Skip to content

Management MCP Tool - Access Rulebase Limit #229

New issue
New issue
Open
Open
Management MCP Tool - Access Rulebase Limit#229
@kevinrivasr

Description

@kevinrivasr
kevinrivasr
opened on Mar 24, 2026

Hi,

We are currently experiencing an issue with Management MCP. When querying the AI model (GPT-5.1 using OpenWebUI) to retrieve access rules, it only returns the first 50 rules, even though the management server contains more than 50. Pagination does not seem to be working.

tool: cp-management_show_access_rulebase
Request:
{
"name": "Standard Network",
"package": "Standard",
"limit": 1,
"offset": 0,
"format": "model-friendly"
}

Response:
"
Rulebase Summary:

  • Name: Standard_XXXX-XXX Network
  • Sections: 9
  • Total Rules: 50
  • Inline Layers: Not expanded
  • Group Expansion: Disabled

Check Point Rulebase: Standard_XXXX-XXX Network

SECTION 1: Drop Rule
Rules 1-4
Layer UID: ----****

RULE 1: Unnamed Rule
Status: ENABLED
Sources:
- ip_suspicius
Destinations:
- Any | type: CpmiAnyObject | details: any
Services:
- Any | type: CpmiAnyObject | details: any
Action: Drop
Track: [object Object]
Time Restrictions:
- Any | type: CpmiAnyObject | details: any

{TRUNKED CONTENT RULES 2-49}

RULE 50: TEST RULE
Status: ENABLED
Sources:
- xx.net.DMZ.XXX | type: network | details: xxx.xxx.xx.x/24
Destinations:
- net_XXXX_XX.X.XX.X | type: network | details: XX.X.XX.X/24
Services:
- TCP_XXXX_XXXX | type: service-tcp | details: port: XXXX
Action: Accept
Track: [object Object]
Time Restrictions:
- Any | type: CpmiAnyObject | details: any"

Despite modifying the limit (0, 1, 50, 100) and using different offset values, the response consistently returns only the first 50 rules.

Additionally, when using show_raw: true, we can see that the total number of rules is higher:

cp-management_show_access_rulebase
Request:
{
"name": "Standard Network",
"package": "Standard",
"show_raw": true,
"format": "model-friendly",
"limit": 1,
"offset": 10
}

Response:
{
"uid": "xxxxxxxxxxxxxxxxxxxx",
"name": "Standard Network",
"rulebase": [...],
"objects-dictionary": [...],
"from": 1,
"to": 50,
"total": 113
}

However, even when setting an offset (e.g., offset = 10), the response still includes rules starting from the beginning instead of applying proper pagination.

Could you please confirm if this behavior is expected or if any specific configuration is required to enable pagination?

Thanks you,
Best regards,

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions