Adding a VSX Gateway

Description

This command adds a new VSX Gateway Physical server that hosts VSX virtual networks, including all Virtual Devices that provide the functionality of physical network devices. It holds at least one Virtual System, which is called VS0. object.

Syntax

add vsx type gateway name <Name of VSX Gateway Object> version <Version> main_ip <Main IPv4 Address> [main_ip6 <Main IPv6 Address>] sic_otp <Activation Key> [rule_snmp {enable | disable}] [rule_ssh {enable | disable}] [rule_ping {enable | disable} [rule_ping6 {enable | disable}] [rule_https {enable | disable}] [rule_drop {enable | disable}]

Note - In this transaction, you can only add the "set physical interface" command.

Parameters


`type`	`gateway`	You must use the value "`gateway`" to add a new VSX Virtual System Extension. Check Point virtual networking solution, hosted on a computer or cluster with virtual abstractions of Check Point Security Gateways and other network devices. These Virtual Devices provide the same functionality as their physical counterparts. Gateway object.
`name <Name of VSX Gateway Object>`	Object name	Defines the name of the VSX Gateway object. You cannot use spaces of Check Point reserved words.
`version <Version>`	Check Point version	Defines the Check Point version of the VSX Gateway object. You must enter the exact version as appears in SmartConsole Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on. (case-sensitive).
`main_ip <Main IPv4 Address>`	IPv4 Address	Defines the main IPv4 Address of the VSX Gateway object.
`main_ip6 <Main IPv6 Address>`	IPv6 Address	Defines the main IPv6 Address of the VSX Gateway object.
`sic_otp <Activation Key>`	SIC Secure Internal Communication. The Check Point proprietary mechanism with which Check Point computers that run Check Point software authenticate each other over SSL, for secure communication. This authentication is based on the certificates issued by the ICA on a Check Point Management Server. password	You must enter the same Activation Key you entered during the First Time Configuration Wizard of the VSX Gateway.
`rule_snmp {enable \| disable}`	`enable` `disable`	Controls how to process all SNMP packets sent to the VSX Gateway: `enable` - Allows all SNMP packets `disable` - Drops all SNMP packets (default)
`rule_ssh {enable \| disable}`	`enable` `disable`	Controls how to process all SSH packets sent to the VSX Gateway: `enable` - Allows all SSH packets `disable` - Drops all SSH packets (default)
`rule_ping {enable \| disable}`	`enable` `disable`	Controls how to process all ICMP Echo Request (ping) packets sent to the VSX Gateway: `enable` - Allows all IPv4 ping packets `disable` - Drops all IPv4 ping packets (default)
`rule_ping6 {enable \| disable}`	`enable` `disable`	Controls how to process all ICMPv6 Echo Request (ping) packets sent to the VSX Gateway: `enable` - Allows all IPv6 ping packets `disable` - Drops all IPv6 ping packets (default)
`rule_https {enable \| disable}`	`enable` `disable`	Controls how to process all HTTPS packets sent to the VSX Gateway: `enable` - Allows all HTTPS packets `disable` - Drops all HTTPS packets (default)
`rule_drop {enable \| disable}`	`enable` `disable`	Controls how to process all packets (other than SNMP, SSH, ICMP, ICMPv6, HTTPS) sent to the VSX Gateway: `enable` - Drops all other packets (default) `disable` - Allows all other packets

Example

vsx_provisioning_tool -s localhost -u admin -p mypassword -o add vsx name VSX_GW1 type gateway main_ip 192.168.20.1 version R81 sic_otp ABCDEFG rule_ssh enable rule_ping enable