp-server`	boolean	Use Check Point NTP servers `False` indicates not using them Default value: `true`
`auto-gateway-creation`	boolean	To automatically create the gateway in the SMP, set to `true` If `true`, these fields are required: `plan`, `service-center`, `registration-key,` `portal` If `false`, `plan` must be empty Default value: `false`
`rmd-web-url`	string	Link for "Reach My Device"
`rmd-shell-url`	string	Link for "Reach My Device"
`activate-rmd`	boolean	If `true`, then the gateway uses "Reach My Device" to be accessible while using NAT (Network Address Translation) within an organization
`under-construction`	boolean	A `true` value prevents downloads to the gateway until the final configuration and deployment decisions are complete Default value: `false`
`upload-info`	boolean	If `true`, improves product experience by sending data to Check Point
`time-zone`	string	Time zone for the gateway
`mac`	string	Unique Media Access Control address for the gateway
`comments`	string	General comments
`portal`	string	Service domain name for the gateway To manage your gateway from SMP, fill these fields: `service-center`, `registration-key`, `portal` (Used by the gateway for cloud activation)
`plan`	string	Plan name from the SMP If you fill this field, these fields are required: `auto-gateway-creation`, `service-center`, `registration-key` and `portal` If `auto-gateway-creation` is `false, plan` must be empty
`sku`	string	Stock Keeping Unit code for the gateway

creation-time

Parameter Name	Value	Description
`posix`	int	The value is the number of milliseconds that have elapsed since 00:00:00, 1 January 1970
`iso-8601`	string	Date and time represented in international ISO 8601 format

last-modify-time

Parameter Name	Value	Description
`posix`	int	The value is the number of milliseconds that have elapsed since 00:00:00, 1 January 1970
`iso-8601`	string	Date and time represented in international ISO 8601 format

gateway-status

Parameter Name	Value	Description
`status-value`	string	Either `underconstruction` (so that it will not download settings from Zero Touch), `set` (so that it can download settings from Zero Touch), or `claimed`
`reported-status`	string	Status code reported by the gateway Possible values: `notreported, fetched, activated`
`reported-status-time`	int	Timestamp when the gateway last reported its status The value is the number of milliseconds that have elapsed since 00:00:00, 1 January 1970
`status-text`	string	Gateway log file output (last 5000 characters)
`display-status`	string	Claimed gateway state display string in the Zero Touch Server Possible values: `Ready to deploy,` `Under construction,` `Registered with incomplete data`
`reported-display-status`	string	Status display string reported by the gateway Possible values: `Not reported, Gateway successfully downloaded settings, Connected to SMP`
`mac`	string	Unique Media Access Control address for the gateway

On Failure, HTTP Return code: 400, 401, 500

Parameter Name	Value	Description
`message`	string	Operation status
`messages`	List: string	List of validation errors
`code`	string	Error code

Request

{

"object-name": "gw7AB34E",

"account-id": 7899567,

"template-id": 8988937,

"mac": "xx:xx:xx:7A:B3:4E"

}

Response

[

{

"gateway-configuration": {

"object-name": "gw7AB34E",

"account-id": 7899567,

"template-id": 8988937,

"template-name": "Template A",

"creating-user": "user@domain.com",

"last-modifying-user": null,

"service-center": "",

"registration-key": "",

"user-script": "",

"wireless-country": "GB",

"admin-password": "******",

"admin-access": "",

"accept-lan": true,

"accept-wifi": true,

"accept-vpn": true,

"accept-wan": true,

"limit-source-ip-mode": "LIMIT_SRC_IP_MODE.NO_LIMIT",

"ignore-cert-verification": false,

"use-cpn-tp-server": true,

"auto-gateway-creation": false,

"rmd-web-url": "",

"rmd-shell-url": "",

"activate-rmd": false,

"under-construction": false,

"upload-info": false,

"creation-time": {

"posix": 1530099088,

"iso-8601": "2018-06-27T11:31"

"last-modify-time": {

"posix": 1530099088,

"iso-8601": "2018-06-27T11:31"

"time-zone": "GMT(Greenwich-Mean-Time/Dublin/Edinburgh/Lisbon/London)",

"mac": "xx:xx:xx:7A:B3:4E",

"comments": "My comments",

"portal": "",

"plan": "",

"sku": "CPAP-SG1450-NGTP"

"gateway-status": {

"status-value": "set",

"reported-status": "notreported",

"reported-status-time": null,

"status-text": null,

"display-status": "Ready to deploy",

"reported-display-status": "Not reported",

"mac": "xx:xx:xx:7A:B3:4E"

}

]

show-claimed-gateway

Description

Retrieve information about a claimed Small Office Gateway with its MAC address.

Request URL

POST
https://zerotouch.checkpoint.com/ZeroTouch/web_api/v2/show-claimed-gateway

Request Headers

Header Name	Value	Description
`Content-Type`	application/json	Send JSON object to use the API Web Services
`X-chkp-sid`	string token	Session unique identifier as the response to the login request

Request Body

Header Name	Value	Description
`mac` Required	string	Unique Media Access Control address for the gateway
`account-id` Required	int	The User Center account to which gateways and templates belong

Header Name

Value

Description

mac

Required

string

Unique Media Access Control address for the gateway

account-id

Required

int

The User Center account to which gateways and templates belong

Response

On Success, HTTP Return code: 200

Parameter Name	Value	Description
`gateway-configuration`	object	Gateway configuration information
`creation-time`	object	Timestamps for claiming a gateway
`last-modify-time`	object	Timestamps for last modifying a gateway
`gateway-status`	object	Gateway status information

gateway-configuration

Parameter Name	Value	Description
`object-name`	string	The gateway's name, a required field when claiming a gateway
`account-id`	int	The User Center account to which gateways and templates belong
`template-id`	int	The template's unique identifier
`template-name`	string	The name of the template used to claim this gateway
`creating-user`	string	The user who claims a gateway
`last-modifying-user`	string	The user who last modified a gateway
`service-center`	string	IP address or the DNS of the SMP server To manage your gateway from SMP, fill these fields: `service-center`, `registration-key`, `and portal` (used by the gateway for cloud activation)
`registration-key`	string	Key obtained from the gateway page in the SMP server To manage your gateway from SMP, fill these fields: `service-center`, `registration-key`, `portal` (Used by the gateway for cloud activation)
`user-script`	string	CLI commands execute on the gateway immediately after all other settings are applied In multiline CLISH scripts, use end line ("`\n`") at the end of each command line `"user-script": "set static-route 192.0.2.100 nexthop gateway address 192.0.2.155 on\nset static-route 192.0.3.0/24 nexthop blackhole\n"` Before executing the script, the gateway locks the database automatically No need to add the `"lock database override"` command to the script
`wireless-country`	string	Country in which the gateway is deployed
`admin-password`	string	Administrator password for the gateway The `admin-password` is returned as “`******`” in the JSON response
`admin-access`	string	Networks and IP addresses from which an administrator can access the gateway For example: `"10.2.3.56",` `"192.1.1.2,10.1.1.7/255.255.255.0"` An empty string means “any IP address”
`accept-lan`	boolean	Administrator has access to the gateway from a LAN, if `true` Default value: `true`
`accept-wifi`	boolean	Administrator has access to the gateway from a trusted WiFi, if `true` Default value: `true`
`accept-vpn`	boolean	Administrator has access to the gateway from a VPN, if `true` Default value: `true`
`accept-wan`	boolean	Administrator has access to the gateway from the internet, if `true` Default value: `true`
`limit-source-ip-mode`	string	Source IP mode If `admin-access` is an empty string, use: "`LIMIT_SRC_IP_MODE.NO_LIMIT"` If `admin-access` is an IPv4 address, or a network and a subnet, use: "`LIMIT_SRC_IP_MODE.ALL_INTERFACES`"
`ignore-cert-verification`	boolean	If `true`, ignores certificate (if your SMP has a certificate from a CA that is not known to the gateway) Default value: `false`
`use-cpn-tp-server`	boolean	Use Check Point NTP servers `False` indicates not using them Default value: `true`
`auto-gateway-creation`	boolean	To automatically create the gateway in the SMP, set to `true` If `true`, these fields are required: `plan`, `service-center`, `registration-key,` `portal` If `false`, `plan` must be empty Default value: `false`
`rmd-web-url`	string	Link for "Reach My Device"
`rmd-shell-url`	string	Link for "Reach My Device"
`activate-rmd`	boolean	If `true`, then the gateway uses "Reach My Device" to be accessible while using NAT (Network Address Translation) within an organization
`under-construction`	boolean	A `true` value prevents downloads to the gateway until the final configuration and deployment decisions are complete Default value: `false`
`upload-info`	boolean	If `true`, improves product experience by sending data to Check Point
`time-zone`	string	Time zone for the gateway
`mac`	string	Unique Media Access Control address for the gateway
`comments`	string	General comments
`portal`	string	Service domain name for the gateway To manage your gateway from SMP, fill these fields: `service-center`, `registration-key`, `portal` (Used by the gateway for cloud activation)
`plan`	string	Plan name from the SMP If you fill this field, these fields are required: `auto-gateway-creation`, `service-center`, `registration-key` and `portal` If `auto-gateway-creation` is `false, plan` must be empty
`sku`	string	Stock Keeping Unit code for the gateway

creation-time

Parameter Name	Value	Description
`posix`	int	The value is the number of milliseconds that have elapsed since 00:00:00, 1 January 1970
`iso-8601`	string	Date and time represented in international ISO 8601 format

last-modify-time

Parameter Name	Value	Description
`posix`	int	The value is the number of milliseconds that have elapsed since 00:00:00, 1 January 1970
`iso-8601`	string	Date and time represented in international ISO 8601 format

gateway-status

Parameter Name	Value	Description
`status-value`	string	Either `underconstruction` (so that it will not download settings from Zero Touch), `set` (so that it can download settings from Zero Touch), or `claimed`
`reported-status`	string	Status code reported by the gateway Possible values: `notreported, fetched, activated`
`reported-status-time`	int	Timestamp when the gateway last reported its status The value is the number of milliseconds that have elapsed since 00:00:00, 1 January 1970
`status-test`	string	Gateway log file output (last 5000 characters)
`display-status`	string	Claimed gateway state display string in the Zero Touch Server Possible values: `Ready to deploy,` `Under construction,` `Registered with incomplete data`
`reported-display-status`	string	Status display string reported by the gateway Possible values: `Not reported, Gateway successfully downloaded settings, Connected to SMP`
`mac`	string	Unique Media Access Control address for the gateway

On Failure, HTTP Return code: 400, 401, 500

Parameter Name	Value	Description
`message`	string	Operation status
`messages`	List: string	List of validation errors
`code`	string	Error code

Request

{

"mac": "xx:xx:xx:7A:B3:4E",

"account-id": 7899567

}

Response

[

{

"gateway-configuration": {

"object-name": "gw7AB34E",

"account-id": 7899567,

"template-id": 8988937,

"template-name": "Template A",

"creating-user": "user@domain.com",

"last-modifying-user": null,

"service-center": "",

"registration-key": "",

"user-script": "",

"wireless-country": "GB",

"admin-password": "******",

"admin-access": "",

"accept-lan": true,

"accept-wifi": true,

"accept-vpn": true,

"accept-wan": true,

"limit-source-ip-mode": "LIMIT_SRC_IP_MODE.NO_LIMIT",

"ignore-cert-verification": false,

"use-cpn-tp-server": true,

"auto-gateway-creation": false,

"rmd-web-url": "",

"rmd-shell-url": "",

"activate-rmd": false,

"under-construction": false,

"upload-info": false,

"creation-time": {

"posix": 1530099088,

"iso-8601": "2018-06-27T11:31"

"last-modify-time": {

"posix": 1530099088,

"iso-8601": "2018-06-27T11:31"

"time-zone": "GMT(Greenwich-Mean-Time/Dublin/Edinburgh/Lisbon/London)",

"mac": "xx:xx:xx:7A:B3:4E",

"comments": "My comments",

"portal": "",

"plan": "",

"sku": "CPAP-SG1450-NGTP"

"gateway-status": {

"status-value": "set",

"reported-status": "notreported",

"reported-status-time": null,

"status-text": null,

"display-status": "Ready to deploy",

"reported-display-status": "Not reported",

"mac": "xx:xx:xx:7A:B3:4E"

}

]

show-claimed-gateway-configuration

Description

Retrieve a claimed Small Office Gateway configuration with its MAC address.

Request URL

POST
https://zerotouch.checkpoint.com/ZeroTouch/web_api/v2/show-claimed-gateway-configuration

Request Headers

Header Name	Value	Description
`Content-Type`	application /json	Send JSON object to use the API Web Services
`X-chkp-sid`	string token	Session unique identifier as the response to the login request

Request Body

Header Name

Value

Description

mac

Required

string

Unique Media Access Control address for the gateway

account-id

Required

int

The User Center account to which gateways and templates belong

Response

On Success, HTTP Return code: 200

Parameter Name	Value	Description
`creation-time`	object	Timestamps for claiming a gateway
`last-modify-time`	object	Timestamps for last modifying a gateway

Parameter Name	Value	Description
`object-name`	string	The gateway's name, a required field when claiming a gateway
`account-id`	int	The User Center account to which gateways and templates belong
`template-id`	int	The template's unique identifier
`template-name`	string	The name of the template used to claim this gateway
`creating-user`	string	The user who claims a gateway
`last-modifying-user`	string	The user who last modified a gateway
`service-center`	string	IP address or the DNS of the SMP server To manage your gateway from SMP, fill these fields: `service-center`, `registration-key`, `and portal` (used by the gateway for cloud activation)
`registration-key`	string	Key obtained from the gateway page in the SMP server To manage your gateway from SMP, fill these fields: `service-center`, `registration-key`, `portal` (Used by the gateway for cloud activation)
`user-script`	string	CLI commands execute on the gateway immediately after all other settings are applied In multiline CLISH scripts, use end line ("`\n`") at the end of each command line `"user-script": "set static-route 192.0.2.100 nexthop gateway address 192.0.2.155 on\nset static-route 192.0.3.0/24 nexthop blackhole\n"` Before executing the script, the gateway locks the database automatically No need to add the `"lock database override"` command to the script
`wireless-country`	string	Country in which the gateway is deployed
`admin-password`	string	Administrator password for the gateway The `admin-password` is returned as “`******`” in the JSON response
`admin-access`	string	Networks and IP addresses from which an administrator can access the gateway For example: `"10.2.3.56",` `"192.1.1.2,10.1.1.7/255.255.255.0"` An empty string means “any IP address”
`accept-lan`	boolean	Administrator has access to the gateway from a LAN, if `true` Default value: `true`
`accept-wifi`	boolean	Administrator has access to the gateway from a trusted WiFi, if `true` Default value: `true`
`accept-vpn`	boolean	Administrator has access to the gateway from a VPN, if `true` Default value: `true`
`accept-wan`	boolean	Administrator has access to the gateway from the internet, if `true` Default value: `true`
`limit-source-ip-mode`	string	Source IP mode If `admin-access` is an empty string, use: "`LIMIT_SRC_IP_MODE.NO_LIMIT"` If `admin-access` is an IPv4 address, or a network and a subnet, use: "`LIMIT_SRC_IP_MODE.ALL_INTERFACES`"
`ignore-cert-verification`	boolean	If `true`, ignores certificate (if your SMP has a certificate from a CA that is not known to the gateway) Default value: `false`
`use-cpn-tp-server`	boolean	Use Check Point NTP servers `False` indicates not using them Default value: `true`
`auto-gateway-creation`	boolean	To automatically create the gateway in the SMP, set to `true` If `true`, these fields are required: `plan`, `service-center`, `registration-key,` `portal` If `false`, `plan` must be empty Default value: `false`
`rmd-web-url`	string	Link for "Reach My Device"
`rmd-shell-url`	string	Link for "Reach My Device"
`activate-rmd`	boolean	If `true`, then the gateway uses "Reach My Device" to be accessible while using NAT (Network Address Translation) within an organization
`under-construction`	boolean	A `true` value prevents downloads to the gateway until the final configuration and deployment decisions are complete Default value: `false`
`upload-info`	boolean	If `true`, improves product experience by sending data to Check Point
`time-zone`	string	Time zone for the gateway
`mac`	string	Unique Media Access Control address for the gateway
`comments`	string	General comments
`portal`	string	Service domain name for the gateway To manage your gateway from SMP, fill these fields: `service-center`, `registration-key`, `portal` (Used by the gateway for cloud activation)
`plan`	string	Plan name from the SMP If you fill this field, these fields are required: `auto-gateway-creation`, `service-center`, `registration-key` and `portal` If `auto-gateway-creation` is `false, plan` must be empty
`sku`	string	Stock Keeping Unit code for the gateway

creation-time

Parameter Name	Value	Description
`posix`	int	The value is the number of milliseconds that have elapsed since 00:00:00, 1 January 1970
`iso-8601`	string	Date and time represented in international ISO 8601 format

last-modify-time

Parameter Name	Value	Description
`posix`	int	The value is the number of milliseconds that have elapsed since 00:00:00, 1 January 1970
`iso-8601`	string	Date and time represented in international ISO 8601 format

On Failure, HTTP Return code: 400, 401, 500

Parameter Name	Value	Description
`message`	string	Operation status
`messages`	List: string	List of validation errors
`code`	string	Error code

Request

{

"mac": "xx:xx:xx:7A:B3:4E",

"account-id": 7899567

}

Response

{

"object-name": "gw7AB34E",

"account-id": 7899567,

"template-id": 106429682,

"template-name": "Template A",

"creating-user": "user@domain.com",

"last-modifying-user": null,

"service-center": "",

"registration-key": "",

"user-script": "",

"wireless-country": "GB",

"admin-password": "******",

"admin-access": "",

"accept-lan": true,

"accept-wifi": true,

"accept-vpn": true,

"accept-wan": true,

"limit-source-ip-mode": "LIMIT_SRC_IP_MODE.NO_LIMIT",

"ignore-cert-verification": false,

"use-cpn-tp-server": true,

"auto-gateway-creation": false,

"rmd-web-url": "",

"rmd-shell-url": "",

"activate-rmd": false,

"under-construction": false,

"upload-info": false,

"creation-time": {

"posix": 1530099088,

"iso-8601": "2018-06-27T11:31"

"last-modify-time": {

"posix": 1530099088,

"iso-8601": "2018-06-27T11:31"

"time-zone": "GMT(Greenwich-Mean-Time/Dublin/Edinburgh/Lisbon/London)",

"mac": "xx:xx:xx:7A:B3:4E",

"comments": "My comments",

"portal": "",

"plan": "",

"sku": "CPAP-SG1450-NGTP"

}

show-all-claimed-gateways

Description

Retrieve all the claimed Small Office Gateways with an account-id.

Request URL

POST
https://zerotouch.checkpoint.com/ZeroTouch/web_api/v2/show-all-claimed-gateways

Request Headers

Header Name	Value	Description
`Content-Type`	application/json	Send JSON object to use the API Web Services
`X-chkp-sid`	string token	Session unique identifier as the response to the login request

Request Body

Parameter Name

Value

Description

account-id

Required

int

The User Center account to which gateways and templates belong

Response

On Success, HTTP Return code: 200

Parameter Name	Value	Description
`gateway-configuration`	object	Gateway configuration information
`creation-time`	object	Timestamps for claiming a gateway
`last-modify-time`	object	Timestamps for last modifying a gateway
`gateway-status`	object	Gateway status information

gateway-configuration

Parameter Name	Value	Description
`object-name`	string	The gateway's name, a required field when claiming a gateway
`account-id`	int	The User Center account to which gateways and templates belong
`template-id`	int	The template's unique identifier
`template-name`	string	The name of the template used to claim this gateway
`creating-user`	string	The user who claims a gateway
`last-modifying-user`	string	The user who last modified a gateway
`service-center`	string	IP address or the DNS of the SMP server To manage your gateway from SMP, fill these fields: `service-center`, `registration-key`, `and portal` (used by the gateway for cloud activation)
`registration-key`	string	Key obtained from the gateway page in the SMP server To manage your gateway from SMP, fill these fields: `service-center`, `registration-key`, `portal` (Used by the gateway for cloud activation)
`user-script`	string	CLI commands execute on the gateway immediately after all other settings are applied In multiline CLISH scripts, use end line ("`\n`") at the end of each command line `"user-script": "set static-route 192.0.2.100 nexthop gateway address 192.0.2.155 on\nset static-route 192.0.3.0/24 nexthop blackhole\n"` Before executing the script, the gateway locks the database automatically No need to add the `"lock database override"` command to the script
`wireless-country`	string	Country in which the gateway is deployed
`admin-password`	string	Administrator password for the gateway The `admin-password` is returned as “`******`” in the JSON response
`admin-access`	string	Networks and IP addresses from which an administrator can access the gateway For example: `"10.2.3.56",` `"192.1.1.2,10.1.1.7/255.255.255.0"` An empty string means “any IP address”
`accept-lan`	boolean	Administrator has access to the gateway from a LAN, if `true` Default value: `true`
`accept-wifi`	boolean	Administrator has access to the gateway from a trusted WiFi, if `true` Default value: `true`
`accept-vpn`	boolean	Administrator has access to the gateway from a VPN, if `true` Default value: `true`
`accept-wan`	boolean	Administrator has access to the gateway from the internet, if `true` Default value: `true`
`limit-source-ip-mode`	string	Source IP mode If `admin-access` is an empty string, use: "`LIMIT_SRC_IP_MODE.NO_LIMIT"` If `admin-access` is an IPv4 address, or a network and a subnet, use: "`LIMIT_SRC_IP_MODE.ALL_INTERFACES`"
`ignore-cert-verification`	boolean	If `true`, ignores certificate (if your SMP has a certificate from a CA that is not known to the gateway) Default value: `false`
`use-cpn-tp-server`	boolean	Use Check Point NTP servers `False` indicates not using them Default value: `true`
`auto-gateway-creation`	boolean	To automatically create the gateway in the SMP, set to `true` If `true`, these fields are required: `plan`, `service-center`, `registration-key,` `portal` If `false`, `plan` must be empty Default value: `false`
`rmd-web-url`	string	Link for "Reach My Device"
`rmd-shell-url`	string	Link for "Reach My Device"
`activate-rmd`	boolean	If `true`, then the gateway uses "Reach My Device" to be accessible while using NAT (Network Address Translation) within an organization
`under-construction`	boolean	A `true` value prevents downloads to the gateway until the final configuration and deployment decisions are complete Default value: `false`
`upload-info`	boolean	If `true`, improves product experience by sending data to Check Point
`time-zone`	string	Time zone for the gateway
`mac`	string	Unique Media Access Control address for the gateway
`comments`	string	General comments
`portal`	string	Service domain name for the gateway To manage your gateway from SMP, fill these fields: `service-center`, `registration-key`, `portal` (Used by the gateway for cloud activation)
`plan`	string	Plan name from the SMP If you fill this field, these fields are required: `auto-gateway-creation`, `service-center`, `registration-key` and `portal` If `auto-gateway-creation` is `false, plan` must be empty
`sku`	string	Stock Keeping Unit code for the gateway

creation-time

Parameter Name	Value	Description
`posix`	int	The value is the number of milliseconds that have elapsed since 00:00:00, 1 January 1970
`iso-8601`	string	Date and time represented in international ISO 8601 format

last-modify-time

Parameter Name	Value	Description
`posix`	int	The value is the number of milliseconds that have elapsed since 00:00:00, 1 January 1970
`iso-8601`	string	Date and time represented in international ISO 8601 format

gateway-status

Parameter Name	Value	Description
`status-value`	string	Either `underconstruction` (so that it will not download settings from Zero Touch), `set` (so that it can download settings from Zero Touch), or `claimed`
`reported-status`	string	Status code reported by the gateway Possible values: `notreported, fetched, activated`
`reported-status-time`	int	Timestamp when the gateway last reported its status The value is the number of milliseconds that have elapsed since 00:00:00, 1 January 1970
`status-test`	string	Gateway log file output (last 5000 characters)
`display-status`	string	Claimed gateway state display string in the Zero Touch Server Possible values: `Ready to deploy,` `Under construction,` `Registered with incomplete data`
`reported-display-status`	string	Status display string reported by the gateway Possible values: `Not reported, Gateway successfully downloaded settings, Connected to SMP`
`mac`	string	Unique Media Access Control address for the gateway

On Failure, HTTP Return code: 400, 401, 500

Parameter Name	Value	Description
`message`	string	Operation status
`messages`	List: string	List of validation errors
`code`	string	Error code

Request

{

"account-id": 7899567

}

Response

[

{

"gateway-configuration": {

"object-name": "gw7AB34E",

"account-id": 7899567,

"template-id": 8988937,

"template-name": "Template A",

"creating-user": "user@domain.com",

"last-modifying-user": "user@domain.com",

"service-center": "",

"registration-key": "",

"user-script": "",

"wireless-country": "GB",

"admin-password": "******",

"admin-access": "",

"accept-lan": true,

"accept-wifi": true,

"accept-vpn": true,

"accept-wan": true,

"limit-source-ip-mode": "LIMIT_SRC_IP_MODE.NO_LIMIT",

"ignore-cert-verification": false,

"use-cpn-tp-server": true,

"auto-gateway-creation": false,

"rmd-web-url": "",

"rmd-shell-url": "",

"activate-rmd": false,

"under-construction": false,

"upload-info": false,

"creation-time": {

"posix": 1530099088,

"iso-8601": "2018-06-27T11:31"

"last-modify-time": {

"posix": 1530099088,

"iso-8601": "2018-06-27T11:31"

"time-zone": "GMT(Greenwich-Mean-Time/Dublin/Edinburgh/Lisbon/London)",

"mac": "xx:xx:xx:7A:B3:4E",

"comments": "My comments",

"portal": "",

"plan": "",

"sku": "CPAP-SG1450-NGTP"

"gateway-status": {

"status-value": "set",

"reported-status": "notreported",

"reported-status-time": null,

"status-text": null,

"display-status": "Ready to deploy",

"reported-display-status": "Not reported",

"mac": "xx:xx:xx:7A:B3:4E"

}

]

set-claimed-gateway-configuration

Description

Edit a claimed Small Office Gateway for an account-id.

The request changes the object for the fields that you include in the Request Body.

This API command is meant to edit Small Office Gateways before deployment when their under-construction parameters have been set to true by their templates. This allows changes to be made on the gateways before downloading from Zero Touch.

A gateway only has access to its template when it is being claimed. Edits to the template after the gateway is claimed have no effect on the gateway.

Set under-construction to false in the Request Body to allow the Zero Touch downloads to start.

Request URL

POST
https://zerotouch.checkpoint.com/ZeroTouch/web_api/v2/set-claimed-gateway-configuration

Request Headers

Header Name	Value	Description
`Content-Type`	application/json	Send JSON object to use the API Web Services
`X-chkp-sid`	string token	Session unique identifier as the response to the login request

Request Body

Parameter Name	Value	Description
`account-id` Required	int	The User Center account to which gateways and templates belong
`mac` Required	string	Unique Media Access Control address for the gateway
`time-zone`	string	Time zone for the gateway
`object-name`	string	The gateway's name, a required field when claiming a gateway
`creation-date`	int	Set the date the gateway was claimed (Optional) The value is the number of milliseconds that have elapsed since 00:00:00, 1 January 1970
`template-id`	int	The template's unique identifier
`template-name`	string	The name of the template used to claim this gateway
`user-script`	string	CLI commands execute on the gateway immediately after all other settings are applied In multiline CLISH scripts, use end line ("`\n`") at the end of each command line `"user-script": "set static-route 192.0.2.100 nexthop gateway address 192.0.2.155 on\nset static-route 192.0.3.0/24 nexthop blackhole\n"` Before executing the script, the gateway locks the database automatically No need to add the `"lock database override"` command to the script
`accept-lan`	boolean	Administrator has access to the gateway from a LAN, if `true` Default value: `true`
`accept-wifi`	boolean	Administrator has access to the gateway from a trusted WiFi, if `true` Default value: `true`
`accept-vpn`	boolean	Administrator has access to the gateway from a VPN, if `true` Default value: `true`
`accept-wan`	boolean	Administrator has access to the gateway from the internet, if `true` Default value: `true`
`rmd-web-url`	string	Link for "Reach My Device"
`upload-info`	boolean	If `true`, improves product experience by sending data to Check Point
`last-modify-date`	int	Set the date the gateway was last modified The value is the number of milliseconds that have elapsed since 00:00:00, 1 January 1970
`creating-user`	string	The user who claims a gateway
`last-modifying-user`	string	The user who last modified a gateway
`service-center`	string	IP address or the DNS of the SMP server To manage your gateway from SMP, fill these fields: `service-center`, `registration-key`, `and portal` (used by the gateway for cloud activation)
`registration-key`	string	Key obtained from the gateway page in the SMP server To manage your gateway from SMP, fill these fields: `service-center`, `registration-key`, `portal` (Used by the gateway for cloud activation)
`wireless-country`	string	Country in which the gateway is deployed
`admin-password`	string	Administrator password for the gateway The `admin-password` is returned as “`******`” in the JSON response
`admin-access`	string	Networks and IP addresses from which an administrator can access the gateway For example: `"10.2.3.56",` `"192.1.1.2,10.1.1.7/255.255.255.0"` An empty string means “any IP address”
`limit-source-ip-mode`	string	Source IP mode If `admin-access` is an empty string, use: "`LIMIT_SRC_IP_MODE.NO_LIMIT"` If `admin-access` is an IPv4 address, or a network and a subnet, use: "`LIMIT_SRC_IP_MODE.ALL_INTERFACES`"
`ignore-cert-verification`	boolean	If `true`, ignores certificate (if your SMP has a certificate from a CA that is not known to the gateway) Default value: `false`
`use-cpn-tp-server`	boolean	Use Check Point NTP servers `False` indicates not using them Default value: `true`
`auto-gateway-creation`	boolean	To automatically create the gateway in the SMP, set to `true` If `true`, these fields are required: `plan`, `service-center`, `registration-key,` `portal` If `false`, `plan` must be empty Default value: `false`
`rmd-shell-url`	string	Link for "Reach My Device"
`activate-rmd`	boolean	If `true`, then the gateway uses "Reach My Device" to be accessible while using NAT (Network Address Translation) within an organization
`under-construction`	boolean	A `true` value prevents downloads to the gateway until the final configuration and deployment decisions are complete Default value: `false`
`comments`	string	General comments
`portal`	string	Service domain name for the gateway To manage your gateway from SMP, fill these fields: `service-center`, `registration-key`, `portal` (Used by the gateway for cloud activation)
`plan`	string	Plan name from the SMP If you fill this field, these fields are required: `auto-gateway-creation`, `service-center`, `registration-key` and `portal` If `auto-gateway-creation` is `false, plan` must be empty
`sku`	string	Stock Keeping Unit code for the gateway

Response

On Success, HTTP Return code: 200

Parameter Name	Value	Description
`creation-time`	object	Timestamps for claiming a gateway
`last-modify-time`	object	Timestamps for last modifying a gateway

Parameter Name	Value	Description
`object-name`	string	The gateway's name, a required field when claiming a gateway
`template-name`	string	The name of the template used to claim this gateway
`rmd-web-url`	string	Link for "Reach My Device"
`rmd-shell-url`	string	Link for "Reach My Device"
`admin-access`	string	Networks and IP addresses from which an administrator can access the gateway For example: `"10.2.3.56",` `"192.1.1.2,10.1.1.7/255.255.255.0"` An empty string means “any IP address”
`accept-lan`	boolean	Administrator has access to the gateway from a LAN, if `true` Default value: `true`
`accept-wifi`	boolean	Administrator has access to the gateway from a trusted WiFi, if `true` Default value: `true`
`accept-vpn`	boolean	Administrator has access to the gateway from a VPN, if `true` Default value: `true`
`accept-wan`	boolean	Administrator has access to the gateway from the internet, if `true` Default value: `true`
`limit-source-ip-mode`	string	Source IP mode If `admin-access` is an empty string, use: "`LIMIT_SRC_IP_MODE.NO_LIMIT"` If `admin-access` is an IPv4 address, or a network and a subnet, use: "`LIMIT_SRC_IP_MODE.ALL_INTERFACES`"
`ignore-cert-verification`	boolean	If `true`, ignores certificate (if your SMP has a certificate from a CA that is not known to the gateway) Default value: `false`
`use-cpn-tp-server`	boolean	Use Check Point NTP servers `False` indicates not using them Default value: `true`
`auto-gateway-creation`	boolean	To automatically create the gateway in the SMP, set to `true` If `true`, these fields are required: `plan`, `service-center`, `registration-key,` `portal` If `false`, `plan` must be empty Default value: `false`
`activate-rmd`	boolean	If `true`, then the gateway uses "Reach My Device" to be accessible while using NAT (Network Address Translation) within an organization
`under-construction`	boolean	A `true` value prevents downloads to the gateway until the final configuration and deployment decisions are complete Default value: `false`
`account-id`	int	The User Center account to which gateways and templates belong
`template-id`	int	The template's unique identifier
`creating-user`	string	The user who claims a gateway
`last-modifying-user`	string	The user who last modified a gateway
`service-center`	string	IP address or the DNS of the SMP server To manage your gateway from SMP, fill these fields: `service-center`, `registration-key`, `and portal` (used by the gateway for cloud activation)
`registration-key`	string	Key obtained from the gateway page in the SMP server To manage your gateway from SMP, fill these fields: `service-center`, `registration-key`, `portal` (Used by the gateway for cloud activation)
`user-script`	string	CLI commands execute on the gateway immediately after all other settings are applied In multiline CLISH scripts, use end line ("`\n`") at the end of each command line `"user-script": "set static-route 192.0.2.100 nexthop gateway address 192.0.2.155 on\nset static-route 192.0.3.0/24 nexthop blackhole\n"` Before executing the script, the gateway locks the database automatically No need to add the `"lock database override"` command to the script
`wireless-country`	string	Country in which the gateway is deployed
`admin-password`	string	Administrator password for the gateway The `admin-password` is returned as “`******`” in the JSON response
`upload-info`	boolean	If `true`, improves product experience by sending data to Check Point
`time-zone`	string	Time zone for the gateway
`mac`	string	Unique Media Access Control address for the gateway
`plan`	string	Plan name from the SMP If you fill this field, these fields are required: `auto-gateway-creation`, `service-center`, `registration-key` and `portal` If `auto-gateway-creation` is `false, plan` must be empty
`sku`	string	Stock Keeping Unit code for the gateway
`comments`	string	General comments
`portal`	string	Service domain name for the gateway To manage your gateway from SMP, fill these fields: `service-center`, `registration-key`, `portal` (Used by the gateway for cloud activation)

creation-time

Parameter Name	Value	Description
`posix`	int	The value is the number of milliseconds that have elapsed since 00:00:00, 1 January 1970
`iso-8601`	string	Date and time represented in international ISO 8601 format

last-modify-time

Parameter Name	Value	Description
`posix`	int	The value is the number of milliseconds that have elapsed since 00:00:00, 1 January 1970
`iso-8601`	string	Date and time represented in international ISO 8601 format

On Failure, HTTP Return code: 400, 401, 500

Parameter Name	Value	Description
`message`	string	Operation status
`messages`	List: string	List of validation errors
`code`	string	Error code

Request

{

"time-zone": "GMT(Greenwich-Mean-Time/Dublin/Edinburgh/Lisbon/London)",

"object-name": "gw7AB34E",

"creation-date": 1530099088,

"account-id": 7899567,

"template-id": 8988937,

"template-name": "Template A",

"user-script": "",

"accept-lan": true,

"accept-wifi": true,

"accept-vpn": true,

"accept-wan": true,

"rmd-web-url": "",

"upload-info": true,

"last-modify-date": 1530099088,

"creating-user": "user@domain.com",

"last-modifying-user": "user@domain.com",

"service-center": "",

"registration-key": "",

"wireless-country": "GB",

"admin-password": "******",

"admin-access": "",

"limit-source-ip-mode": "LIMIT_SRC_IP_MODE.NO_LIMIT",

"ignore-cert-verification": false,

"use-cpn-tp-server": true,

"auto-gateway-creation": false,

"rmd-shell-url": "",

"activate-rmd": false,

"under-construction": false,

"mac": "xx:xx:xx:7A:B3:4E",

"comments": "My comments",

"portal": "",

"plan": "",

"sku": "CPAP-SG1450-NGTP"

}

Response

{

"object-name": "gw7AB34E",

"template-name": "Template A",

"rmd-web-url": "",

"rmd-shell-url": "",

"creation-time": {

"iso-8601": "2018-06-27T11:31",

"posix": 1530099088

"last-modify-time": {

"iso-8601": "2018-06-27T11:31",

"posix": 1530099088

"admin-access": "",

"accept-lan": true,

"accept-wifi": true,

"accept-vpn": true,

"accept-wan": true,

"limit-source-ip-mode": "LIMIT_SRC_IP_MODE.NO_LIMIT",

"ignore-cert-verification": false,

"use-cpn-tp-server": true,

"auto-gateway-creation": false,

"activate-rmd": false,

"under-construction": false,

"account-id": 7899567,

"template-id": 8988937,

"creating-user": "user@domain.com",

"last-modifying-user": "user@domain.com",

"service-center": "",

"registration-key": "",

"user-script": "",

"wireless-country": "GB",

"admin-password": "******",

"upload-info": true,

"time-zone": "GMT(Greenwich-Mean-Time/Dublin/Edinburgh/Lisbon/London)",

"mac": "xx:xx:xx:7A:B3:4E",

"plan": "",

"sku": "CPAP-SG1450-NGTP",

"comments": "My comments",

"portal": ""

}

show-claimed-gateway-status

Description

Retrieve a claimed Small Office Gateway's status with its MAC address.

Request URL

POST
https://zerotouch.checkpoint.com/ZeroTouch/web_api/v2/show-claimed-gateway-status

Request Headers

Header Name	Value	Description
`Content-Type`	application /json	Send JSON object to use the API Web Services
`X-chkp-sid`	string token	Session unique identifier as the response to the login request

Request Body

Header Name

Value

Description

mac

Required

string

Unique Media Access Control address for the gateway

account-id

Required

int

The User Center account to which gateways and templates belong

Response

On Success, HTTP Return code: 200

Parameter Name	Value	Description
`status-value`	string	Either `underconstruction` (so that it will not download settings from Zero Touch), `set` (so that it can download settings from Zero Touch), or `claimed`
`reported-status`	string	Status code reported by the gateway Possible values: `notreported, fetched, activated`
`reported-status-time`	int	Timestamp when the gateway last reported its status The value is the number of milliseconds that have elapsed since 00:00:00, 1 January 1970
`status-text`	string	Gateway log file output (last 5000 characters)
`display-status`	string	Claimed gateway state display string in the Zero Touch Server Possible values: `Ready to deploy,` `Under construction,` `Registered with incomplete data`
`reported-display-status`	string	Status display string reported by the gateway Possible values: `Not reported, Gateway successfully downloaded settings, Connected to SMP`
`mac`	string	Unique Media Access Control address for the gateway

On Failure, HTTP Return code: 400, 401, 500

Parameter Name	Value	Description
`message`	string	Operation status
`messages`	List: string	List of validation errors
`code`	string	Error code

Request

{

"mac": "xx:xx:xx:7A:B3:4E",

"account-id": 7899567

}

Response

{

"status-value": "set",

"reported-status": "notreported",

"reported-status-time": null,

"status-text": null,

"display-status": "Ready to deploy",

"reported-display-status": "Not reported",

"mac": "xx:xx:xx:7A:B3:4E"

}

unclaim-gateway

Description

Remove a Small Office Gateway from the Claimed Gateways list so that it is no longer eligible for Zero Touch Cloud Service downloads.

Request URL

POST
https://zerotouch.checkpoint.com/ZeroTouch/web_api/v2/unclaim-gateway

Request Headers

Header Name	Value	Description
`Content-Type`	application /json	Send JSON object to use the API Web Services
`X-chkp-sid`	string token	Session unique identifier as the response to the login request

Request Body

Header Name

Value

Description

mac

Required

string

Unique Media Access Control address for the gateway

account-id

Required

int

The User Center account to which gateways and templates belong

Response

On Success, HTTP Return code: 200

Parameter Name	Value	Description
`message`	string	Operation status
`code`	string	Success code

On Failure, HTTP Return code: 400, 401, 500

Parameter Name	Value	Description
`message`	string	Operation status
`messages`	List: string	List of validation errors
`code`	string	Error code

Request

{

"mac": "xx:xx:xx:7A:B3:4E",

"account-id": 7899567

}

Response

{

"message": "Gateway action ended successfully ",

"code": "17999"

}