background image

show group

SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   398

show group

Description

Shows the contents of a network object group.

Syntax

show group

<name>

Parameters

Parameter

Description

name

Network Object group name

Type: A string that begins with a letter and contain up to 32 alphanumeric (0-9, a-z, _ - .)
characters without spaces

Example

show group myObject_17

Содержание SMB 1500 Series

Страница 1: ... Classification Protected 30 March 2020 SMB 1500 APPLIANCE SERIES R80 20 05 CLI Reference Guide ...

Страница 2: ...en authorization of Check Point While every precaution has been taken in the preparation of this book Check Point assumes no responsibility for errors or omissions This publication and features described herein are subject to change without notice RESTRICTED RIGHTS LEGEND Use duplication or disclosure by the government is subject to restrictions as set forth in subparagraph c 1 ii of the Rights in...

Страница 3: ...ons For third party independent certification of Check Point products see the Check Point Certifications page Check Point R80 20 05 For more about this release see the R80 20 05 home page Latest Version of this Document Open the latest version of this document in a Web browser Download the latest version of this document in PDF format Feedback Check Point is engaged in a continuous effort to impro...

Страница 4: ...rule type incoming internal and vpn 56 add access rule type incoming internal and vpn 57 delete access rule type incoming internal and vpn 59 set access rule type incoming internal and vpn 60 show access rule type incoming internal and vpn 63 additional hw settings 64 set additional hw settings 65 show additional hw settings 66 additional management settings 67 set additional management settings 6...

Страница 5: ...dmin access ipv4 address 91 add admin access ipv4 address 92 delete admin access ipv4 address 93 show admin access ipv4 addresses 94 delete admin access ipv4 address all 95 administrator 96 add administrator 97 delete administrator 98 set administrator 99 set administrator 100 set administrator 101 set administrators 102 set administrators 103 show administrator 104 show administrators 105 show ad...

Страница 6: ...set aggressive aging 119 set aggressive aging 120 set aggressive aging 123 show aggressive aging 124 show aggressive aging 125 show aggressive aging 126 antispam 127 set antispam 128 set antispam 129 set antispam 131 set antispam 132 set antispam 133 set antispam 134 set antispam 135 set antispam 136 set antispam 137 set antispam 138 show antispam 139 show antispam 140 show antispam 141 antispam a...

Страница 7: ...ked sender 155 delete antispam blocked sender 156 delete antispam blocked sender 157 delete antispam blocked sender 158 show antispam blocked senders 159 application 160 add application 161 add application 162 add application 163 delete application 164 delete application 165 delete application 166 find application 167 set application 168 set application 169 set application 170 set application 171 ...

Страница 8: ...ontrol engine settings 192 set application control engine settings 193 set application control engine settings 194 set application control engine settings 195 set application control engine settings 196 show application control engine settings 197 application group 198 add application group 199 delete application group 200 delete application group 201 delete application group 202 set application g...

Страница 9: ...set blade update schedule 223 set blade update schedule 225 set blade update schedule 226 show blade update schedule 227 show blade update schedule 228 show blade update schedule 229 bookmark 230 add bookmark 231 delete bookmark 233 delete bookmark 234 delete bookmark 235 set bookmark 236 show bookmark 238 show bookmarks 239 bridge 240 add bridge 241 delete bridge 242 set bridge 243 set bridge 244...

Страница 10: ... services 263 show cloud services connection details 264 cloud services firmware upgrade 265 set cloud services firmware upgrade 266 set cloud services firmware upgrade 267 set cloud services firmware upgrade 268 set cloud services firmware upgrade 269 show cloud services firmware upgrade 270 show cloud services firmware upgrade 271 show cloud services firmware upgrade 272 show cloud service manag...

Страница 11: ... relay 302 show dhcp relay 303 show dhcp servers 304 dhcp server interface 305 delete dhcp server interface 306 set dhcp server interface 307 set dhcp server interface 308 set dhcp server interface 309 set dhcp server interface 310 set dhcp server interface 311 set dhcp server interface 312 set dhcp server interface 313 set dhcp server interface 314 set dhcp server interface 315 set dhcp server in...

Страница 12: ...nterface 327 set dhcp server interface 328 set dhcp server interface 329 show dhcp server interface 330 show dhcp server interface 331 show dhcp server interface 332 show diag 333 show disk usage 334 dns 335 delete dns 336 delete dns 337 delete dns 338 delete dns 339 delete dns 340 set dns 341 set dns 342 set dns 343 set dns 344 set dns 345 show dns 346 show dns 347 show dns 348 dsl 349 set dsl ad...

Страница 13: ...ificate 368 fetch policy 369 fw commands 370 fw policy 372 set fw policy 373 set fw policy 374 set fw policy 375 set fw policy 376 show fw policy 377 show fw policy 378 show fw policy 379 show fw policy 380 set fw policy user check accept 381 set fw policy user check ask 382 set fw policy user check block 384 set fw policy user check block device 385 set fw policy user check block infected device ...

Страница 14: ...st 403 set host 404 show host 406 show hosts 407 hotspot 408 set hotspot 409 set hotspot 410 set hotspot 412 set hotspot 413 set hotspot 414 set hotspot 415 show hotspot 416 show hotspot 417 show hotspot 418 https categorization 419 set https categorization 420 set https categorization 421 set https categorization 422 set https categorization 423 show https categorization 424 interface 425 add int...

Страница 15: ... set interface 441 set interface 442 show interface 443 show interfaces 444 show interfaces all 445 interface alias 446 add interface alias 446 delete interface alias 447 set interface alias 448 interface bond 449 add interface bond 449 delete interface bond 450 set interface bond 451 set interface bond 452 set interface bond 453 show interface bond 454 show interfaces bond 455 internal certificat...

Страница 16: ...delete interface loopback 469 internet 470 add internet connection interface cellular 470 set internet 471 set internet connection VALUE type cellular 471 show internet 473 internet connection 474 add internet connection 475 add internet connection physical interface 476 WAN 476 ADSL 481 DSL 485 DMZ 488 add internet connection 3G 4G modem 496 delete internet connection 498 delete internet connecti...

Страница 17: ...on 522 show internet connection 523 show internet connection 524 show internet connection 525 show internet connections 526 show internet connections table 527 internet connection bond 528 delete internet connection bond 528 set internet connection bond 529 set internet connection bond 530 set internet connection bond 531 show internet connection bond 532 show internet connections bond 533 interne...

Страница 18: ...553 set local group 554 set local group 555 set local group 556 show local group 557 show local groups 558 set local group users 559 set local group users 560 set local group users 561 local user 562 add local user 563 delete local user 565 delete local user 566 delete local user 567 set local user 568 set local user 569 set local user 571 set local user 572 show local user 573 show local users 57...

Страница 19: ... filtering settings 589 set mac filtering settings 590 set mac filtering settings 591 set mac filtering settings 592 set mac filtering settings 593 show mac filtering settings 594 show mac filtering settings 595 show mac filtering settings 596 set mobile settings 597 set mobile settings 598 show mobile settings 599 mobile device 600 revoke mobile device 600 mobile settings 601 set mobile settings ...

Страница 20: ...itor mode networks 612 monitor mode configuration 613 set monitor mode configuration 614 show monitor mode configuration 615 message 616 set message 617 show message 618 show message 619 show memory usage 620 nat 621 set nat 622 set nat 623 set nat 624 set nat 625 set nat 626 set nat 627 set nat 628 set nat 629 set nat 630 set nat 631 set nat 632 set nat 633 set nat 634 set nat 635 show nat 636 sh...

Страница 21: ...52 add netflow collector 653 delete netflow collector 654 set netflow collector 655 show netflow collector 656 show netflow collectors 657 network 658 add network 659 delete network 660 set network 661 show network 662 show networks 663 show notifications log 664 notifications policy 665 set notifications policy 666 set notifications policy 667 set notifications policy 668 show notifications polic...

Страница 22: ...4 set periodic backup 685 show periodic backup 687 set property 688 privacy settings 689 set privacy settings 690 show privacy settings 691 proxy 692 delete proxy 693 set proxy 694 set proxy 695 set proxy 696 show proxy 697 qos 698 set qos 699 set qos 700 set qos 701 set qos 702 set qos 703 show qos 704 show qos 705 show qos 706 qos delay sensitive service 707 set qos delay sensitive service 708 s...

Страница 23: ...width selected services 716 qos rule 717 add qos rule 718 delete qos rule 721 delete qos rule 722 delete qos rule 723 set qos rule 724 set qos rule 725 set qos rule 728 show qos rule 731 show qos rule 732 show qos rule 733 show qos rules 734 radius server 735 delete radius server 736 set radius server 737 show radius server 738 show radius servers 739 reach my device 740 set reach my device 741 se...

Страница 24: ...t settings 759 show report settings 760 show rule hits 761 show saved image 762 update security blades 763 security management 764 connect security management 765 set security management 766 set security management 767 set security management 768 show security management 769 serial port 770 set serial port 771 set serial port 772 set serial port 773 set serial port 774 set serial port nine pin 775...

Страница 25: ...ice group 795 set service group 796 show service group 797 show service groups 798 service icmp 799 add service icmp 800 delete service icmp 801 set service icmp 802 show service icmp 803 add service protocol 804 service protocol 805 delete service protocol 806 set service protocol 807 show service protocol 809 show services protocol 810 set server server access 811 set server server nat settings ...

Страница 26: ... default DNS_UDP 840 show service system default DNS_UDP 841 set service system default FTP 842 show service system default FTP 844 set service system default FTP firewall settings 845 show service system default FTP firewall settings 846 set service system default GRE 847 show service system default GRE 849 set service system default H323 850 show service system default H323 852 set service syste...

Страница 27: ...1 show service system default NetShow 883 set service system default NNTP 884 show service system default NNTP 886 set service system default POP3 887 show service system default POP3 889 set service system default PPTP_TCP 890 show service system default PPTP_TCP 892 set service system default PPTP_TCP ips settings 893 show service system default PPTP_TCP ips settings 894 set service system defau...

Страница 28: ...ystem default SQLNet 922 show service system default SQLNet 924 set service system default SSH 925 show service system default SSH 927 set service system default SSH ips settings 928 show service system default SSH ips settings 929 set service system default TELNET 930 show service system default TELNET 932 set service system default TFTP 933 show service system default TFTP 935 service tcp 936 ad...

Страница 29: ...961 set snmp 962 set snmp 963 set snmp 964 set snmp 965 set snmp 966 set snmp 967 show snmp 968 show snmp 969 show snmp 970 show snmp 971 show snmp 972 show snmp 973 show snmp general all 974 snmp traps 975 set snmp traps 976 set snmp traps 977 set snmp traps 978 set snmp traps 979 show snmp traps 980 delete snmp traps receivers 981 show snmp traps receivers 982 show snmp traps enabled traps 983 s...

Страница 30: ...ssl inspection exception 1000 set ssl inspection exception 1001 show ssl inspection exception 1003 show ssl inspection exceptions 1004 ssl inspection policy 1005 set ssl inspection policy 1006 set ssl inspection policy https categorization only mode 1008 set ssl inspection policy inspect https protocol 1009 set ssl inspection policy inspect imaps protocol 1010 show ssl inspection policy 1011 delet...

Страница 31: ...ow switch 1035 show switches 1036 syslog server 1037 add syslog server 1038 add syslog server protocol tls 1039 delete syslog server 1040 delete syslog server 1041 delete syslog server 1042 set syslog server 1043 set syslog server 1044 set syslog server 1045 show syslog server 1046 show syslog server 1047 show syslog server 1048 show syslog server all 1049 system settings 1050 show system settings...

Страница 32: ... set threat prevention anti virus engine 1070 show threat prevention anti virus engine 1071 add threat prevention anti virus file type 1072 delete threat prevention anti virus file type 1073 set threat prevention anti virus file type 1074 show threat prevention anti virus file type 1075 show threat prevention anti virus file types 1076 delete threat prevention anti virus file type custom 1077 set ...

Страница 33: ...on 1107 add threat prevention ips network exception 1108 delete threat prevention ips network exception 1109 delete threat prevention ips network exception 1110 delete threat prevention ips network exception 1111 set threat prevention ips network exception 1112 set threat prevention ips network exception 1113 set threat prevention ips network exception 1115 show threat prevention ips network excep...

Страница 34: ...evention threat emulation additional remote emulator 1140 show threat prevention threat emulation additional remote emulator 1141 set threat prevention threat emulation file types revert actions to default 1142 threat prevention threat emulation 1143 set threat prevention threat emulation file type 1144 show threat prevention threat emulation file type 1145 show threat prevention threat emulation ...

Страница 35: ...eat prevention whitelist type url 1169 show threat prevention whitelist urls 1170 ui settings 1171 set ui settings 1172 set ui settings 1173 set ui settings 1174 show ui settings 1175 show ui settings 1176 show ui settings 1177 usb modem advanced 1178 add usb modem advanced 1179 delete usb modem advanced 1180 delete usb modem advanced all 1181 set usb modem advanced 1182 show usb modem advanced 11...

Страница 36: ...d authentication 1204 set user awareness browser based authentication 1205 set user awareness browser based authentication 1206 show user awareness 1207 show user awareness 1208 show user awareness 1209 show user awareness browser based authentication 1210 set user management 1211 show upgrade log 1212 show used ad group bookmarks 1213 upgrade from usb or tftp server 1214 vpn 1215 vpn 1216 Managin...

Страница 37: ...244 set vpn 1245 set vpn 1246 set vpn 1247 set vpn 1248 show vpn 1249 show vpn 1250 show vpn 1251 vpn remote access 1252 set vpn remote access 1253 set vpn remote access 1254 set vpn remote access 1255 set vpn remote access 1256 set vpn remote access 1257 set vpn remote access 1258 set vpn remote access 1259 set vpn remote access 1260 set vpn remote access 1261 set vpn remote access 1262 set vpn r...

Страница 38: ...et vpn remote access 1278 set vpn remote access 1279 set vpn remote access 1280 set vpn remote access 1281 set vpn remote access 1282 set vpn remote access 1283 set vpn remote access 1284 set vpn remote access 1285 set vpn remote access 1286 set vpn remote access 1287 set vpn remote access 1288 show vpn remote access 1289 show vpn remote access 1290 show vpn remote access 1291 set vpn remote acces...

Страница 39: ... 1317 set vpn site to site 1318 set vpn site to site 1319 set vpn site to site 1320 set vpn site to site 1321 set vpn site to site 1322 set vpn site to site 1323 set vpn site to site 1324 set vpn site to site 1325 set vpn site to site 1326 set vpn site to site 1327 set vpn site to site 1328 set vpn site to site 1329 set vpn site to site 1330 set vpn site to site 1331 set vpn site to site 1332 set ...

Страница 40: ... 1347 shows vpn site to site 1348 show vpn site to site 1349 shows vpn site to site 1350 set vpn site to site enc dom manual 1351 set vpn site to site enc dom manual 1352 set vpn site to site enc dom manual 1353 set vpn site to site enc dom manual 1354 vpn tunnel 1355 show vpn tunnel 1356 show vpn tunnels 1357 wlan 1358 delete wlan 1359 set wlan 1360 set wlan 1361 set wlan 1362 set wlan 1363 set w...

Страница 41: ...381 set wlan radio 1382 set wlan radio 1383 set wlan radio 1384 set wlan radio 1385 set wlan radio 1386 set wlan radio 1387 show wlan radio 1388 show wlan statistics 1389 wlan vaps 1390 add wlan vap 1391 delete wlan vaps 1392 set wlan vap wireless advanced settings protected mgmt frames 1393 set wlan vap 1394 show wlan vap wireless 1395 show wlan vaps 1396 show wlan vaps statistics 1397 zero touch...

Страница 42: ...tion SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 42 Introduction This guide contains all relevant CLI commands for the Small and Medium Business SMB 1500 appliance models n 1530 n 1550 n 1570 n 1590 ...

Страница 43: ... n You can enable login directly to expert mode To do this l Login to Expert mode using the Expert password l Run the command bashUser on l You will now always login directly to expert mode this mode is not deleted during reboot l To turn this mode off run the command bashUser off n SCP to the appliance is supported but you need to enable direct login to Expert mode Note that SFTP that is commonly...

Страница 44: ...escription Text without brackets Items you must type as shown Text inside angle brackets Placeholder for which you must supply a value Text inside square brackets Optional items Vertical pipe Separator for mutually exclusive items choose one Text inside curly brackets Set of required items choose one Ellipsis Multiple values or parameters can be entered ...

Страница 45: ... Description c Cmd Single command to execute f File File to load commands from v Verbose i Ignore cmd failure in batch mode and continue A Run as admin C List available commands h Help this message Note If the default shell in which you logged in was Gaia Clish and then you logged in to the Expert mode from it you cannot run the clish command from the Expert mode running clish expert clish command...

Страница 46: ...80 20 05 CLI Reference Guide 46 Supported Linux Commands These standard Linux commands are also supported by the Check Point Small and Medium Business Appliance CLI n arp n netstat n nslookup n ping n resize n sleep n tcpdump n top n traceroute n uptime ...

Страница 47: ...access rule type outgoing SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 47 access rule type outgoing Relevant commands for outgoing access rule ...

Страница 48: ...ation negate application negate limit application download true limit limit false limit application upload true limit limit false Parameters Parameter Description action The action taken when there is a match on the rule Options block accept ask inform block inform application id Applications or web sites that are accepted or blocked application name Applications or web sites that are accepted or ...

Страница 49: ... not log Log Create log Alert log with alert Account account rule Options none log alert account name name Type A string of alphanumeric characters without space between them position The order of the rule in comparison to other manual rules Type Decimal number position above The order of the rule in comparison to other manual rules Type Decimal number position below The order of the rule in compa...

Страница 50: ... TEXT source negate true destination TEXT destination negate true service TEXT service negate true disabled true comment This is a comment hours range enabled true hours range from 23 20 hours range to 23 20 position 2 name word application name hasOne application negate true limit application download true limit 200 limit application upload true limit 5 ...

Страница 51: ... rule position or rule name Syntax delete access rule type outgoing position position delete access rule type outgoing name name Parameters Parameter Description position The order of the rule in comparison to other manual rules Type Decimal number name name Type A string of alphanumeric characters without space between them Example delete access rule type outgoing position 2 delete access rule ty...

Страница 52: ...cation download true limit limit false limit application upload true limit limit false set access rule type outgoing name name action action log log source source source negate source negate destination destination destination negate destination negate service service service negate service negate disabled disabled comment comment hours range enabled true hours range from hours range from hours ra...

Страница 53: ...ype Boolean true false hours range enabled If true time is configured Type Boolean true false hours range from Time in the format HH MM Type A time format hh mm hours range to Time in the format HH MM Type A time format hh mm limit Applications traffic upload limit in kbps Type A number with no fractional part integer limit application download If true download is limited Type Boolean true false l...

Страница 54: ...e Example set access rule type outgoing position 2 action block log none source TEXT source negate true destination TEXT destination negate true service TEXT service negate true disabled true comment This is a comment hours range enabled true hours range from 23 20 hours range to 23 20 position 2 name word application name hasOne application negate true limit application download true limit 100 li...

Страница 55: ...g to name or position Syntax show access rule type outgoing name name show access rule type outgoing position position Parameters Parameter Description name name Type A string of alphanumeric characters without space between them position The order of a manual rule in comparison to other manual rules Type Decimal number Example show access rule type outgoing position 2 show access rule type outgoi...

Страница 56: ... incoming internal and vpn SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 56 access rule type incoming internal and vpn Commands relevant for firewall access rule to the incoming internal VPN traffic Rule Base ...

Страница 57: ...osition position position above position above position below position below name name vpn vpn Parameters Parameter Description action The action taken when there is a match on the rule Options block accept ask inform block inform comment Description of the rule Type A string that contains less than 257 characters of this set 0 9 a z or destination Network object that is the target of the connecti...

Страница 58: ...Type Decimal number service The network service object that the rule should match to service negate If true the service is everything except what is defined in the service field Type Boolean true false source Network object or user group that initiates the connection source negate If true the source is all traffic except what is defined in the source field Type Boolean true false vpn Indicates if ...

Страница 59: ... rule position Syntax delete access rule type incoming internal and vpn name name delete access rule type incoming internal and vpn position position Parameters Parameter Description name Name Type A string of alphanumeric characters without space between them position The order of the rule in comparison to other manual rules Type Decimal number Example delete access rule type incoming internal an...

Страница 60: ...cess rule type incoming internal and vpn name name action action log log source source source negate source negate destination destination destination negate destination negate service service service negate service negate disabled disabled comment comment hours range enabled true hours range from hours range from hours range to hours range to false position position position above position above ...

Страница 61: ...es Type Decimal number position below The order of the rule in comparison to other manual rules Type Decimal number service The network service object that the rule should match to service negate If true the service is everything except what is defined in the service field Type Boolean true false source Network object or user group that initiates the connection source negate If true the source is ...

Страница 62: ...ess rule type incoming internal and vpn name word action block log none source TEXT source negate true destination TEXT destination negate true service TEXT service negate true disabled true comment This is a comment hours range enabled true hours range from 23 20 hours range to 23 20 position 2 name word vpn true ...

Страница 63: ...or name Syntax show access rule type incoming internal and vpn position position show access rule type incoming internal and vpn name name Parameters Parameter Description position The order of a manual rule in comparison to other manual rules Type Decimal number name name Type A string of alphanumeric characters without space between them Example show access rule type incoming internal and vpn po...

Страница 64: ...additional hw settings SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 64 additional hw settings Relevant commands for additional hardware settings ...

Страница 65: ...yntax set additional hw settings reset timeout reset timeout Parameters Parameter Description reset timeout Indicates the amount of time in seconds that you need to press and hold the factory defaults button on the back panel to restore to the factory defaults image Type A number with no fractional part integer Example set additional hw settings reset timeout 15 ...

Страница 66: ... Appliance Series R80 20 05 CLI Reference Guide 66 show additional hw settings Description Shows advanced hardware related setings Syntax show additional hw settings Parameters Parameter Description n a Example show additional hw settings ...

Страница 67: ...additional management settings SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 67 additional management settings Commands relevant for additional management settings ...

Страница 68: ...ngs advanced settings install temporary policy to storage advanced settings install temporary policy to storage Parameters Parameter Description advanced settings install temporary policy to storage Indicates whether the temporary policy installation files will be saved to the storage partition Type Boolean true false Example set additional management settings advanced settings install temporary p...

Страница 69: ...80 20 05 CLI Reference Guide 69 show additional management settings Description Show the additional management settings that were configured Syntax show additional management settings Parameters Parameter Description n a Example show additional management settings ...

Страница 70: ...ad server SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 70 ad server Relevant commands for ad server ...

Страница 71: ...nch of the domain to be used Type An LDAP DN domain Domain name Type Host name ipv4 address Domain controller IP address password The user s password Type A string that contains alphanumeric and special characters use branch path Select only if you want to use only part of the user database defined in the Active Directory Type Boolean true false user dn FQDN of the user Type An LDAP DN username A ...

Страница 72: ...80 20 05 CLI Reference Guide 72 delete ad server Description Deletes an existing Active Directory server object Syntax delete ad server domain Parameters Parameter Description domain Domain name Type Host name Example delete ad server myHost com ...

Страница 73: ...he branch of the domain to be used Type An LDAP DN domain Domain name Type Host name ipv4 address Domain controller IP address password The user s password Type A string that contains alphanumeric and special characters use branch path Select only if you want to use only part of the user database defined in the Active Directory Type Boolean true false user dn FQDN of the user Type An LDAP DN usern...

Страница 74: ...20 05 CLI Reference Guide 74 show ad server Description Shows settings of a configured Active Directory server object Syntax show ad server domain Parameters Parameter Description domain Domain name Type Host name Example show ad server myHost com ...

Страница 75: ...B 1500 Appliance Series R80 20 05 CLI Reference Guide 75 show ad servers Description Shows settings of all configured AD server objects Syntax show ad servers Parameters Parameter Description n a Example show ad servers ...

Страница 76: ...address range SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 76 address range Relevant commands for address range ...

Страница 77: ...nd ipv4 dhcp exclude ip addr dhcp exclude ip addr Parameters Parameter Description dhcp exclude ip addr Indicates if the object s IP address es is excluded from internal DHCP daemon Options on off end ipv4 The end of the IP range name Network Object name Type String start ipv4 The beginning of the IP range Example add address range name TEXT start ipv4 192 168 1 1 end ipv4 192 168 1 1 dhcp exclude...

Страница 78: ...es R80 20 05 CLI Reference Guide 78 delete address range Description Deletes an existing address range object Syntax delete address range name Parameters Parameter Description name Network Object name Type String Example delete address range TEXT ...

Страница 79: ...ipv4 end ipv4 dhcp exclude ip addr dhcp exclude ip addr Parameters Parameter Description dhcp exclude ip addr Indicates if the object s IP address es is excluded from internal DHCP daemon Options on off end ipv4 The end of the IP range name Network Object name Type String start ipv4 The beginning of the IP range Example set address range TEXT name TEXT start ipv4 192 168 1 1 end ipv4 192 168 1 1 d...

Страница 80: ...0 20 05 CLI Reference Guide 80 show address range Description Shows settings of a configured IP address range object Syntax show address range name Parameters Parameter Description name Network Object name Type String Example show address range TEXT ...

Страница 81: ...Appliance Series R80 20 05 CLI Reference Guide 81 show address ranges Description Shows settings of all configured IP address range objects Syntax show address ranges Parameters Parameter Description n a Example show address ranges ...

Страница 82: ...admin access SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 82 admin access Relevant commands for admin access ...

Страница 83: ...iance Syntax add admin access ipv4 address single ipv4 address network ipv4 address ip_addr subnet mask netmask mask length mask_length Parameters Parameter Description ip_addr IPv4 address mask_length Interface mask length a value between 1 32 netmask Interface IPv4 address subnet mask Return Value 0 on success 1 on failure Example add admin access ipv4 address network ipv4 address 1 1 1 1 subnet...

Страница 84: ...Boolean true false allowed ipv4 addresses Administrator access permissions policy for source IP addresses Options any from ip list any except internet ssh access port SSH Port Type Port number support weak tls version For security reasons it is highly recommended never to change this parameter s value Support of TLSv1 0 will be added back to the administration portal to allow connectivity with old...

Страница 85: ...500 Appliance Series R80 20 05 CLI Reference Guide 85 show admin access Description Shows settings of administrator access configuration Syntax show admin access Parameters Parameter Description n a Example show admin access ...

Страница 86: ...admin access ip addresses SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 86 admin access ip addresses Relevant commands for admin access IP addresses ...

Страница 87: ...Reference Guide 87 show admin access ip addresses Description Show all the configured IP addresses that are permitted for administrator access to the appliance Syntax show admin access ip addresses Parameters Parameter Description n a Example show admin access ip addresses ...

Страница 88: ...R80 20 05 CLI Reference Guide 88 delete admin access ip address all Description Delete all the reserved IP addresses for administrator access Syntax delete admin access ip address all Parameters Parameter Description n a Example delete admin access ip address all ...

Страница 89: ...admin access ipv4 address SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 89 admin access ipv4 address Relevant commands for admin access IPv4 addresses ...

Страница 90: ...00 Appliance Series R80 20 05 CLI Reference Guide 90 add admin access ipv4 address Adds a specific IPv4 address or an IPv4 address network and mask from which the administrator can remotely access the appliance according to configuration ...

Страница 91: ... specific IPv4 address from which the administrator can remotely access the appliance according to configuration Syntax add admin access ipv4 address single ipv4 address single ipv4 address Parameters Parameter Description single ipv4 address IP address Type IP address Example add admin access ipv4 address single ipv4 address 192 168 1 1 ...

Страница 92: ...ding to configuration Syntax add admin access ipv4 address network ipv4 address network ipv4 address subnet mask subnet mask mask length mask length Parameters Parameter Description mask length Subnet mask length Type A string that contains numbers only network ipv4 address IP address Type IP address subnet mask Subnet mask Type Subnet mask Example add admin access ipv4 address network ipv4 addres...

Страница 93: ...ion Deletes a specific IPv4 address or an IPv4 network and subnet from which the administrator can remotely access the appliance according to configuration Syntax delete admin access ipv4 address ipv4 address Parameters Parameter Description ipv4 address IP address Type IP address Example delete admin access ipv4 address 192 168 1 1 ...

Страница 94: ...nce Series R80 20 05 CLI Reference Guide 94 show admin access ipv4 addresses Description Shows allowed IP addresses for admin access Syntax show admin access ipv4 addresses Parameters Parameter Description n a Example show admin access ipv4 addresses ...

Страница 95: ...lete admin access ipv4 address all Description Deletes all configured IPv4 addresses from which the administrator can remotely access the appliance according to configuration Syntax delete admin access ipv4 address all Parameters Parameter Description n a Example delete admin access ipv4 address all ...

Страница 96: ...administrator SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 96 administrator Relevant commands for admininstrators ...

Страница 97: ...word hash permission permission Parameters Parameter Description password hash Virtual field used for calculating a hashed password Type An encrypted password permission The administrator role and permissions Options read write readonly networking username Indicates the administrator user name Type A string that contains A Z 0 9 and _ characters Example add administrator username admin password ha...

Страница 98: ...es an existing defined administrator The system will not allow deletion of the last administrator Syntax delete administrator username username Parameters Parameter Description username Indicates the administrator user name Type A string that contains A Z 0 9 and _ characters Example delete administrator username admin ...

Страница 99: ...set administrator SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 99 set administrator Configures an existing user with administrator privileges ...

Страница 100: ...dministrator You will be prompted to add a new password following this command this command cannot be used in a script Syntax set administrator username username password Parameters Parameter Description username Indicates the administrator user name Type A string that contains A Z 0 9 and _ characters Example set administrator username admin password ...

Страница 101: ...rmission password hash password hash Parameters Parameter Description password hash Virtual field used for calculating a hashed password Type An encrypted password permission The administrator role and permissions Options read write readonly networking username Indicates the administrator user name Type A string that contains A Z 0 9 and _ characters Example set administrator username admin permis...

Страница 102: ...set administrators SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 102 set administrators Configure users with administrator privileges through a RADIUS server ...

Страница 103: ... Parameters Parameter Description permission Administrators role Options read write readonly networking radius auth Administrators RADIUS authentication Type Boolean true false radius groups RADIUS groups for authentication Example RADIUS group1 RADIUS class2 Type A string that contains A Z 0 9 _ and space characters use radius groups Use RADIUS groups for authentication Type Boolean true false Ex...

Страница 104: ...r Description Shows settings of an existing user with administrator privileges Syntax show administrator username username Parameters Parameter Description username Indicates the administrator user name Type A string that contains A Z 0 9 and _ characters Example show administrator username admin ...

Страница 105: ...show administrators SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 105 show administrators Shows settings of all users with administrator privileges ...

Страница 106: ...ppliance Series R80 20 05 CLI Reference Guide 106 show administrators Description Shows settings of all users with administrator privileges Syntax show administrators Parameters Parameter Description n a Example show administrators ...

Страница 107: ... 05 CLI Reference Guide 107 show administrators Description Shows advanced settings of all users with administrator privileges Syntax show administrators advanced settings Parameters Parameter Description n a Example show administrators advanced settings ...

Страница 108: ...administrators radius auth SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 108 administrators radius auth Relevant commands for administrator radius authentication ...

Страница 109: ...uide 109 set administrators radius auth Description Configure the administrator role on the RADIUS Syntax set administrators radius auth enable disable use radius roles true false Parameters Parameter Description n a Example set administrators radius auth enable use radius roles true ...

Страница 110: ...ers text Syntax set administrators radius auth enable disable use radius roles false permission readonly read write networking use radius groups group_ name Parameters Parameter Description admin role n Read Only n Read Write n Networking group_name The name of the radius group Example set administrators radius auth enable use radius roles false permission networking use radius groups group_name ...

Страница 111: ...0 20 05 CLI Reference Guide 111 show administrators radius auth Description Shows RADIUS related settings for users with administrator privileges Syntax show administrators radius auth Parameters Parameter Description n a Example show administrators radius auth ...

Страница 112: ...stomize roles true roles conf roles conf false Parameters Parameter Description customize roles Customize administrators roles permissions Type Boolean true false roles conf The configuration of administrator roles in base64 format To get the right configuration contact Check Point Support Type base64 Example set administrators roles settings customize roles true roles conf base64 show administrat...

Страница 113: ...show administrators radius auth SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 113 Parameters Parameter Description n a Example show administrators roles settings ...

Страница 114: ...administrator session settings SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 114 administrator session settings Relevant commands for administrator session settings ...

Страница 115: ...rt integer lock period Once locked out the administrator will be unable to login for this long Type A number with no fractional part integer lockout enable Limit administrators login failure attempts Options on off max lockout attempts The maximum number of consecutive login failure attempts before the administrator is locked out Type A number with no fractional part integer password complexity le...

Страница 116: ...0 20 05 CLI Reference Guide 116 show administrator session settings Description Shows session settings for users with administrator privileges Syntax show administrator session settings Parameters Parameter Description n a Example show administrator session settings ...

Страница 117: ... 20 05 CLI Reference Guide 117 show adsl statistics Description Shows statistics regarding the DSL internet connection applicable on appliance models with DSL Syntax show adsl statistics Parameters Parameter Description n a Example show adsl statistics ...

Страница 118: ...aggressive aging SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 118 aggressive aging Relevant commands for aggressive aging ...

Страница 119: ... Reference Guide 119 set aggressive aging Configures aggressive aging feature s behavior Aggressive Aging is designed to optimize how the device is dealing with a large connection number by aggressively reducing the timeout of existing connections when necessary ...

Страница 120: ...nable udp timeout enable general general log log connt limit high watermark pct connt limit high watermark pct connt mem high watermark pct connt mem high watermark pct memory conn status memory conn status Parameters Parameter Description connt limit high watermark pct Connection table percentage limit Type A number with no fractional part integer connt mem high watermark pct Memory consumption p...

Страница 121: ...p end timeout TCP termination reduced timeout Type A number with no fractional part integer tcp end timeout enable Enable reduced timeout for TCP termination Type Boolean true false tcp start timeout TCP handshake reduced timeout Type A number with no fractional part integer tcp start timeout enable Enable reduced timeout for TCP handshake Type Boolean true false tcp timeout TCP session reduced ti...

Страница 122: ... other timeout enable true pending timeout 30 pending timeout enable true tcp end timeout 3600 tcp end timeout enable true tcp start timeout 3600 tcp start timeout enable true tcp timeout 3600 tcp timeout enable true udp timeout 3600 udp timeout enable true general true log log connt limit high watermark pct 80 connt mem high watermark pct 80 memory conn status both ...

Страница 123: ...able log log connt mem high watermark pct connt mem high watermark pct tcp end timeout enable tcp end timeout enable icmp timeout icmp timeout tcp end timeout tcp end timeout memory conn status memory conn status pending timeout pending timeout other timeout other timeout Parameters Parameter Description n a Example set aggressive aging advanced settings connections other timeout enable true connt...

Страница 124: ...show aggressive aging SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 124 show aggressive aging Shows aggressive aging settings ...

Страница 125: ... SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 125 show aggressive aging Description Shows aggressive aging settings Syntax show aggressive aging Parameters Parameter Description n a Example show aggressive aging ...

Страница 126: ...ries R80 20 05 CLI Reference Guide 126 show aggressive aging Description Shows aggressive aging advanced settings Syntax show aggressive aging advanced settings Parameters Parameter Description n a Example show aggressive aging advanced settings ...

Страница 127: ...antispam SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 127 antispam Relevant commands for Anti Spam Software Blade and settings ...

Страница 128: ...set antispam SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 128 set antispam Configures policy for Anti Spam blade ...

Страница 129: ...ag subject Options block flag header flag subject action suspected spam email content Action to be used upon suspected spam detection in email content block flag header flag subject Options block flag header flag subject detect mode Detect Only mode on off Type Boolean true false detection method Type of spam detection Either Sender s IP address or both Sender s IP address and content based detect...

Страница 130: ...ls Type Boolean true false suspected spam log Tracking options for suspected spam emails log alert or none Options none log alert Example set antispam mode on detection method email content log none action spam email content block flag subject stamp several words detect mode true specify suspected spam settings true suspected spam log none action suspected spam email content block flag suspected s...

Страница 131: ...nce Guide 131 set antispam Description Configures advanced setting for the Anti Spam blade Syntax set antispam advanced settings ip rep fail open ip rep fail open Parameters Parameter Description n a Example set antispam advanced settings ip rep fail open true ...

Страница 132: ...rence Guide 132 set antispam Description Configures advanced setting for the Anti Spam blade Syntax set antispam advanced settings email size scan email size scan Parameters Parameter Description n a Example set antispam advanced settings email size scan 1024 ...

Страница 133: ...eference Guide 133 set antispam Description Configures advanced setting for the Anti Spam blade Syntax set antispam advanced settings scan outgoing scan outgoing Parameters Parameter Description n a Example set antispam advanced settings scan outgoing true ...

Страница 134: ... Guide 134 set antispam Description Configures advanced setting for the Anti Spam blade Syntax set antispam advanced settings spam engine timeout spam engine timeout Parameters Parameter Description n a Example set antispam advanced settings spam engine timeout 15 ...

Страница 135: ...nce Guide 135 set antispam Description Configures advanced setting for the Anti Spam blade Syntax set antispam advanced settings allow mail track allow mail track Parameters Parameter Description n a Example set antispam advanced settings allow mail track none ...

Страница 136: ...ce Guide 136 set antispam Description Configures advanced setting for the Anti Spam blade Syntax set antispam advanced settings transparent proxy transparent proxy Parameters Parameter Description n a Example set antispam advanced settings transparent proxy true ...

Страница 137: ...ference Guide 137 set antispam Description Configures advanced setting for the Anti Spam blade Syntax set antispam advanced settings ip rep timeout ip rep timeout Parameters Parameter Description n a Example set antispam advanced settings ip rep timeout 15 ...

Страница 138: ...et antispam Description Configures advanced setting for the Anti Spam blade Syntax set antispam advanced settings spam engine all mail track spam engine all mail track Parameters Parameter Description n a Example set antispam advanced settings spam engine all mail track none ...

Страница 139: ...show antispam SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 139 show antispam Shows the configured policy for the Anti Spam blade ...

Страница 140: ...MB 1500 Appliance Series R80 20 05 CLI Reference Guide 140 show antispam Description Shows the configured policy for the Anti Spam blade Syntax show antispam Parameters Parameter Description n a Example show antispam ...

Страница 141: ...0 05 CLI Reference Guide 141 show antispam Description Shows the advanced settings in the configured policy for the Anti Spam blade Syntax show antispam advanced settings Parameters Parameter Description n a Example show antispam advanced settings ...

Страница 142: ...antispam allowed sender SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 142 antispam allowed sender ...

Страница 143: ...add antispam allowed sender SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 143 add antispam allowed sender Adds a new Anti Spam allow exception ...

Страница 144: ...ispam allowed sender Description Adds a new Anti Spam allow exception for a specific IP address Syntax add antispam allowed sender ipv4 addr ipv4 addr Parameters Parameter Description ipv4 addr Anti Spam allowed IP address Type IP address Example add antispam allowed sender ipv4 addr 192 168 1 1 ...

Страница 145: ...tion Adds a new Anti Spam allow exception for a sender email or domain Syntax add antispam allowed sender sender or domain sender or domain Parameters Parameter Description sender or domain Anti Spam allowed domain or sender Type A domain or email address Example add antispam allowed sender sender or domain myEmail mail com ...

Страница 146: ...delete antispam allowed sender SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 146 delete antispam allowed sender Deletes an existing Anti Spam allow exception ...

Страница 147: ...eries R80 20 05 CLI Reference Guide 147 delete antispam allowed sender Description Deletes all existing Anti Spam allow exceptions Syntax delete antispam allowed sender all Parameters Parameter Description n a Example delete antispam allowed sender all ...

Страница 148: ...letes an existing Anti Spam allow exception for sender s email or domain Syntax delete antispam allowed sender sender or domain sender or domain Parameters Parameter Description sender or domain Anti Spam allowed domain or sender Type A domain name or email address Example delete antispam allowed sender sender or domain myEmail mail com ...

Страница 149: ... allowed sender Description Deletes an existing Anti Spam allow exception for a specific IPv4 address Syntax delete antispam allowed sender ipv4 addr ipv4 addr Parameters Parameter Description ipv4 addr Anti Spam allowed IP address Type IP address Example delete antispam allowed sender ipv4 addr 192 168 1 1 ...

Страница 150: ...e Series R80 20 05 CLI Reference Guide 150 show antispam allowed senders Description Shows the allowed exceptions for the Anti Spam blade Syntax show antispam allowed senders Parameters Parameter Description n a Example show antispam allowed senders ...

Страница 151: ...antispam blocked sender SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 151 antispam blocked sender ...

Страница 152: ...add antispam blocked sender SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 152 add antispam blocked sender Adds a new Anti Spam block exception ...

Страница 153: ...ispam blocked sender Description Adds a new Anti Spam block exception for a specific IP address Syntax add antispam blocked sender ipv4 addr ipv4 addr Parameters Parameter Description ipv4 addr Anti Spam blocked IP address Type IP address Example add antispam blocked sender ipv4 addr 192 168 1 1 ...

Страница 154: ...n Adds a new Anti Spam block exception for a sender email or domain Syntax add antispam blocked sender sender or domain sender or domain Parameters Parameter Description sender or domain Anti Spam blocked domain or sender Type A domain name or email address Example add antispam blocked sender sender or domain myEmail mail com ...

Страница 155: ...delete antispam blocked sender SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 155 delete antispam blocked sender Deletes an existing Anti Spam block exception ...

Страница 156: ...eries R80 20 05 CLI Reference Guide 156 delete antispam blocked sender Description Deletes all existing Anti Spam block exceptions Syntax delete antispam blocked sender all Parameters Parameter Description n a Example delete antispam blocked sender all ...

Страница 157: ...letes an existing Anti Spam block exception for sender s email or domain Syntax delete antispam blocked sender sender or domain sender or domain Parameters Parameter Description sender or domain Anti Spam blocked domain or sender Type A domain name or email address Example delete antispam blocked sender sender or domain myEmail mail com ...

Страница 158: ... blocked sender Description Deletes an existing Anti Spam block exception for a specific IPv4 address Syntax delete antispam blocked sender ipv4 addr ipv4 addr Parameters Parameter Description ipv4 addr Anti Spam blocked IP address Type IP address Example delete antispam blocked sender ipv4 addr 192 168 1 1 ...

Страница 159: ...e Series R80 20 05 CLI Reference Guide 159 show antispam blocked senders Description Shows the blocked exceptions for the Anti Spam blade Syntax show antispam blocked senders Parameters Parameter Description n a Example show antispam blocked senders ...

Страница 160: ...application SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 160 application Relevant commands for application ...

Страница 161: ...add application SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 161 add application Adds a new custom application object string or regular expression signature over URL ...

Страница 162: ...tion url application url Parameters Parameter Description application name Application name Type URL application url Contains the URLs related to this application category The primary category for the application the category which is the most relevant regex url Indicates if regular expressions are used instead of partial strings Type Boolean true false Example add application application name htt...

Страница 163: ...e 163 add application Description Simplified method for adding a new custom application object string over URL Syntax add application url application url Parameters Parameter Description application url Application URL Example add application url http somehost example com ...

Страница 164: ...delete application SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 164 delete application Deletes an existing custom application object string or regular expression signature over URL ...

Страница 165: ...escription Deletes an existing custom application object by application ID Syntax delete application application id application id Parameters Parameter Description application id The ID of the application Type A number with no fractional part integer Example delete application application id 1000000 ...

Страница 166: ...ication Description Deletes an existing custom application object by application name Syntax delete application application name application name Parameters Parameter Description application name Application name Type URL Example delete application application name http somehost example com ...

Страница 167: ...167 find application Description Find an application by name or partial string to view further details regarding it Syntax find application application name Parameters Parameter Description application name Application or group name Type String Example find application TEXT ...

Страница 168: ...set application SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 168 set application Configures an existing custom application object ...

Страница 169: ... to an existing custom application object by name Syntax set application application name application name add url url Parameters Parameter Description application name Application name Type URL url Application URL Example set application application name http somehost example com add url http somehost example com ...

Страница 170: ...rom an existing custom application object by name Syntax set application application name application name remove url url Parameters Parameter Description application name Application name Type URL url Application URL Example set application application name http somehost example com remove url http somehost example com ...

Страница 171: ...isting custom application object by ID Syntax set application application id application id add url url Parameters Parameter Description application id The ID of the application Type A number with no fractional part integer url Application URL Example set application application id 12345678 add url http somehost example com ...

Страница 172: ...sting custom application object by ID Syntax set application application id application id remove url url Parameters Parameter Description application id The ID of the application Type A number with no fractional part integer url Application URL Example set application application id 12345678 remove url http somehost example com ...

Страница 173: ...gory to an existing custom application object by name Syntax set application application name application name add category category Parameters Parameter Description application name Application name Type URL category Category name Example set application application name http somehost example com add category TEXT ...

Страница 174: ...ry from an existing custom application object by name Syntax set application application name application name remove category category Parameters Parameter Description application name Application name Type URL category Category name Example set application application name http somehost example com remove category TEXT ...

Страница 175: ...n existing custom application object by ID Syntax set application application id application id add category category Parameters Parameter Description application id The ID of the application Type A number with no fractional part integer category Category name Example set application application id 12345678 add category TEXT ...

Страница 176: ... existing custom application object by ID Syntax set application application id application id remove category category Parameters Parameter Description application id The ID of the application Type A number with no fractional part integer category Category name Example set application application id 12345678 remove category TEXT ...

Страница 177: ...ategory regex url regex url Parameters Parameter Description application id The ID of the application Type A number with no fractional part integer category The primary category for the application the category which is the most relevant regex url Indicates if regular expressions are used instead of partial strings Type Boolean true false Example set application application id 12345678 category TE...

Страница 178: ...name category category regex url regex url Parameters Parameter Description application name Application name Type URL category The primary category for the application the category which is the most relevant regex url Indicates if regular expressions are used instead of partial strings Type Boolean true false Example set application application name http somehost example com category TEXT regex u...

Страница 179: ...show application SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 179 show application Shows details for a specific application in the Application Control database ...

Страница 180: ...cription Shows details for a specific application in the Application Control database by application name Syntax show application application name application name Parameters Parameter Description application name Application or group name Type String Example show application application name TEXT ...

Страница 181: ...ls for a specific application in the Application Control database by application ID Syntax show application application id application id Parameters Parameter Description application id The ID of the application or the group Type A number with no fractional part integer Example show application application id 12345678 ...

Страница 182: ...ons SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 182 show applications Description Shows details of all applications Syntax show applications Parameters Parameter Description n a Example show applications ...

Страница 183: ...application control SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 183 application control ...

Страница 184: ...orrents and peer to peer applications Type Boolean true false block inappropriate content Control content by blocking Internet access to websites with inappropriate content such as sex violence weapons gambling and alcohol Type Boolean true false block other undesired applications Manually add and block applications or categories of URLs to a group of undesired applications Type Boolean true false...

Страница 185: ...ber with no fractional part integer url flitering only Indicates if enable URL Filtering and detection only mode is enabled Type Boolean true false Example set application control mode true url flitering only true block security categories true block inappropriate content true block other undesired applications true block file sharing applications true limit bandwidth true limit upload true set li...

Страница 186: ...e Series R80 20 05 CLI Reference Guide 186 show application control Description Shows the configured policy for the Application Control blade Syntax show application control Parameters Parameter Description n a Example show application control ...

Страница 187: ... undesired applications Description Shows the content of the custom Other Undesired Applications group This group can be chosen to be blocked by default by the Application Control policy Syntax show application control other undesired applications Parameters Parameter Description n a Example show application control other undesired applications ...

Страница 188: ...application control engine settings SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 188 application control engine settings ...

Страница 189: ...et application control engine settings SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 189 set application control engine settings Configures Application Control blade s advanced engine settings ...

Страница 190: ... control engine settings Description Configures Application Control blade s advanced engine settings Syntax set application control engine settings advanced settings fail mode fail mode Parameters Parameter Description n a Example set application control engine settings advanced settings fail mode allow all requests ...

Страница 191: ...res Application Control blade s advanced engine settings Syntax set application control engine settings advanced settings block requests when web service unavailable block requests when web service unavailable Parameters Parameter Description n a Example set application control engine settings advanced settings block requests when web service unavailable true ...

Страница 192: ... engine settings Description Configures Application Control blade s advanced engine settings Syntax set application control engine settings advanced settings enforce safe search enforce safe search Parameters Parameter Description n a Example set application control engine settings advanced settings enforce safe search true ...

Страница 193: ...Description Configures Application Control blade s advanced engine settings Syntax set application control engine settings advanced settings web site categorization mode web site categorization mode Parameters Parameter Description n a Example set application control engine settings advanced settings web site categorization mode background ...

Страница 194: ...rol engine settings Description Configures Application Control blade s advanced engine settings Syntax set application control engine settings advanced settings track browse time track browse time Parameters Parameter Description n a Example set application control engine settings advanced settings track browse time true ...

Страница 195: ...gs Description Configures Application Control blade s advanced engine settings Syntax set application control engine settings advanced settings http referrer identification http referrer identification Parameters Parameter Description n a Example set application control engine settings advanced settings http referrer identification true ...

Страница 196: ...Configures Application Control blade s advanced engine settings Syntax set application control engine settings advanced settings categorize cached and translated pages categorize cached and translated pages Parameters Parameter Description n a Example set application control engine settings advanced settings categorize cached and translated pages true ...

Страница 197: ...e Guide 197 show application control engine settings Description Shows advanced settings of the Application Control blade Syntax show application control engine settings advanced settings Parameters Parameter Description n a Example show application control engine settings advanced settings ...

Страница 198: ...application group SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 198 application group ...

Страница 199: ... Description Adds a new group object for applications Syntax add application group name name Parameters Parameter Description name Application group name Type A string that begins with a letter and contain up to 32 alphanumeric 0 9 a z _ characters without spaces Example add application group name users ...

Страница 200: ...delete application group SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 200 delete application group Deletes an existing group object of applications ...

Страница 201: ...eletes an existing group object of applications by group object name Syntax delete application group name name Parameters Parameter Description name Application group name Type A string that begins with a letter and contain up to 32 alphanumeric 0 9 a z _ characters without spaces Example delete application group name users ...

Страница 202: ...s an existing group object of applications by group object ID Syntax delete application group application group id application group id Parameters Parameter Description application group id The ID of the application group Type A number with no fractional part integer Example delete application group application group id 12345678 ...

Страница 203: ...set application group SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 203 set application group Configures an existing application group object ...

Страница 204: ... application s name Syntax set application group name name add application name application name Parameters Parameter Description application name Application or group name name Application group name Type A string that begins with a letter and contain up to 32 alphanumeric 0 9 a z _ characters without spaces Example set application group name users add application name hasMany ...

Страница 205: ...application s name Syntax set application group name name remove application name application name Parameters Parameter Description application name Application or group name name Application group name Type A string that begins with a letter and contain up to 32 alphanumeric 0 9 a z _ characters without spaces Example set application group name users remove application name hasMany ...

Страница 206: ...pplication s ID Syntax set application group name name add application id application id Parameters Parameter Description application id The ID of the application or the group name Application group name Type A string that begins with a letter and contain up to 32 alphanumeric 0 9 a z _ characters without spaces Example set application group name users add application id hasMany ...

Страница 207: ...pplication s ID Syntax set application group name name remove application id application id Parameters Parameter Description application id The ID of the application or the group name Application group name Type A string that begins with a letter and contain up to 32 alphanumeric 0 9 a z _ characters without spaces Example set application group name users remove application id hasMany ...

Страница 208: ...e using group object s ID Syntax set application group application group id application group id add application name application name Parameters Parameter Description application group id The ID of the application group Type A number with no fractional part integer application name Application or group name Example set application group application group id 12345678 add application name hasMany ...

Страница 209: ... using group object s ID Syntax set application group application group id application group id remove application name application name Parameters Parameter Description application group id The ID of the application group Type A number with no fractional part integer application name Application or group name Example set application group application group id 12345678 remove application name hasM...

Страница 210: ...ing group object s ID Syntax set application group application group id application group id add application id application id Parameters Parameter Description application group id The ID of the application group Type A number with no fractional part integer application id The ID of the application or the group Example set application group application group id 12345678 add application id hasMany ...

Страница 211: ...ing group object s ID Syntax set application group application group id application group id remove application id application id Parameters Parameter Description application group id The ID of the application group Type A number with no fractional part integer application id The ID of the application or the group Example set application group application group id 12345678 remove application id ha...

Страница 212: ...show application group SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 212 show application group shows the configuration of the Application group objects ...

Страница 213: ...he configuration of a specific application group object by ID Syntax show application group application group id application group id Parameters Parameter Description application group id The ID of the application group Type A number with no fractional part integer Example show application group application group id 12345678 ...

Страница 214: ...ows the configuration of a specific application group object by name Syntax show application group name name Parameters Parameter Description name Application group name Type A string that begins with a letter and contain up to 32 alphanumeric 0 9 a z _ characters without spaces Example show application group name users ...

Страница 215: ... Series R80 20 05 CLI Reference Guide 215 show application groups Description Shows the configuration of all specific application group objects Syntax show application groups Parameters Parameter Description n a Example show application groups ...

Страница 216: ...antispoofing SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 216 antispoofing ...

Страница 217: ...7 set antispoofing Description Configures the activation of the IP address Anti Spoofing feature Syntax set antispoofing advanced settings global activation global activation Parameters Parameter Description n a Example set antispoofing advanced settings global activation true ...

Страница 218: ...0 05 CLI Reference Guide 218 show antispoofing Description Shows the configuration for IP addresses Anti Spoofing functionality Syntax show antispoofing advanced settings Parameters Parameter Description n a Example show antispoofing advanced settings ...

Страница 219: ...tftp server serverIP filename filename file encryption off on password pass backup policy on off add comment comment Parameters Parameter Description comment Comment that is added to the file filename Name of the backup file pass Password for the file Alphanumeric and special characters are allowed serverIP IPv4 address of the TFTP server Return Value 0 on success 1 on failure Example backup setti...

Страница 220: ... of previous backup settings operations Syntax show backup settings log info from tftp server server filename file from usb filename file Parameters Parameter Description server IP address or host name of the TFTP server file Name of backup file Example show backup settings log show backup settings info from usb filename backup Output Success shows backup settings information Failure shows an appr...

Страница 221: ...blade update schedule SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 221 blade update schedule ...

Страница 222: ...set blade update schedule SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 222 set blade update schedule Configures schedule for Software Blade updates ...

Страница 223: ...ekly this is the weekday in which it occurs Options sunday monday tuesday wednesday thursday friday saturday hour interval If the update occurs hourly this indicates the hour interval between each update Type A number with no fractional part integer recurrence The recurrence of the updates hourly daily weekly or monthly Type Press TAB to see available options schedule anti bot Indicates if Anti Bo...

Страница 224: ...ference Guide 224 Parameter Description time The hour of the update Format HH MM in 24 hour clock Type A time format hh mm Example set blade update schedule schedule ips true schedule anti bot true schedule anti virus true schedule appi true recurrence daily time 23 20 ...

Страница 225: ... blade update schedule Description Configures advanced settings for Software Blade updates Syntax set blade update schedule advanced settings max num of retries max num of retries Parameters Parameter Description n a Example set blade update schedule advanced settings max num of retries 10 ...

Страница 226: ...blade update schedule Description Configures advanced settings for Software Blade updates Syntax set blade update schedule advanced settings timeout until retry timeout until retry Parameters Parameter Description n a Example set blade update schedule advanced settings timeout until retry 10 ...

Страница 227: ...show blade update schedule SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 227 show blade update schedule Shows the configuration of Software Blade updates schedule ...

Страница 228: ...e Series R80 20 05 CLI Reference Guide 228 show blade update schedule Description Shows the configuration of Software Blade updates schedule Syntax show blade update schedule Parameters Parameter Description n a Example show blade update schedule ...

Страница 229: ... CLI Reference Guide 229 show blade update schedule Description Shows advanced settings of Software Blade updates schedule Syntax show blade update schedule advanced settings Parameters Parameter Description n a Example show blade update schedule advanced settings ...

Страница 230: ...bookmark SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 230 bookmark ...

Страница 231: ...257 characters of this set 0 9 a z or password The password for remote desktop connection Type A string that contains alphanumeric and special characters screen height The height of the screen when the bookmark is remote desktop Type A number with no fractional part integer screen width The width of the screen when the bookmark is remote desktop Type A number with no fractional part integer toolti...

Страница 232: ...iance Series R80 20 05 CLI Reference Guide 232 Example add bookmark label myLabel url http www checkpoint com tooltip This is a comment type link is global true user name admin password a 7Ba screen width 1920 screen height 1080 ...

Страница 233: ...delete bookmark SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 233 delete bookmark Deletes an existing bookmark link that appears in the SNX VPN remote access landing page ...

Страница 234: ...cription Deletes an existing bookmark link by label Syntax delete bookmark label label Parameters Parameter Description label Text for the bookmark in the SSL Network Extender portal Type A string that contains less than 257 characters of this set 0 9 a z or Example delete bookmark label myLabel ...

Страница 235: ... SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 235 delete bookmark Description Deletes all existing bookmark links Syntax delete bookmark all Parameters Parameter Description n a Example delete bookmark all ...

Страница 236: ...his set 0 9 a z or new label Text for the bookmark in the SSL Network Extender portal Type A string that contains less than 257 characters of this set 0 9 a z or password The password for remote desktop connection Type A string that contains alphanumeric and special characters screen height The height of the screen when the bookmark is remote desktop Type A number with no fractional part integer s...

Страница 237: ...he user name for remote desktop connection Type A string that contains 0 9 a z up to 64 characters without spaces Example set bookmark label myLabel new label myNewLabel url http www checkpoint com tooltip myToolTip type link is global true user name admin password a 7Ba screen width 1920 screen height 1080 ...

Страница 238: ...kmark defined to be shown to users when connecting to the SNX portal using remote access VPN Syntax show bookmark label label Parameters Parameter Description label Text for the bookmark in the SSL Network Extender portal Type A string that contains less than 257 characters of this set 0 9 a z or Example show bookmark label myLabel ...

Страница 239: ... 20 05 CLI Reference Guide 239 show bookmarks Description Shows all bookmarks defined to be shown to users when connecting to the SNX portal using remote access VPN Syntax show bookmarks Parameters Parameter Description n a Example show bookmarks ...

Страница 240: ...bridge SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 240 bridge ...

Страница 241: ...ance Series R80 20 05 CLI Reference Guide 241 add bridge Description Adds a new bridge Syntax add bridge name name Parameters Parameter Description name Bridge name Type A bridge name should be br0 9 Example add bridge name br7 ...

Страница 242: ...e Series R80 20 05 CLI Reference Guide 242 delete bridge Description Deletes an existing bridge Syntax delete bridge name Parameters Parameter Description name Bridge name Type A bridge name should be br0 9 Example delete brdige br7 ...

Страница 243: ...set bridge SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 243 set bridge Configures an existing bridge interface ...

Страница 244: ...uide 244 set bridge Description Configures an existing bridge interface Syntax set bridge name stp stp Parameters Parameter Description name Bridge name Type A bridge name should be br0 9 stp Spanning Tree Protocol mode Options on off Example set bridge br7 stp on ...

Страница 245: ... set bridge Description Adds an existing network interface to an existing bridge Syntax set bridge name add member member Parameters Parameter Description member Network name name Bridge name Type A bridge name should be br0 9 Example set bridge br7 add member My_Network ...

Страница 246: ...bridge Description Removes an existing network interface from an existing bridge Syntax set bridge name remove member member Parameters Parameter Description member Network name name Bridge name Type A bridge name should be br0 9 Example set bridge br7 remove member My_Network ...

Страница 247: ... 20 05 CLI Reference Guide 247 show bridge Description Shows configuration and statistics of a defined bridge Syntax show bridge name Parameters Parameter Description name Bridge name Type A bridge name should be br0 9 Example show bridge br7 ...

Страница 248: ...bridges SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 248 show bridges Description Shows details of all defined bridges Syntax show bridges Parameters Parameter Description n a Example show bridges ...

Страница 249: ...ce Series R80 20 05 CLI Reference Guide 249 show cellular modem status Description Show the status of the cellular LTE modem Syntax show cellular modem status Parameters Parameter Description N A Example show cellular modem status ...

Страница 250: ...0 20 05 CLI Reference Guide 250 show clock Description Shows current system date and time Syntax show clock Parameters Parameter Description n a Example show clock Output Success shows date and time Failure shows an appropriate error message ...

Страница 251: ...cloud deployment SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 251 cloud deployment ...

Страница 252: ...eway name template template container container Parameters Parameter Description cloud url The DNS or IP address through which the device will connect to the cloud service Type URL container Container Type String gateway name The appliance name used to identify the gateway Type A string that contains A Z 0 9 and characters template Template Type String Example set cloud deployment cloud url http w...

Страница 253: ...ppliance Series R80 20 05 CLI Reference Guide 253 show cloud deployment Description Shows the configuration of cloud management connection Syntax show cloud deployment Parameters Parameter Description n a Example show cloud deployment ...

Страница 254: ...cloud notifications SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 254 cloud notifications These commands are relevant for Cloud notifications ...

Страница 255: ...ribes the notification type including n license expired n license about to expire n license activated n infected device n malicious file blocked n malicious file downloaded n firmware upgrade available n new device n system up n unexpected reboot n primary internet up n secondary internet up n malicious mail blocked n malicious mail received n reconnected device mode Enable sending the chosen clou...

Страница 256: ...00 Appliance Series R80 20 05 CLI Reference Guide 256 show cloud notifications Description Show mode for all types of notifications Syntax show cloud notifications Parameters Parameter Description n a Example show cloud notifications ...

Страница 257: ...257 send cloud report Description Force sending a report to Cloud Services Syntax send cloud report type type Parameters Parameter Description type The report type Options top last hour top last day top last week top last month 3d Example send cloud report type top last hour ...

Страница 258: ...cloud services SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 258 cloud services ...

Страница 259: ...Appliance Series R80 20 05 CLI Reference Guide 259 reconnect cloud services Description Force a manual reconnection to Cloud Services Syntax reconnect cloud services Parameters Parameter Description n a Example reconnect cloud services ...

Страница 260: ...set cloud services SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 260 set cloud services Configures settings for cloud SMP management connection ...

Страница 261: ...rusted certificate Is the service center URL is a trusted certificate Type Boolean true false gateway id Gateway id in the format gateway name portal name This is not needed if an activation key was configured Type cloudGwName mode Indicates if the device is managed by a cloud service Options off on registration key Registration key that acts as a password when connecting to the cloud service for ...

Страница 262: ...P management connection Syntax set cloud services advanced settings cloud management configuration smp login smp login show mgmt server details on login show mgmt server details on login Parameters Parameter Description n a Example set cloud services advanced settings cloud management configuration smp login true show mgmt server details on login true ...

Страница 263: ...R80 20 05 CLI Reference Guide 263 show cloud services Description Shows advanced settings of cloud management connection Syntax show cloud services advanced settings Parameters Parameter Description n a Example show cloud services advanced settings ...

Страница 264: ...0 20 05 CLI Reference Guide 264 show cloud services connection details Description Shows connection details for cloud management connection Syntax show cloud services connection details Parameters Parameter Description n a Example show cloud services connection details ...

Страница 265: ...cloud services firmware upgrade SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 265 cloud services firmware upgrade ...

Страница 266: ...set cloud services firmware upgrade SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 266 set cloud services firmware upgrade Configure settings for the firmware upgrade Cloud Services ...

Страница 267: ...nable auto firmware upgrades Upgrades may occur immediately or be scheduled according to a predefined frequency Type Boolean true false day of month Choose the desired day of the month Type A number with no fractional part integer day of week Choose the desired day of week Options sunday monday tuesday wednesday thursday friday saturday frequency Indicates the preferred time to perform upgrade onc...

Страница 268: ...firmware upgrade Description Configures advanced settings for the firmware upgrade Cloud Services Syntax set cloud services firmware upgrade advanced settings max num of retries max num of retries Parameters Parameter Description n a Example set cloud services firmware upgrade advanced settings max num of retries 15 ...

Страница 269: ...rmware upgrade Description Configures advanced settings for the firmware upgrade Cloud Services Syntax set cloud services firmware upgrade advanced settings timeout until retry timeout until retry Parameters Parameter Description n a Example set cloud services firmware upgrade advanced settings timeout until retry 15 ...

Страница 270: ...show cloud services firmware upgrade SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 270 show cloud services firmware upgrade Shows configuration of the Firmware Upgrade Cloud Services ...

Страница 271: ...80 20 05 CLI Reference Guide 271 show cloud services firmware upgrade Description Shows configuration of the Firmware Upgrade Cloud Services Syntax show cloud services firmware upgrade Parameters Parameter Description n a Example show cloud services firmware upgrade ...

Страница 272: ...ce Guide 272 show cloud services firmware upgrade Description Shows advanced settings of the Firmware Upgrade Cloud Services Syntax show cloud services firmware upgrade advanced settings Parameters Parameter Description n a Example show cloud services firmware upgrade advanced settings ...

Страница 273: ... R80 20 05 CLI Reference Guide 273 show cloud service managed blades Description Shows the currently managed blades by the cloud management Syntax show cloud services managed blades Parameters Parameter Description n a Example show cloud services managed blades ...

Страница 274: ...0 20 05 CLI Reference Guide 274 show cloud services managed services Description Shows the currently managed services by the cloud management Syntax show cloud services managed services Parameters Parameter Description n a Example show cloud services managed services ...

Страница 275: ...80 20 05 CLI Reference Guide 275 fetch cloud services policy Description Fetch configuration now from your Cloud Services Security Management Server Syntax fetch cloud services policy Parameters Parameter Description n a Example fetch cloud services policy ...

Страница 276: ... Series R80 20 05 CLI Reference Guide 276 show cloud services status Description Shows the current status of the cloud management connection Syntax show cloud services status Parameters Parameter Description n a Example show cloud services status ...

Страница 277: ...commands SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 277 show commands Description Shows all available CLI commands Syntax show commands Parameters Parameter Description n a Example show commands ...

Страница 278: ...vice as it appears in the output of the cphaprob list p The configuration change is permanent and applies after the appliance reboots t timeout If device fails to contact ClusterXL in timeout seconds device is considered to have failed To disable this parameter enter the value 0 s Status to be reported ok appliance is alive init appliance is initializing problem appliance has failed f file registe...

Страница 279: ...d Argument Description cphaprob d device t timeout sec s ok init problem p register Register device as a critical process and add it to the list of devices that must be running for the cluster member to be considered active cphaprob f file register Register all the user defined critical devices listed in file cphaprob d device p unregister Unregister a user defined device as a critical process Thi...

Страница 280: ...rence Guide 280 Examples cphaprob d device t timeout sec s ok init problem p register cphaprob f file register cphaprob d device p unregister cphaprob a unregister cphaprob d device s ok init problem report cphaprob i a e list cphaprob state cphaprob a if ...

Страница 281: ...the appliance Running cphastopon an appliance that is a cluster member stops the appliance from passing traffic State synchronization also stops Syntax cphastop Parameters Parameter Description n a Return Value 0 on success 1 on failure Example cphastop Output Success prints OK Failure shows an appropriate error message ...

Страница 282: ...les is saved to a USB drive or TFTP server The CPinfo output file enables Check Point s support engineers to analyze setups from a remote location Syntax cpinfo to tftp ipaddr to usb Parameters Parameter Description ipaddr IPv4 address Return Value 0 on success 1 on failure Example cpinfo to usb Output Success prints Creating cpinfo txt file Failure shows an appropriate error message ...

Страница 283: ...Check Point processes and applications running on a machine Description Starts firewall services Syntax cpstart Parameters Parameter Description n a Return Value 0 on success 1 on failure Example cpstart Output Success shows Starting CP products Failure shows an appropriate error message ...

Страница 284: ...ommunication SIC name of the server f flavor The flavor of the output as it appears in the configuration file The default is the first flavor found in the configuration file o polling Polling interval seconds specifies the pace of the results The default is 0 meaning the results are shown only once c count Specifies how many times the results are shown The default is 0 meaning the results are repe...

Страница 285: ...agement Server persistency for historical status values polsrv uas svr cpsemd cpsead asm ls ca Return Value 0 on success 1 on failure Example cpstat c 3 o 3 fw Output Success shows OK Failure shows an appropriate error message The following flavors can be added to the application flags n fw default interfaces all policy perf hmem kmem inspect cookies chains fragments totals ufp http ftp telnet rlo...

Страница 286: ...memory old_memory cpu disk perf multi_cpu multi_ disk all average_cpu average_memory statistics n mg default n persistency product Tableconfig SourceConfig n polsrv default all n uas default n svr default n cpsemd default n cpsead default n asm default WS n ls default n ca default crl cert user all ...

Страница 287: ...rewall services and terminates all Check Point processes and applications running on the appliance Syntax cpstop Parameters Parameter Description n a Return Value 0 on success 1 on failure Example cpstop Output Success shows Uninstalling Security Policy Failure shows an appropriate error message ...

Страница 288: ...r monitor_list Parameters Parameter Description del Deletes process detach Detaches process list Print status of processes kill Stops cpWatchDog exist Checks if cpWatchDog is running start_monitor cpwd starts monitoring this machine stop_monitor cpwd stops monitoring this machine monitor_list Displays list of monitoring processes name Name of process Return Value 0 on success 1 on failure Example ...

Страница 289: ...date SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 289 date ...

Страница 290: ...set date SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 290 set date Configures the device s date and time ...

Страница 291: ...80 20 05 CLI Reference Guide 291 set date Description Manually configure the device s date Syntax set date date Parameters Parameter Description date Date in the format YYYY MM DD Type A date format yyyy mm dd Example set date 2000 01 01 ...

Страница 292: ...Series R80 20 05 CLI Reference Guide 292 set date Description Manually configure the device s time Syntax set time time Parameters Parameter Description time Time in the format HH MM Type A time format hh mm Example set time 23 20 ...

Страница 293: ...es R80 20 05 CLI Reference Guide 293 set date Description Manually configure the device s time zone Syntax set timezone timezone Parameters Parameter Description timezone Timezone location Example set timezone GMT 11 00 Midway Island ...

Страница 294: ... Configures if the daylight savings will be changed automatically Syntax set timezone dst automatic timezone dst automatic Parameters Parameter Description timezone dst automatic Automatic adjustment clock for daylight saving changes flag Options on off Example set timezone dst automatic on ...

Страница 295: ...show date SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 295 show date Shows date and time ...

Страница 296: ...show date SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 296 show date Description Shows current date of the appliance Syntax show date Parameters Parameter Description n a Example show date ...

Страница 297: ...show date SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 297 show date Description Shows current time of the appliance Syntax show time Parameters Parameter Description n a Example show time ...

Страница 298: ...date SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 298 show date Description Shows current time zone of the appliance Syntax show timezone Parameters Parameter Description n a Example show timezone ...

Страница 299: ...ppliance Series R80 20 05 CLI Reference Guide 299 show date Description Shows current daylight savings configuration of the appliance Syntax show timezone dst Parameters Parameter Description n a Example show timezone dst ...

Страница 300: ...d Syntax restore default settings preserve sic yes no preserve license yes no force yes no Parameters Parameter Description preserve sic Select whether to preserve your current SIC settings preserve license Select whether to preserve your current license force Skip the confirmation question Return Value 0 on success 1 on failure Example restore default settings preserve sic yes Comments The applia...

Страница 301: ...dhcp relay SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 301 dhcp relay ...

Страница 302: ...y Description Configures advanced settings for DHCP Relay functionality Syntax set dhcp relay advanced settings use internal ip addrs as source use internal ip addrs as source Parameters Parameter Description n a Example set dhcp relay advanced settings use internal ip addrs as source true ...

Страница 303: ...ance Series R80 20 05 CLI Reference Guide 303 show dhcp relay Description Shows advanced settings for DHCP relay Syntax show dhcp relay advanced settings Parameters Parameter Description n a Example show dhcp relay advanced settings ...

Страница 304: ... SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 304 show dhcp servers Description Shows configuration for all DHCP servers Syntax show dhcp servers Parameters Parameter Description n a Example show dhcp servers ...

Страница 305: ...dhcp server interface SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 305 dhcp server interface ...

Страница 306: ...ption Deletes the configured exclude range from the DHCP server settings of a specific network interface Syntax delete dhcp server interface name exclude range Parameters Parameter Description name Network name Type A string that contains A Z 0 9 _ and characters Example delete dhcp server interface My_Network exclude range ...

Страница 307: ...set dhcp server interface SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 307 set dhcp server interface Configures DHCP server settings ...

Страница 308: ... Type virtual custom option name Set the name of the object Type A string that contains alphanumeric characters or hyphen data Set the desired value of the object Type String tag Select a unique tag for the object Type A number with no fractional part integer type Select the appropriate type to store your object Options string int8 int16 int32 uint8 uint16 uint32 boolean ipv4 address ipv4 address ...

Страница 309: ...HCP server is active or not on an existing network interface Syntax set dhcp server interface name disable enable Parameters Parameter Description dhcp Use DHCP Server with a specified IP address range Options off on relay name Network name Type A string that contains A Z 0 9 _ and characters Example set dhcp server interface My_Network off ...

Страница 310: ...ay to secondary secondary relay secondary relay secondary Parameters Parameter Description name Network name Type A string that contains A Z 0 9 _ and characters relay relay to Enter the DHCP server IP address Type IP address relay secondary This field is deprecated Please use field secondary secondary Enter the secondary DHCP server IP address Type IP address Example set dhcp server interface My_...

Страница 311: ... DHCP server on an existing network interface Syntax set dhcp server interface name include ip pool include ip pool Parameters Parameter Description include ip pool DHCP range Type A range of IP addresses name Network name Type A string that contains A Z 0 9 _ and characters Example set dhcp server interface My_Network include ip pool 192 168 1 1 192 168 1 10 ...

Страница 312: ...HCP server on an existing network interface Syntax set dhcp server interface name default gateway default gateway Parameters Parameter Description default gateway A virtual field calculated by the values of the fields dhcpGwMode dhcpGw name Network name Type A string that contains A Z 0 9 _ and characters Example set dhcp server interface My_Network default gateway auto ...

Страница 313: ...es the WINS mode provided by a DHCP server on an existing network interface Syntax set dhcp server interface name wins mode wins mode Parameters Parameter Description name Network name Type A string that contains A Z 0 9 _ and characters wins mode Configure the WINS Server Example set dhcp server interface My_Network wins mode auto ...

Страница 314: ...interface Syntax set dhcp server interface name wins primary wins primary secondary secondary Parameters Parameter Description name Network name Type A string that contains A Z 0 9 _ and characters secondary Configure the IP address for the second WINS server wins primary Configure the IP address for the first WINS server Example set dhcp server interface My_Network wins primary 192 168 1 1 second...

Страница 315: ...erver on an existing network interface Syntax set dhcp server interface name lease time lease time Parameters Parameter Description lease time Configure the timeout in hours for a single device to retain a dynamically acquired IP address name Network name Type A string that contains A Z 0 9 _ and characters Example set dhcp server interface My_Network lease time 30 ...

Страница 316: ...nfigures the domain used by a DHCP server on an existing network interface Syntax set dhcp server interface name domain domain Parameters Parameter Description domain The domain name of the DHCP name Network name Type A string that contains A Z 0 9 _ and characters Example set dhcp server interface My_Network domain myHost com ...

Страница 317: ...server interface name ntp ntp secondary secondary Parameters Parameter Description name Network name Type A string that contains A Z 0 9 _ and characters ntp Configure the first NTP Network Time Protocol server to be distributed to DHCP client secondary Configure the second NTP Network Time Protocol server to be distributed to DHCP client Example set dhcp server interface My_Network ntp 192 168 1 ...

Страница 318: ...TFTP server used by a DHCP server on an existing network interface Syntax set dhcp server interface name tftp tftp Parameters Parameter Description name Network name Type A string that contains A Z 0 9 _ and characters tftp Configure TFTP server to be distributed to DHCP client Example set dhcp server interface My_Network tftp 192 168 1 1 ...

Страница 319: ...e TFTP bootfile used by a DHCP server on an existing network interface Syntax set dhcp server interface name file file Parameters Parameter Description file Configure TFTP bootfile to be distributed to DHCP client name Network name Type A string that contains A Z 0 9 _ and characters Example set dhcp server interface My_Network file word ...

Страница 320: ... set dhcp server interface name callmgr callmgr secondary secondary Parameters Parameter Description callmgr Configure the first Call manager server to be distributed to DHCP client name Network name Type A string that contains A Z 0 9 _ and characters secondary Configure the second Call manager server to be distributed to DHCP client Example set dhcp server interface My_Network callmgr 192 168 1 ...

Страница 321: ...a DHCP server on an existing network interface Syntax set dhcp server interface name xwin display mgr xwin display mgr Parameters Parameter Description name Network name Type A string that contains A Z 0 9 _ and characters xwin display mgr Configure X Windows display manager to be distributed to DHCP client Example set dhcp server interface My_Network xwin display mgr 192 168 1 1 ...

Страница 322: ...er used by a DHCP server on an existing network interface Syntax set dhcp server interface name avaya voip avaya voip Parameters Parameter Description avaya voip Configure Avaya IP phone to be distributed to DHCP client name Network name Type A string that contains A Z 0 9 _ and characters Example set dhcp server interface My_Network avaya voip 192 168 1 1 ...

Страница 323: ... used by a DHCP server on an existing network interface Syntax set dhcp server interface name nortel voip nortel voip Parameters Parameter Description name Network name Type A string that contains A Z 0 9 _ and characters nortel voip Configure Nortel IP phone to be distributed to DHCP client Example set dhcp server interface My_Network nortel voip 192 168 1 1 ...

Страница 324: ...sed by a DHCP server on an existing network interface Syntax set dhcp server interface name thomson voip thomson voip Parameters Parameter Description name Network name Type A string that contains A Z 0 9 _ and characters thomson voip Configure Thomson IP phone to be distributed to DHCP client Example set dhcp server interface My_Network thomson voip 192 168 1 1 ...

Страница 325: ...rvers it is configured with otherwise Syntax set dhcp server interface name dns none manual primary primary secondary secondary tertiary tertiary auto Parameters Parameter Description dns Configure the DNS Server name Network name Type A string that contains A Z 0 9 _ and characters primary Configure the IP address for the first DNS server secondary Configure the IP address for the second DNS serv...

Страница 326: ...ded by a DHCP server on an existing network interface in manual mode Syntax set dhcp server interface name dns primary dns primary Parameters Parameter Description dns primary Configure the IP address for the first DNS server name Network name Type A string that contains A Z 0 9 _ and characters Example set dhcp server interface My_Network dns primary 192 168 1 1 ...

Страница 327: ...by a DHCP server on an existing network interface in manual mode Syntax set dhcp server interface name dns secondary dns secondary Parameters Parameter Description dns secondary Configure the IP address for the second DNS server name Network name Type A string that contains A Z 0 9 _ and characters Example set dhcp server interface My_Network dns secondary 192 168 1 1 ...

Страница 328: ...d by a DHCP server on an existing network interface in manual mode Syntax set dhcp server interface name dns tertiary dns tertiary Parameters Parameter Description dns tertiary Configure the IP address for the third DNS server name Network name Type A string that contains A Z 0 9 _ and characters Example set dhcp server interface My_Network dns tertiary 192 168 1 1 ...

Страница 329: ...tion from a DHCP server on an existing network interface Syntax set dhcp server interface name remove custom option custom option Parameters Parameter Description custom option Set the name of the object name Network name Type A string that contains A Z 0 9 _ and characters Example set dhcp server interface My_Network remove custom option MyOption ...

Страница 330: ...show dhcp server interface SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 330 show dhcp server interface Shows configuration of DHCP servers ...

Страница 331: ...erver interface Description Shows the configuration of a DHCP server configured on a specific interface network Syntax show dhcp server interface name Parameters Parameter Description name Network name Type A string that contains A Z 0 9 _ and characters Example show dhcp server interface My_Network ...

Страница 332: ...erface Description Shows the IP address pool of a DHCP server configured on a specific interface network Syntax show dhcp server interface name ip pool Parameters Parameter Description name Network name Type A string that contains A Z 0 9 _ and characters Example show dhcp server interface My_Network ip pool ...

Страница 333: ...LI Reference Guide 333 show diag Description Shows information about your appliance such as the current firmware version and additional details Syntax show diag Parameters Parameter Description n a Example show diag Output Current system information ...

Страница 334: ...sk usage Description Shows the file system space used and space available Syntax show disk usage h m k Parameters Parameter Description h Human readable e g 1K 243M 2G m 1024 1024 blocks k 1024 blocks Example show disk usage h Output Current file system space used and space available ...

Страница 335: ...dns SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 335 dns ...

Страница 336: ...delete dns SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 336 delete dns Deletes configured DNS settings ...

Страница 337: ... Appliance Series R80 20 05 CLI Reference Guide 337 delete dns Description Deletes configured primary DNS Syntax delete dns primary ipv4 address Parameters Parameter Description n a Example delete dns primary ipv4 address ...

Страница 338: ...pliance Series R80 20 05 CLI Reference Guide 338 delete dns Description Deletes configured secondary DNS Syntax delete dns secondary ipv4 address Parameters Parameter Description n a Example delete dns secondary ipv4 address ...

Страница 339: ...ppliance Series R80 20 05 CLI Reference Guide 339 delete dns Description Deletes configured tertiary DNS Syntax delete dns tertiary ipv4 address Parameters Parameter Description n a Example delete dns tertiary ipv4 address ...

Страница 340: ... 1500 Appliance Series R80 20 05 CLI Reference Guide 340 delete dns Description Deletes configured domain name of the appliance Syntax delete domainname Parameters Parameter Description n a Example delete domainname ...

Страница 341: ...set dns SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 341 set dns Configures the DNS and domain settings for the device ...

Страница 342: ...condary ipv4 address tertiary ipv4 address tertiary ipv4 address Parameters Parameter Description primary ipv4 address First global DNS IP address Type IP address secondary ipv4 address Second global DNS IP address Type IP address tertiary ipv4 address Third global DNS IP address Type IP address Example set dns primary ipv4 address 192 168 1 1 secondary ipv4 address 192 168 1 1 tertiary ipv4 addre...

Страница 343: ...e for the device It can either use manually configured DNS servers or use the DNS servers provided to him by the active internet connection from his ISP Syntax set dns mode mode Parameters Parameter Description mode Status of appliance using global DNS servers Options global internet Example set dns mode global ...

Страница 344: ...can translate from hostname to IP address for local networks Syntax set dns proxy on resolving resolving off Parameters Parameter Description proxy Relay DNS requests from internal network clients to the DNS servers defined above Type Press TAB to see available options resolving Use network objects as a hosts list to translate names to their IP addresses Options on off Example set dns proxy on res...

Страница 345: ...n Configures the domain settings for the device Syntax set domainname domainname Parameters Parameter Description domainname Identification string that defines a realm of administrative autonomy authority or control in the Internet Type A FQDN Example set domainname somehost example com ...

Страница 346: ...show dns SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 346 show dns Shows configuration for DNS and domain name ...

Страница 347: ...show dns SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 347 show dns Description Shows configuration for DNS Syntax show dns Parameters Parameter Description n a Example show dns ...

Страница 348: ... dns SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 348 show dns Description Shows configuration for domain name Syntax show domainname Parameters Parameter Description n a Example show domainname ...

Страница 349: ...dsl SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 349 dsl ...

Страница 350: ...ngs global settings Description Set DSL configuration parameters Syntax set dsl advanced settings global settings ginp ginp sra sra Parameters Parameter Description ginp Enhanced Impulse Noise Protection sra Enables Seamless Rate Adaption Example set dsl advanced settings global settings ginp downstream and upstream sra true ...

Страница 351: ...cription vdsl2 Supports ITU G 993 2 VDSL2 standard dmt Supports ITU G 992 1 ADSL G dmt standard adsl lite Supports ITU G 992 2 ADSL Lite G lite standard adsl2 Supports ITU G 992 3 ADSL2 standard adsl2plus Supports ITU G 992 5 Annex M ADSL2 M standard t1413 Supports ANSI T1 413 1998 Issue 2 ADSL annex m In an Annex A appliance Combined with supported ADSL2 it specifies support for Annex M ADSL2 In ...

Страница 352: ...ds SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 352 Parameter Description vdsl 17a Supports VDSL Profile 17a vdsl us0 Enables usage of first upstream band in VDSL2 Example set dsl advanced settings standards adsl2plus false ...

Страница 353: ...rameters Syntax show dsl advanced settings Parameters Parameter Description n a Example show dsl advanced settings Sample Output adsl2plus true vdsl 8d true vdsl 8c true vdsl 8b true annex m false t1413 true vdsl 17a true adsl lite true vdsl2 true annex l false vdsl 12b true adsl2 true dmt true ginp disabled sra false vdsl8a true vdsl us0 true vdsl 12a true ...

Страница 354: ... in the peer DSLAM MSAG i e IFTN BDCM 4 hex digits representing the firmware version of the vendor power up Indicates the appliance transmission power dBm hec up Indicates the number of HEC errors counted by the peer DSLAM MSAG attn up Indicates the upstream attenuation dB attn down Indicates the attenuation of the power from the peer DSLAM MSAG to the appliance dB rs down Indicates the number of ...

Страница 355: ... trellis Indicates whether trellis was enabled in the appliance configuration Possible values On Off configured ginp Indicates the upstream downstream on off for the configured Enhanced Impulse response Possible values Off Off Off On On Off On On configured bitswap Indicates the upstream downstream on off for the Bit Swap configured in the appliance Possible values On Off vectoring Indicates the v...

Страница 356: ...up 208 configured sra Off rs up 1610329207 configured trellis On total cells down 2609810117 snr up 15 4 tpstc PTM bitrate up 5024 vectoring 5 DSLAM is not a vectored DSLAM vendor IFTN 0xb206 status Showtime rs down 2127995393 mode VDSL2 Annex B hec up 0 bitrate down 48470 training Showtime power down 7 7 total cells up 0 hec down 0 attn down 25 9 attn up 0 0 configured bitswap Off ...

Страница 357: ...dynamic dns SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 357 dynamic dns ...

Страница 358: ...set dynamic dns SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 358 set dynamic dns Configures a persistent domain name for the device ...

Страница 359: ...evice will use Type A FQDN is active Is the DDNS service active Type Boolean enable disable password The password of the account Type A string that contains alphanumeric and special characters provider Select the DDNS provider that you have already set up an account with Options no ip com DynDns user The user name of the account Type DynDns provider begins with a letter and have 2 25 alphanumeric ...

Страница 360: ...LI Reference Guide 360 set dynamic dns Description Configure advanced settings for the DDNS service Syntax set dynamic dns advanced settings iterations iterations Parameters Parameter Description n a Example set dynamic dns advanced settings iterations 15 ...

Страница 361: ...show dynamic dns SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 361 show dynamic dns Shows configuration for DDNS service ...

Страница 362: ...dns SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 362 show dynamic dns Description Shows configuration for DDNS service Syntax show dynamic dns Parameters Parameter Description n a Example show dynamic dns ...

Страница 363: ...ce Series R80 20 05 CLI Reference Guide 363 show dynamic dns Description Shows advanced settings for DDNS service Syntax show dynamic dns advanced settings Parameters Parameter Description n a Example show dynamic dns advanced settings ...

Страница 364: ... not necessary to reinstall the policy Description Manages dynamic objects on the appliance Syntax dynamic_objects o object r fromIP toIP a d l n object c do object Parameters Parameter Description o Name of the dynamic object that is being configured r Defines the range of IP addresses that are being configured for this object a Adds range of IP addresses to the dynamic object d Deletes range of ...

Страница 365: ...dynamic objects SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 365 Output Success shows Operation completed successfully Failure shows an appropriate error message ...

Страница 366: ...exit SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 366 exit Description Exits from the shell Syntax exit Parameters Parameter Description n a Example exit ...

Страница 367: ...ss_hash Parameters Parameter Description pass Password using alphanumeric and special characters pass_hash Password MD5 string representation Example set expert password hash 1 fGT7pGX6 oo9LUBJTkLOGKLhjRQ2rw1 Output Success shows OK Failure shows an appropriate error message Comments To generate a password hash you can use this command on any Check Point SMB Appliance gateway as an expert user cry...

Страница 368: ...You fetch the certificate from a specific appliance with the gateway name parameter Syntax fetch certificate mgmt ipv4 address ip_addr gateway name gw_name Parameters Parameter Description ip_addr Management IPv4 address gw_name Appliance Module name Example fetch certificate mgmt ipv4 address 192 168 1 100 gateway name SMB_ Appliance Output Success shows OK Failure shows an appropriate error mess...

Страница 369: ...with IPv4 address ip_addr or from the local gateway Syntax fetch policy local mgmt ipv4 address ip_addr Parameters Parameter Description ip_addr IPv4 address of the Security Management Server Return Value 0 on success 1 on failure Example fetch policy mgmt ipv4 address 192 168 1 100 Output Success shows Done Failure shows an appropriate error message ...

Страница 370: ... fw command Explanation fw accel h Turn acceleration on off fw activation h Activate license fw avload h Load Anti Virussignatures to kernel fw ctl args Control kernel fw debug h Turn debug output on or off fw fetch Fetch last policy fw fetchdefault h Fetch default policy fw fetchlocal h Fetch local policy fw monitor h Monitor Check Point Appliance traffic fw pull_cert Pull certificate from intern...

Страница 371: ...fw commands SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 371 fw ver k Display version ...

Страница 372: ...fw policy SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 372 fw policy ...

Страница 373: ...set fw policy SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 373 set fw policy Configures the default policy for the Firewall blade ...

Страница 374: ...d traffic track allowed traffic track blocked traffic track blocked traffic Parameters Parameter Description mode Current mode for firewall policy track allowed traffic Indicates if accepted connections are logged Options none log track blocked traffic Indicates if blocked connections are logged Options none log Example set fw policy mode off track allowed traffic none track blocked traffic none ...

Страница 375: ...policy Description Configures advanced settings for the default policy of the Firewall blade Syntax set fw policy advanced settings blocked packets action blocked packets action Parameters Parameter Description n a Example set fw policy advanced settings blocked packets action auto ...

Страница 376: ... set fw policy Description Configures advanced settings for the default policy of the Firewall blade Syntax set fw policy advanced settings log implied rules log implied rules Parameters Parameter Description n a Example set fw policy advanced settings log implied rules true ...

Страница 377: ...show fw policy SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 377 show fw policy Shows the configured policy for the Firewall blade ...

Страница 378: ...MB 1500 Appliance Series R80 20 05 CLI Reference Guide 378 show fw policy Description Shows the configured policy for the Firewall blade Syntax show fw policy Parameters Parameter Description n a Example show fw policy ...

Страница 379: ...e Series R80 20 05 CLI Reference Guide 379 show fw policy Description Shows advanced settings for the Firewall blade Syntax show fw policy advanced settings Parameters Parameter Description n a Example show fw policy advanced settings ...

Страница 380: ...cy Description Shows the configuration for customizable messages shown to users upon actions Syntax show fw policy user check block ask accept Parameters Parameter Description user check Activity message type Type Press TAB to see available options Example show fw policy user check block ...

Страница 381: ...Accept user message Type A string that contains only printable characters fallback action Indicates the action to take when an Accept user message cannot be displayed Options block accept frequency Indicates how often is the APPI Accept user message is being presented to the same user Options day week month subject The subject of an APPI Accept user message Type A string that contains only printab...

Страница 382: ...s only printable characters confirm text This text appears next to the ignore warning checkbox of an APPI Ask user message Type A string that contains only printable characters fallback action The action that is performed when the Ask message cannot be shown Options block accept frequency Indicates how often is the APPI Ask user message is being presented to the same user Options day week month re...

Страница 383: ...SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 383 Example set fw policy user check ask body My Network confirm text My Network fallback action block frequency day subject My Network title My Network reason displayed true ...

Страница 384: ...characters redirect to url Indicates if the user will be redirected to a custom URL in case of a Block action Type Boolean true false redirect url Indicates the URL to redirect the user in case of a Block action if configured to do so The URL to redirect the user in case of a Block action Redirection happens only if this functionality is turned on Type urlWithHttp subject The subject of an APPI Bl...

Страница 385: ...ser check block device body body subject subject title title Parameters Parameter Description body The informative text that appears in the Block Device user message Type A string that contains only printable characters subject The subject of the Block Device user message Type A string that contains only printable characters title The title of the Block Device user message Type A string that conta...

Страница 386: ...k infected device body body subject subject title title Parameters Parameter Description body The informative text that appears in the Block Infected Device user message Type A string that contains only printable characters subject The subject of the Block Infected Device user message Type A string that contains only printable characters title The title of the Block Infected Device user message Ty...

Страница 387: ...global radius conf SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 387 global radius conf ...

Страница 388: ... the identifying IP Address of the NAS which is requesting authentication of the user and should be unique to the NAS within the scope of the RADIUS server Syntax set global radius conf nas ip address nas ip address nasIPV6 nasIPV6 Parameters Parameter Description nas ip address Nas ip address Type IP address nasIPV6 nasIPV6 Type ipv6addr Example set global radius conf nas ip address 192 168 1 1 n...

Страница 389: ... Series R80 20 05 CLI Reference Guide 389 show global radius conf Description Configure the NAS IP IPv6 address for RADIUS server authentication Syntax show global radius conf Parameters Parameter Description n a Example show global radius conf ...

Страница 390: ...group SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 390 group ...

Страница 391: ...on comments Comments and explanation about the Network Object group Type A string that contains less than 257 characters of this set 0 9 a z or member An association field to the contained network objects name Network Object group name Type A string that begins with a letter and contain up to 32 alphanumeric 0 9 a z _ characters without spaces Example add group name myObject_17 comments This is a ...

Страница 392: ...ription Deletes an existing group object of network objects Syntax delete group name Parameters Parameter Description name Network Object group name Type A string that begins with a letter and contain up to 32 alphanumeric 0 9 a z _ characters without spaces Example delete group myObject_17 ...

Страница 393: ...set group SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 393 set group Configures an existing network objects group ...

Страница 394: ...ut the Network Object group Type A string that contains less than 257 characters of this set 0 9 a z or name Network Object group name Type A string that begins with a letter and contain up to 32 alphanumeric 0 9 a z _ characters without spaces new name Network Object group name Type A string that begins with a letter and contain up to 32 alphanumeric 0 9 a z _ characters without spaces Example se...

Страница 395: ...mbers from an existing network objects group Syntax set group name remove all members Parameters Parameter Description name Network Object group name Type A string that begins with a letter and contain up to 32 alphanumeric 0 9 a z _ characters without spaces Example set group myObject_17 remove all members ...

Страница 396: ... to an existing network objects group Syntax set group name add member member Parameters Parameter Description member Network Object name name Network Object group name Type A string that begins with a letter and contain up to 32 alphanumeric 0 9 a z _ characters without spaces Example set group myObject_17 add member TEXT ...

Страница 397: ...rom an existing network objects group Syntax set group name remove member member Parameters Parameter Description member Network Object name name Network Object group name Type A string that begins with a letter and contain up to 32 alphanumeric 0 9 a z _ characters without spaces Example set group myObject_17 remove member TEXT ...

Страница 398: ...Description Shows the contents of a network object group Syntax show group name Parameters Parameter Description name Network Object group name Type A string that begins with a letter and contain up to 32 alphanumeric 0 9 a z _ characters without spaces Example show group myObject_17 ...

Страница 399: ...ps SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 399 show groups Description Shows the contents of all network object groups Syntax show groups Parameters Parameter Description n a Example show groups ...

Страница 400: ...host SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 400 host ...

Страница 401: ...rameters Parameter Description dhcp exclude ip addr Indicates if the object s IP address es is excluded from internal DHCP daemon Type Press TAB to see available options dhcp reserve ip addr to mac Indicates if the IP address is reserved in internal DHCP daemon Type Press TAB to see available options dns resolving Indicates if the name of the server network object will be used as a hostname for in...

Страница 402: ...ple add host name TEXT dhcp exclude ip addr on dhcp reserve ip addr to mac on mac addr 00 1C 7F 21 05 BE reserve mac address 00 1C 7F 21 05 BE mac reserved in dhcp on mac addr 00 1C 7F 21 05 BE reserve mac address 00 1C 7F 21 05 BE dns resolving true ipv4 address 192 168 1 1 ...

Страница 403: ...ance Series R80 20 05 CLI Reference Guide 403 delete host Description Deletes an existing network host object Syntax delete host name Parameters Parameter Description name Network Object name Type String Example delete host TEXT ...

Страница 404: ...rameters Parameter Description dhcp exclude ip addr Indicates if the object s IP address es is excluded from internal DHCP daemon Type Press TAB to see available options dhcp reserve ip addr to mac Indicates if the IP address is reserved in internal DHCP daemon Type Press TAB to see available options dns resolving Indicates if the name of the server network object will be used as a hostname for in...

Страница 405: ... BE reserve mac address 00 1C 7F 21 05 BE mac reserved in dhcp on mac addr 00 1C 7F 21 05 BE reserve mac address 00 1C 7F 21 05 BE exclude from dhcp on dhcp reserve ip addr to mac on mac addr 00 1C 7F 21 05 BE reserve mac address 00 1C 7F 21 05 BE mac reserved in dhcp on mac addr 00 1C 7F 21 05 BE reserve mac address 00 1C 7F 21 05 BE dns resolving true ipv4 address 192 168 1 1 ...

Страница 406: ...Series R80 20 05 CLI Reference Guide 406 show host Description Shows the configuration of an existing network object Syntax show host name Parameters Parameter Description name Network Object name Type String Example show host TEXT ...

Страница 407: ...SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 407 show hosts Description Shows the configuration of all existing network objects Syntax show hosts Parameters Parameter Description n a Example show hosts ...

Страница 408: ...hotspot SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 408 hotspot ...

Страница 409: ...set hotspot SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 409 set hotspot Configures hotspot settings ...

Страница 410: ...n them auth mode Allow access to a specific user group only or all users Options allow all allow specific group portal msg The message shown in hotspot portal Type A string that contains only printable characters portal title The title of the hotspot portal Type A string that contains only printable characters redirect after auth Indicates if after the user accepts terms or authenticate in the hot...

Страница 411: ...al Type A string that contains only printable characters timeout Time in minutes untill the hotspot session expires Type A number with no fractional part integer Example set hotspot require auth true auth mode allow all allowed group word timeout 15 portal title My Network portal msg My Network show terms of use on terms of use My Network redirect after auth on redirect after auth url urlWithHttp ...

Страница 412: ...eference Guide 412 set hotspot Description Adds an existing network object as an exception for hotspot portal Syntax set hotspot add exception exception Parameters Parameter Description exception Network object name Example set hotspot add exception TEXT ...

Страница 413: ... Guide 413 set hotspot Description Removes an existing network object from being an exception to hotspot portal Syntax set hotspot remove exception exception Parameters Parameter Description exception Network object name Example set hotspot remove exception TEXT ...

Страница 414: ...80 20 05 CLI Reference Guide 414 set hotspot Description Configures advanced hotspot settings Syntax set hotspot advanced settings activation activation Parameters Parameter Description n a Example set hotspot advanced settings activation on ...

Страница 415: ...ide 415 set hotspot Description Configures advanced hotspot settings Syntax set hotspot advanced settings prevent simultaneous login prevent simultaneous login Parameters Parameter Description n a Example set hotspot advanced settings prevent simultaneous login true ...

Страница 416: ...show hotspot SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 416 show hotspot Shows hotspot configuration ...

Страница 417: ...how hotspot SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 417 show hotspot Description Shows hotspot configuration Syntax show hotspot Parameters Parameter Description n a Example show hotspot ...

Страница 418: ...ce Series R80 20 05 CLI Reference Guide 418 show hotspot Description Shows hotspot advanced settings configuration Syntax Shows hotspot advanced settings Parameters Parameter Description n a Example Shows hotspot advanced settings ...

Страница 419: ...https categorization SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 419 https categorization ...

Страница 420: ...tps categorization SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 420 set https categorization Configures HTTPS categorization settings categorization does not require a full SSL inspection mechanism ...

Страница 421: ... categorization Description Configures advanced HTTPS categorization settings Syntax set https categorization advanced settings validate cert expiration validate cert expiration Parameters Parameter Description n a Example set https categorization advanced settings validate cert expiration true ...

Страница 422: ... categorization Description Configures advanced HTTPS categorization settings Syntax set https categorization advanced settings validate unreachable crl validate unreachable crl Parameters Parameter Description n a Example set https categorization advanced settings validate unreachable crl true ...

Страница 423: ...uide 423 set https categorization Description Configures advanced HTTPS categorization settings Syntax set https categorization advanced settings validate crl validate crl Parameters Parameter Description n a Example set https categorization advanced settings validate crl true ...

Страница 424: ...0 05 CLI Reference Guide 424 show https categorization Description Shows configuration for HTTPS categorization feature Syntax show https categorization advanced settings Parameters Parameter Description n a Example show https categorization advanced settings ...

Страница 425: ...interface SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 425 interface ...

Страница 426: ...add interface SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 426 add interface Adds a new virtual interface ...

Страница 427: ...ing physical interface Syntax add interface assignment vlan vlan Parameters Parameter Description assignment The switch or bridge which the object belongs to Type A string that contains A Z 0 9 _ and characters vlan Enter a number that is the virtual identifier Type A number with no fractional part integer Example add interface My_Network vlan 12 ...

Страница 428: ...in the VPN community before you can define the VTI The Peer ID is an alpha numeric character string Type A string that begins with a letter and contains up to 32 alphanumeric 0 9 a z _ characters without spaces remote Defines the remote peer IPv4 address used at the peer gateway s point to point virtual interface numbered VTI only Type IP address type The type of VTI Numbered VTI that uses a speci...

Страница 429: ...ters Parameter Description alias physical port The physical port used by the alias network Separate networks only Type A string that contains A Z 0 9 _ and characters ipv4 address Enter the IP address of the interface Type IP address mask length Represents the network s mask length Type A string that contains numbers only subnet mask The subnet mask of the specified network Type A subnet mask or 2...

Страница 430: ...I Reference Guide 430 delete interface Description Deletes an existing virtual interface Syntax delete interface name Parameters Parameter Description name Network name Type A string that contains A Z 0 9 _ and characters Example delete interface My_Network ...

Страница 431: ...set interface SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 431 set interface Configures local networks interfaces ...

Страница 432: ... gw dns primary dns primary dns secondary dns secondary dns tertiary dns tertiary Parameters Parameter Description default gw Default gateway Type IP address dns primary First DNS server IP address Type IP address dns secondary Second DNS server IP address Type IP address dns tertiary Third DNS server IP address Type IP address ipv4 address The IP address Type IP address mask length Subnet mask le...

Страница 433: ...ance Series R80 20 05 CLI Reference Guide 433 Example set interface My_Network ipv4 address 192 168 1 100 subnet mask 255 255 255 0 default gw 192 168 1 1 dns primary 192 168 1 1 dns secondary 192 168 1 2 dns tertiary 192 168 1 3 ...

Страница 434: ... subnet mask Parameters Parameter Description ipv4 address Enter the IP address of the interface Type IP address mask length Represents the network s mask length Type A string that contains numbers only name Network name Type A string that contains A Z 0 9 _ and characters subnet mask Enter the Subnet mask of the specified network Type A subnet mask or 255 255 255 255 Example set interface My_Netw...

Страница 435: ...set interface Description Configures a physical interface to be unassigned from existing networks Syntax set interface name unassigned Parameters Parameter Description name Network name Type A string that contains A Z 0 9 _ and characters Example set interface LAN2 unassigned ...

Страница 436: ...et interface Description Configures monitor mode on an existing local network interface Syntax set interface name monitor mode Parameters Parameter Description name Network name Type A string that contains A Z 0 9 _ and characters Example set interface My_Network monitor mode ...

Страница 437: ... override mac address override exclude from dns proxy exclude from dns proxy Parameters Parameter Description exclude from dns proxy Exclude from DNS proxy Options on off mac address override Override default MAC address Type MAC address name Network name Type A string that contains A Z 0 9 _ and characters Example set interface My_Network mac address override 00 1C 7F 21 05 BE exclude from dns pr...

Страница 438: ...iption auto negotiation Enable this option in order to manually configure the link speed of the interface Options on off link speed Configure the link speed of the interface manually Options 10 full 10 half 100 full 100 half mtu Configure the Maximum Transmission Unit size for an interface Type A number with no fractional part integer name Network name Type A string that contains A Z 0 9 _ and cha...

Страница 439: ... Enable disable an existing local network interface Syntax set interface name state state Parameters Parameter Description name Network name Type A string that contains A Z 0 9 _ and characters state The mode of the network enabled or disabled Options on off Example set interface My_Network state on ...

Страница 440: ... local network interface Syntax set interface name description description Parameters Parameter Description description Description Type A string that contains less than 257 characters of this set 0 9 a z or name Network name Type A string that contains A Z 0 9 _ and characters Example set interface My_Network description This is a comment ...

Страница 441: ...an access lan access lan access track lan access track Parameters Parameter Description lan access Local networks will be accessible from this network once this option is enabled Options block accept lan access track Traffic from this network to local networks will be logged once this option is enabled Options none log name Network name Type A string that contains A Z 0 9 _ and characters Example ...

Страница 442: ... for an existing local network interface Syntax set interface name hotspot hotspot Parameters Parameter Description hotspot Redirect users to the Hotspot portal before allowing access from this interface Options on off name Network name Type A string that contains A Z 0 9 _ and characters Example set interface My_Network hotspot on ...

Страница 443: ...nce Guide 443 show interface Description Shows configuration and details of local networks Syntax show interface name all Parameters Parameter Description name Network name Type A string that contains A Z 0 9 _ and characters Example show interface My_Network all ...

Страница 444: ...es SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 444 show interfaces Description Shows the list of defined local networks Syntax show interfaces Parameters Parameter Description n a Example show interfaces ...

Страница 445: ... 1500 Appliance Series R80 20 05 CLI Reference Guide 445 show interfaces all Description Shows details of all defined local networks Syntax show interfaces all Parameters Parameter Description n a Example show interfaces all ...

Страница 446: ...sk Parameters Parameter Description alias physical port The physical port used by the alias network Separate networks only Type A string that contains A Z 0 9 _ and characters ipv4 address Enter the IP address of the interface Type IP address mask length Represents the network s mask length Type A string that contains numbers only subnet mask The subnet mask of the specified network Type A subnet ...

Страница 447: ...delete interface alias Description Delete one of multiple IP addresses associated to a network interface Syntax delete interface alias name Parameters Parameter Description name Network name Type A string that contains A Z 0 9 _ and characters Example delete interface alias My_Network ...

Страница 448: ...ter Description ipv4 address Enter the IP address of the interface Type IP address mask length Represents the network s mask length Type A string that contains numbers only name Network name Type A string that contains A Z 0 9 _ and characters state The mode of the network enabled or disabled Options on off subnet mask The subnet mask of the specified network Type A subnet mask or 255 255 255 255 ...

Страница 449: ...hash policy bond mii interval bond mii interval Parameters Parameter Description bond hash policy The bond hash policy Options layer2 layer2_3 layer3_4 bond master The bond Master port Type A string that contains A Z 0 9 _ and characters bond mii interval The bond MII interval Type A number with no fractional part integer bond mode The bond operation mode policy Type Press TAB to see available opt...

Страница 450: ...bond Delete this text and replace it with your own content Description Delete a link aggregation bond between two or more interfaces Syntax delete interface name Parameters Parameter Description name Network name Type A string that contains A Z 0 9 _ and characters Example delete interface My_Network ...

Страница 451: ...iption bond hash policy The bond hash policy Options layer2 layer2_3 layer3_4 bond master The bond Master port Type A string that contains A Z 0 9 _ and characters bond mii interval The bond MII interval Type A number with no fractional part integer bond mode The bond operation mode policy Options 8023ad round robin xor master name Network name Type A string that contains A Z 0 9 _ and characters ...

Страница 452: ... settings for an internet bond LAN Syntax set interface bond name add member add member Parameters Parameter Description add member bondPort1 Type A string that contains A Z 0 9 _ and characters name Network name Type A string that contains A Z 0 9 _ and characters Example set interface bond My_Network add member My_Network ...

Страница 453: ...gs for an interface bond LAN Syntax set interface bond name remove member remove member Parameters Parameter Description name Network name Type A string that contains A Z 0 9 _ and characters remove member bondPort1 Type A string that contains A Z 0 9 _ and characters Example set interface bond My_Network remove member My_Network ...

Страница 454: ...erence Guide 454 show interface bond Description Show the name of the interface in the bond LAN Syntax show interface bond name Parameters Parameter Description name Network name Type A string that contains A Z 0 9 _ and characters Example show interface bond name ...

Страница 455: ...SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 455 show interfaces bond Description Show the interfaces in the bond LAN Syntax show interfaces bond Parameters Parameter Description n a Example show interfaces bond ...

Страница 456: ...tion for the Certificate Type String Less secure Allow connections to SSL sites without certificates Only applied over SFTP Type Boolean true false P12 password PKCS 12 Password PKCS 12 defines an archive file format for storing many cryptography objects as a single file Type A registration key url Download the certificate file from this URL The URL format should be s ftp name passwd machine domai...

Страница 457: ...rnal certificate Type String Example delete internal certificate name TEXT show internal certificate Description Show an internal certificate Syntax show internal certificate name name Parameters Parameter Description name Name of the internal certificate Type String Example show internal certificate name TEXT show internal certificates Description Show all internal certificates ...

Страница 458: ...show interfaces bond SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 458 Syntax show internal certificates Parameters Parameter Description n a Example show internal certificates ...

Страница 459: ...ips engine settings SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 459 ips engine settings ...

Страница 460: ...set ips engine settings SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 460 set ips engine settings ...

Страница 461: ...delay threshold detection delay false Parameters Parameter Description bypass track Indicates how the appliance will track events where the bypass mechanism is activated deactivated Options none log alert bypass under load Indicates if the IPS engine will move to bypass mode if the appliance is under heavy load Type Boolean true false protection scope Indicates if the IPS blade will protect intern...

Страница 462: ...gs advanced settings AboutConfigIPSErrorPageConfig status code desc status code desc show error code show error code logo url logo url send detailed status code send detailed status code enable logo url enable logo url Parameters Parameter Description n a Example set ips engine settings advanced settings AboutConfigIPSErrorPageConfig status code desc This is a comment show error code true logo url...

Страница 463: ...PS HTTP protections Syntax set ips engine settings advanced settings AboutConfigIPSErrorPage send error code send error code error page for supported web protections error page for supported web protections url url Parameters Parameter Description n a Example set ips engine settings advanced settings AboutConfigIPSErrorPage send error code true error page for supported web protections do not show ...

Страница 464: ...show ips engine settings SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 464 show ips engine settings Shows engine settings for the IPS blade ...

Страница 465: ...00 Appliance Series R80 20 05 CLI Reference Guide 465 show ips engine settings Description Shows engine settings for the IPS blade Syntax show ips engine settings Parameters Parameter Description n a Example show ips engine settings ...

Страница 466: ...0 20 05 CLI Reference Guide 466 show ips engine settings Description Shows advanced engine settings for the IPS blade Syntax show ips engine settings advanced settings Parameters Parameter Description n a Example show ips engine settings advanced settings ...

Страница 467: ...interface loopback SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 467 interface loopback ...

Страница 468: ...erface loopback ipv4 address ipv4 address mask length mask length subnet mask subnet mask Parameters Parameter Description ipv4 address Enter the IP address of the interface Type IP address mask length Represents the network s mask length Type A string that contains numbers only subnet mask Enter the Subnet mask of the specified network Type A subnet mask or 255 255 255 255 Example add interface l...

Страница 469: ...de 469 delete interface loopback Description Deletes an existing configured loopback interface Syntax delete interface loopback name Parameters Parameter Description name Network name Type A string that contains A Z 0 9 _ and characters Example delete interface loopback My_Network ...

Страница 470: ...none name VALUE Parameters Parameter Description apn APN Access Point Name of SIM 1 optional pin PIN number of SIM 1 optional apn sim2 APN Access Point Name of SIM 2 optional pin sim2 PIN number of SIM 2 optional primary sim The preferred SIM to use for the connection disable sim Allows disabling of one of the SIM cards name The name of the internet connection Example add internet connection inter...

Страница 471: ...sierra usb on lsi event true set internet connection VALUE type cellular Description Set the values for the cellular LTE connection Syntax set internet connection VALUE type cellular apn VALUE pin VALUE apn sim2 VALUE pin sim2 VALUE primary sim sim1 sim2 disable sim sim1 sim2 none Parameters Parameter Description apn APN Access Point Name of SIM 1 optional pin PIN number of SIM 1 optional apn sim2...

Страница 472: ... 472 Parameter Description disable sim Allows disabling of one of the SIM cards name The name of the internet connection Example set internet connection Internet1 type cellular apn sim1apn com pin 1111 apn sim2 sim2apn com pin sim2 2222 disable sim none primary sim sim1 ...

Страница 473: ...e Series R80 20 05 CLI Reference Guide 473 show internet Description Shows advanced settings for configured internet Syntax show internet advanced settings Parameters Parameter Description n a Example show internet advanced settings ...

Страница 474: ...internet connection SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 474 internet connection ...

Страница 475: ...add internet connection SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 475 add internet connection Adds a new internet connection ...

Страница 476: ...terface Interface name Type Press TAB to see available options name Connection name Type A string that contains A Z 0 9 _ and space characters type Connection type Type Press TAB to see available options vlan id VLAN ID Type A number with no fractional part integer Syntax for Static IP add internet connection name name interface WAN type static default gw default gw ipv4 address ipv4 address mask ...

Страница 477: ...ondary Second DNS server IP address Type IP address dns tertiary Third DNS server IP address Type IP address ipv4 address IP address field for static IP and bridge settings Type IP address mask length Subnet mask length Type A string that contains numbers only name Connection name Type A string that contains A Z 0 9 _ and space characters subnet mask Subnet mask Type A subnet mask or 255 255 255 2...

Страница 478: ...al ipv4 address Parameters Parameter Description conn test timeout Connection test timeout Type A number with no fractional part integer interface Interface name Type Press TAB to see available options default gw WAN default gateway in the advanced section of PPTP and l2TP Type IP address is unnumbered pppoe Unnumbered PPPoE lets you manage a range of IP addresses and dial only once Type Boolean t...

Страница 479: ...yntax for PPPoE add internet connection name name interface WAN type pppoe username username password hash password hash add internet connection name name interface WAN type pppoe username username password password hash is unnumbered pppoe is unnumbered pppoe local ipv4 address local ipv4 address Parameters Parameter Description conn test timeout Connection test timeout Type A number with no frac...

Страница 480: ...terface WAN type pptp server server password hash password hash command_synadd internet connection name name interface WAN type pptpserver server password password username username local ipv4 address local ipv4 address wan ipv4 address wan ipv4 address wan mask length wan mask length tax add internet connection name name interface WAN type pptp server server password password username username lo...

Страница 481: ...assword hash The hash of the user password Type passwordHash server Server IP address Type IP address type Connection type Type Press TAB to see available options username User name for PPP connection settings Type A string that contains all printable characters but a single or double quote like characters Usually username ISP vlan id VLAN ID Type A number with no fractional part integer wan ipv4 ...

Страница 482: ...e t1413 glite gdmt adsl2 adsl2 type Connection type Type Press TAB to see available options vci VCI value for the ADSL connection Type A number between 0 and 65535 vpi VPI value for the ADSL connection Type A number between 0 and 255 Syntax for PPPoA add internet connection name name interface ADSL type pppoa username username password hash password hash add internet connection name name interface...

Страница 483: ...tion name Type A string that contains A Z 0 9 _ and space characters password Password for PPP connection settings Type internetPassword password hash The hash of the user password Type passwordHash type Connection type Type Press TAB to see available options username User name for PPP connection settings Type A string that contains all printable characters but a single or double quote like charac...

Страница 484: ...ions llc vcmux interface Interface name Type Press TAB to see available options is unnumbered pppoe Unnumbered PPPoE lets you manage a range of IP addresses and dial only once Type Boolean true false local ipv4 address Local tunnel IP address or Auto for automatic Type An IP address or auto name Connection name Type A string that contains A Z 0 9 _ and space characters password Password for PPP co...

Страница 485: ...capsulation type for the ADSL connection Options llc vcmux interface Interface name Type Press TAB to see available options name Connection name Type A string that contains A Z 0 9 _ and space characters type Connection type Type Press TAB to see available options vci VCI value for the ADSL connection Type A number between 0 and 65535 vlan id VLAN ID Type A number with no fractional part integer v...

Страница 486: ...TP and l2TP Type IP address dns primary First DNS server IP address Type IP address dns secondary Second DNS server IP address Type IP address dns tertiary Third DNS server IP address Type IP address encapsulation Encapsulation type for the ADSL connection Options llc vcmux interface Interface name Type Press TAB to see available options ipv4 address IP address field for static IP and bridge setti...

Страница 487: ...tion is unnumbered pppoe is unnumbered pppoe local ipv4 address local ipv4 address vci vci vpi vpi encapsulation encapsulation vci vci vpi vpi use connection as vlan vlan id vlan id conn test timeout conn test timeout Parameters Parameter Description conn test timeout Connection test timeout Type A number with no fractional part integer encapsulation Encapsulation type for the ADSL connection Opti...

Страница 488: ...s but a single or double quote like characters Usually username ISP vci VCI value for the ADSL connection Type A number between 0 and 65535 vlan id VLAN ID Type A number with no fractional part integer vpi VPI value for the ADSL connection Type A number between 0 and 255 DMZ Syntax for DHCP add internet connection name name interface DMZ type dhcp Parameters Parameter Description conn test timeout...

Страница 489: ...ary dns primary dns secondary dns secondary dns tertiary dns tertiary use connection as vlan vlan id vlan id conn test timeout conn test timeout Parameters Parameter Description conn test timeout Connection test timeout Type A number with no fractional part integer interface Interface name Type Press TAB to see available options default gw WAN default gateway in the advanced section of PPTP and l2...

Страница 490: ...me local ipv4 address local ipv4 address wan ipv4 address wan ipv4 address wan mask length wan mask length add internet connection name name interface DMZ type l2tp server server password password username username local ipv4 address local ipv4 address wan ipv4 address wan ipv4 address wan subnet mask wan mask length default gw default gw is unnumbered pppoe is unnumbered pppoe local ipv4 address ...

Страница 491: ...rname User name for PPP connection settings Type A string that contains all printable characters but a single or double quote like characters Usually username ISP vlan id VLAN ID Type A number with no fractional part integer wan ipv4 address Wan IP address wrapper Type An IP address or auto wan mask length WAN subnet mask length Type A string that contains numbers only wan subnet mask WAN subnet m...

Страница 492: ... space characters password Password for PPP connection settings Type internetPassword password hash The hash of the user password Type passwordHash type Connection type Type Press TAB to see available options username User name for PPP connection settings Type A string that contains all printable characters but a single or double quote like characters Usually username ISP vlan id VLAN ID Type A nu...

Страница 493: ...ess TAB to see available options default gw WAN default gateway in the advanced section of PPTP and l2TP Type IP address dns primary First DNS server IP address Type IP address dns secondary Second DNS server IP address Type IP address dns tertiary Third DNS server IP address Type IP address encapsulation Encapsulation type for the ADSL connection Options llc vcmux ipv4 address IP address field fo...

Страница 494: ...e A subnet mask or 255 255 255 255 type Connection type Type Press TAB to see available options username User name for PPP connection settings Type A string that contains all printable characters but a single or double quote like characters Usually username ISP vci VCI value for the ADSL connection Type A number between 0 and 65535 vlan id VLAN ID Type A number with no fractional part integer vpi ...

Страница 495: ...rence Guide 495 Example add internet connection name My connection interface WAN true vlan id 1000000 type static ipv4 address 192 168 1 1 subnet mask 255 255 255 0 default gw 192 168 1 1 dns primary 192 168 1 1 dns secondary 192 168 1 1 dns tertiary 192 168 1 1 conn test timeout 1000000 ...

Страница 496: ... typeanalog use serial porttrue number number username username password password flow control flow control port speed port speed conn test timeout conn test timeout add internet connection name name typecellular number number conn test timeout conn test timeout name name apn apn username username password hash password hash add internet connection name name typecellular number number conn test ti...

Страница 497: ...400 57600 115200 230400 type Connection type Type Press TAB to see available options use serial port Use serial port Type Boolean true false username User name for PPP connection settings Type A string that contains all printable characters but a single or double quote like characters Usually username ISP Example add internet connection type analog use serial port true number 758996 username MyUse...

Страница 498: ...delete internet connection SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 498 delete internet connection Deletes an existing internet connection or internet connection related configuration ...

Страница 499: ... delete internet connection Description Deletes an existing internet connection by name Syntax delete internet connection name Parameters Parameter Description name Connection name Type A string that contains A Z 0 9 _ and space characters Example delete internet connection My connection ...

Страница 500: ...ernet connection s ping servers configured for connection health monitoring Syntax delete internet connection name probe icmp servers first second third Parameters Parameter Description name Connection name Type A string that contains A Z 0 9 _ and space characters Example delete internet connection My connection probe icmp servers first second third ...

Страница 501: ...ppliance Series R80 20 05 CLI Reference Guide 501 delete internet connections Description Deletes all existing internet connections Syntax delete internet connections Parameters Parameter Description n a Example delete internet connections ...

Страница 502: ...set internet connection SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 502 set internet connection Configures internet connections settings ...

Страница 503: ...n Disable auto negotiation and manually define negotiation link speed Options on off link speed Link speed Options 100 full 100 half 10 full 10 half mac addr Default mac address wrapper Type A MAC address or default mtu MTU size Select default for default value Type A string of alphanumeric characters without space between them name Connection name Type A string that contains A Z 0 9 _ and space c...

Страница 504: ... internet connection Syntax set internet connection name connect on demand connect on demand Parameters Parameter Description connect on demand Holds the status of the connect on demand feature Type Boolean true false name Connection name Type A string that contains A Z 0 9 _ and space characters Example set internet connection My connection connect on demand true ...

Страница 505: ... Enable Disable an existing internet connection Syntax set internet connection name enable disable Parameters Parameter Description name Connection name Type A string that contains A Z 0 9 _ and space characters state Connection enabled disabled Type Boolean true false Example set internet connection My connection true ...

Страница 506: ...nd when managed using an LSM profile Syntax set internet connection name qos download true bandwidth bandwidth false Parameters Parameter Description bandwidth ISP download bandwidth Type A number with no fractional part integer name Connection name Type A string that contains A Z 0 9 _ and space characters qos download Enable QoS quality of service restriction on inbound traffic download Type Boo...

Страница 507: ...ode and when managed using an LSM profile Syntax set internet connection name qos upload true bandwidth bandwidth false Parameters Parameter Description bandwidth ISP upload bandwidth Type A number with no fractional part integer name Connection name Type A string that contains A Z 0 9 _ and space characters qos upload Enable QoS quality of service restriction on outbound traffic upload Type Boole...

Страница 508: ...e hide NAT from a specific internet connection Syntax set internet connection name disable nat disable nat Parameters Parameter Description disable nat Disable NAT Network Address Translation for traffic going through this Internet connection Type Boolean true false name Connection name Type A string that contains A Z 0 9 _ and space characters Example set internet connection My connection disable...

Страница 509: ...balancing weight load balancing weight Parameters Parameter Description ha priority Priority of the connection in HA Type A number with no fractional part integer load balancing weight Internet connection weight for load balancing configuration Type A number with no fractional part integer name Connection name Type A string that contains A Z 0 9 _ and space characters Example set internet connecti...

Страница 510: ...ic through manual dynamic routing rules Syntax set internet connection name route traffic through default gateway route traffic through default gateway Parameters Parameter Description name Connection name Type A string that contains A Z 0 9 _ and space characters route traffic through default gateway In order to route traffic through this connection you need to add specific routes through it Type...

Страница 511: ... dns primary dns primary dns secondary dns secondary dns tertiary dns tertiary l2tp username username password password password hash password hash local ipv4 address local ipv4 address is unnumbered pppoe is unnumbered pppoe server server local ipv4 address local ipv4 address wan ipv4 address wan ipv4 address wan subnet mask wan subnet mask wan mask length wan mask length default gw default gw Pa...

Страница 512: ...f the user password Type passwordHash server Server IP address Type IP address subnet mask Subnet mask Type A subnet mask or 255 255 255 255 type Connection type Type Press TAB to see available options username User name for PPP connection settings Type A string that contains all printable characters but a single or double quote like characters Usually username ISP wan ipv4 address Wan IP address ...

Страница 513: ...d pppoe Unnumbered PPPoE lets you manage a range of IP addresses and dial only once Type Boolean true false local ipv4 address Local tunnel IP address or Auto for automatic Type An IP address or auto name Connection name Type A string that contains A Z 0 9 _ and space characters password Password for PPP connection or cellular modem settings Type internetPassword password hash The hash of the user...

Страница 514: ...4 Parameter Description vpi VPI value for the ADSL connection Type A number between 0 and 255 Example set internet connection My connection type pppoe username MyUsername MyISP password internetPassword local ipv4 address auto is unnumbered pppoe true vpi 42 vci 42 encapsulation llc ...

Страница 515: ...default gw standard standard Parameters Parameter Description default gw WAN default gateway in the advanced section of PPTP and l2TP Type IP address encapsulation Encapsulation for the ADSL connection Options llc vcmux idle time Disconnect idle time Type A number with no fractional part integer method Authentication method Options auto pap chap name Connection name Type A string that contains A Z...

Страница 516: ...address Wan IP address wrapper Type An IP address or auto wan mask length WAN subnet mask length Type A string that contains numbers only wan subnet mask WAN subnet mask in the advanced section Type Subnet mask Example set internet connection My connection type pppoa method auto idle time 1000000 standard multimode ...

Страница 517: ...lan vlan id vlan id vpi vpi vci vci encapsulation encapsulation ipoe static ipv4 address ipv4 address subnet mask subnet mask mask length mask length default gw default gw dns primary dns primary dns secondary dns secondary dns tertiary dns tertiary use connection as vlan vlan id vlan id vpi vpi vci vci encapsulation encapsulation Parameters Parameter Description default gw Default gateway Type IP...

Страница 518: ... auto pap chap name Connection name Type A string that contains A Z 0 9 _ and space characters password Password for PPP connection settings Type internetPassword password hash The hash of the user password Type passwordHash standard The ADSL standard to use Options multimode t1413 glite gdmt adsl2 adsl2 subnet mask Subnet mask Type A subnet mask or 255 255 255 255 type Connection type Type Press ...

Страница 519: ...tional part integer vpi VPI value for the ADSL connection Type A number between 0 and 255 Example set internet connection My connection type pppoe username MyUsername MyISP password internetPassword true vlan id 1000000 local ipv4 address auto is unnumbered pppoe true vpi 42 vci 42 encapsulation llc method auto idle time 1000000 standard multimode ...

Страница 520: ...at contains A Z 0 9 _ and space characters number Dialed number of the cellular modem settings Type A sequence of numbers and characters password Password for PPP connection or cellular modem settings Type internetPassword password hash The hash of the user password Type passwordHash type Connection type Type Press TAB to see available options username User name for PPP connection or cellular mode...

Страница 521: ...method Parameters Parameter Description name Connection name Type A string that contains A Z 0 9 _ and space characters probe next hop Automatically detect loss of connectivity to the default gateway Type Boolean true false probe servers Monitor connection state by sending probe packets to one or more servers on the Internet Type Boolean true false probing method Connection probing method Options ...

Страница 522: ...the probing method when using connection monitoring Type An IP address or host name name Connection name Type A string that contains A Z 0 9 _ and space characters probing method Connection probing method Options icmp dns second Second IP address for the probing method when using connection monitoring Type An IP address or host name third Third IP address for the probing method when using connecti...

Страница 523: ...show internet connection SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 523 show internet connection Shows configuration and details of defined internet connections ...

Страница 524: ...nternet connection Description Shows configuration and details of a defined internet connection Syntax show internet connection name Parameters Parameter Description name Connection name Type A string that contains A Z 0 9 _ and space characters Example show internet connection My connection ...

Страница 525: ...cription Shows configured ping servers for health monitoring of defined internet connection Syntax show internet connection name icmp servers Parameters Parameter Description name Connection name Type A string that contains A Z 0 9 _ and space characters Example show internet connection My connection icmp servers ...

Страница 526: ...e Series R80 20 05 CLI Reference Guide 526 show internet connections Description Shows details and configuration of all internet connections Syntax show internet connections Parameters Parameter Description n a Example show internet connections ...

Страница 527: ...0 20 05 CLI Reference Guide 527 show internet connections table Description Shows details and configuration of all internet connections in a table Syntax show internet connections table Parameters Parameter Description n a Example show internet connections table ...

Страница 528: ...te internet connection bond Description Delete a link aggregation bond between two or more interfaces WAN Syntax delete internet connection bond name Parameters Parameter Description name Connection name Type A string that contains A Z 0 9 _ and space characters Example delete internet connection bond My connection ...

Страница 529: ...ter Description bond hash policy The bond hash policy Options layer2 layer2_3 layer3_4 bond master The bond Master port Type A string that contains A Z 0 9 _ and characters bond mii interval The bond MII interval Type A number with no fractional part integer bond mode The bond operation mode policy Options 802 3ad round robin xor high availability name Connection name Type A string that contains A...

Страница 530: ...d between two or more interfaces WAN Syntax set internet connection bond name add member add member Parameters Parameter Description add member bondPort1 Type Type A string that contains A Z 0 9 _ and characters name Connection name Type A string that contains A Z 0 9 _ and space characters Example set internet connection bond My connection add member My_Network ...

Страница 531: ...wo or more interfaces WAN Syntax set internet connection bond name remove member remove member Parameters Parameter Description name Connection name Type A string that contains A Z 0 9 _ and space characters remove member List of interfaces that are part of the WAN link aggregation Bond Type String Example set internet connection bond My connection remove member My_Network ...

Страница 532: ...et connection bond Description Show the link aggregation bond between two or more interfaces WAN Syntax show internet connection bond name Parameters Parameter Description name Connection name Type A string that contains A Z 0 9 _ and space characters Example show internet connection bond My connection ...

Страница 533: ... R80 20 05 CLI Reference Guide 533 show internet connections bond Description Show the link aggregations bond between two or more interfaces WAN Syntax show internet connections bond Parameters Parameter Description n a Example show internet connections bond ...

Страница 534: ...internet mode SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 534 internet mode ...

Страница 535: ...ill be distributed automatically across the defined active Internet connections according to the configured load balancing weights or use the default High Availability behavior based on priorities of each internet connection Syntax set internet mode load balancing high availability Parameters Parameter Description lb mode The load balancing mode Options on off Example set internet mode on ...

Страница 536: ...e Series R80 20 05 CLI Reference Guide 536 show internet mode Description Shows multiple internet connections mode High Availability or Load Sharing Syntax show internet mode Parameters Parameter Description n a Example show internet mode ...

Страница 537: ...ip fragments params SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 537 ip fragments params ...

Страница 538: ...set ip fragments params SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 538 set ip fragments params Configures how the appliance handles IP fragments ...

Страница 539: ...ference Guide 539 set ip fragments params Description Configures how the appliance handles IP fragments Syntax set ip fragments params advanced settings minsize minsize Parameters Parameter Description n a Example set ip fragments params advanced settings minsize 150 ...

Страница 540: ...the appliance handles IP fragments Syntax set ip fragments params advanced settings config track track limit limit advanced state advanced state timeout timeout pkt cap pkt cap Parameters Parameter Description n a Example set ip fragments params advanced settings config track none limit 150 advanced state forbid timeout 15 pkt cap true ...

Страница 541: ...R80 20 05 CLI Reference Guide 541 show ip fragments params Description Shows configuration of IP fragments handling Syntax show ip fragments params advanced settings Parameters Parameter Description n a Example show ip fragments params advanced settings ...

Страница 542: ...ipv6 state SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 542 ipv6 state ...

Страница 543: ...tate SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 543 set ipv6 state Description Enable the IPv6 mode of the appliance Syntax set ipv6 state Parameters Parameter Description n a Example set ipv6 state ...

Страница 544: ... Appliance Series R80 20 05 CLI Reference Guide 544 show ipv6 state Description Show if the IPv6 mode of the appliance is enabled or disabled Syntax show ipv6 state Parameters Parameter Description n a Example show ipv6 state ...

Страница 545: ...license SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 545 license ...

Страница 546: ...eter n User Center at Check Point n USB device There is an option to specify the file name with the file_name parameter Syntax fetch license local file file_name usercenter usb file file_ name Parameters Parameter Description file_name Name of the file that contains the license Return Value 0 on success 1 on failure Example fetch license usb file LicenseFile xml Output Success shows OK Failure sho...

Страница 547: ...B 1500 Appliance Series R80 20 05 CLI Reference Guide 547 show license Description Shows current license state Syntax show license Parameters Parameter Description n a Example show license Output Current license state ...

Страница 548: ...local group SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 548 local group ...

Страница 549: ...arameter Description comments Comments Type A string that contains less than 257 characters of this set 0 9 a z or name Local group name Type A string that begins with a letter and contain up to 32 alphanumeric 0 9 a z _ characters without spaces remote access on Indicates if the users group have remote access permissions Type Boolean true false Example add local group name myObject_17 comments Th...

Страница 550: ...delete local group SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 550 delete local group Deletes an existing group object for user objects ...

Страница 551: ...letes an existing group object for user objects by group object name Syntax delete local group name name Parameters Parameter Description name Local group name Type A string that begins with a letter and contain up to 32 alphanumeric 0 9 a z _ characters without spaces Example delete local group name myObject_17 ...

Страница 552: ...ppliance Series R80 20 05 CLI Reference Guide 552 delete local group Description Deletes all existing group objects for user objects Syntax delete local group all Parameters Parameter Description n a Example delete local group all ...

Страница 553: ...set local group SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 553 set local group Configures an existing user group object ...

Страница 554: ... less than 257 characters of this set 0 9 a z or name Local group name Type A string that begins with a letter and contain up to 32 alphanumeric 0 9 a z _ characters without spaces new name Local group name Type A string that begins with a letter and contain up to 32 alphanumeric 0 9 a z _ characters without spaces remote access on Indicates if the users group have remote access permissions Type B...

Страница 555: ... in this group have VPN remote access privileges Syntax set local group name name add bookmark label bookmark label Parameters Parameter Description bookmark label Text for the bookmark in the SSL Network Extender portal name Local group name Type A string that begins with a letter and contain up to 32 alphanumeric 0 9 a z _ characters without spaces Example set local group name myObject_17 add bo...

Страница 556: ...s in this group have VPN remote access privileges Syntax set local group name name remove bookmark label bookmark label Parameters Parameter Description bookmark label Text for the bookmark in the SSL Network Extender portal name Local group name Type A string that begins with a letter and contain up to 32 alphanumeric 0 9 a z _ characters without spaces Example set local group name myObject_17 re...

Страница 557: ... Description Shows the content of a user group object Syntax show local group name name Parameters Parameter Description name Local group name Type A string that begins with a letter and contain up to 32 alphanumeric 0 9 a z _ characters without spaces Example show local group name myObject_17 ...

Страница 558: ...MB 1500 Appliance Series R80 20 05 CLI Reference Guide 558 show local groups Description Shows the content of all user group objects Syntax show local groups Parameters Parameter Description n a Example show local groups ...

Страница 559: ...set local group users SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 559 set local group users Configures an existing user group object ...

Страница 560: ...roup object Syntax set local group users name name add user name user name Parameters Parameter Description name Local group name Type A string that begins with a letter and contain up to 32 alphanumeric 0 9 a z _ characters without spaces user name User s name in the local database Example set local group users name myObject_17 add user name admin ...

Страница 561: ...roup object Syntax set local group users name name remove user name user name Parameters Parameter Description name Local group name Type A string that begins with a letter and contain up to 32 alphanumeric 0 9 a z _ characters without spaces user name User s name in the local database Example set local group users name myObject_17 remove user name admin ...

Страница 562: ...local user SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 562 local user ...

Страница 563: ...haracters of this set 0 9 a z or expiration date Expiration date for a temporary user in format yyyy mm dd Type A date format yyyy mm dd expiration time Expiration time for a temporary user in format HH MM Type A time format hh mm is temp user Indicates if the user entry is temporary Type Boolean true false name User s name in the local database Type A string that contains 0 9 a z up to 64 charact...

Страница 564: ...ance Series R80 20 05 CLI Reference Guide 564 Example add local user name admin password hash TZXPLs20bN0RA comments This is a comment remote access always on true is temp user true expiration date 2000 01 01 expiration time 23 20 ...

Страница 565: ...delete local user SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 565 delete local user Deletes an existing locally defined user object ...

Страница 566: ...user Description Deletes an existing locally defined user object by user name Syntax delete local user name name Parameters Parameter Description name User s name in the local database Type A string that contains 0 9 a z up to 64 characters without spaces Example delete local user name admin ...

Страница 567: ...ance Series R80 20 05 CLI Reference Guide 567 delete local user Description Deletes all existing locally defined user objects by user name Syntax delete local user all Parameters Parameter Description n a Example delete local user all ...

Страница 568: ...set local user SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 568 set local user Configures an existing user object ...

Страница 569: ...porary user in format yyyy mm dd Type A date format yyyy mm dd expiration time Expiration time for a temporary user in format HH MM Type A time format hh mm is temp user Indicates if the user entry is temporary Type Boolean true false name User s name in the local database Type A string that contains 0 9 a z up to 64 characters without spaces new name User s name in the local database Type A strin...

Страница 570: ...ries R80 20 05 CLI Reference Guide 570 Example set local user name admin new name admin password hash TZXPLs20bN0RA comments This is a comment remote access always on true is temp user true expiration date 2000 01 01 expiration time 23 20 ...

Страница 571: ... only if the user has VPN remote access privileges Syntax set local user name name add bookmark label bookmark label Parameters Parameter Description bookmark label Text for the bookmark in the SSL Network Extender portal name User s name in the local database Type A string that contains 0 9 a z up to 64 characters without spaces Example set local user name admin add bookmark label myLabel ...

Страница 572: ...t only if the user has VPN remote access privileges Syntax set local user name name remove bookmark label bookmark label Parameters Parameter Description bookmark label Text for the bookmark in the SSL Network Extender portal name User s name in the local database Type A string that contains 0 9 a z up to 64 characters without spaces Example set local user name admin remove bookmark label myLabel ...

Страница 573: ...local user Description Shows the configuration of a locally defined user Syntax show local user name name Parameters Parameter Description name User s name in the local database Type A string that contains 0 9 a z up to 64 characters without spaces Example show local user name admin ...

Страница 574: ...users SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 574 show local users Description Shows all locally defined users Syntax show local users Parameters Parameter Description n a Example show local users ...

Страница 575: ...local users expired SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 575 local users expired ...

Страница 576: ...ries R80 20 05 CLI Reference Guide 576 delete local users expired Description Deletes all expired locally defined user objects from the database Syntax delete local users expired Parameters Parameter Description n a Example delete local users expired ...

Страница 577: ...00 Appliance Series R80 20 05 CLI Reference Guide 577 show local users expired Description Shows all expired locally defined users Syntax show local users expired Parameters Parameter Description n a Example show local users expired ...

Страница 578: ...ogs SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 578 show logs Description Shows system and kernel logs Syntax show logs system kernel Parameters Parameter Description n a Example show logs kernel ...

Страница 579: ...log servers configuration SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 579 log servers configuration ...

Страница 580: ...g server is active Type Boolean true false log server ip addr This IP address is used if the log server is not located on the Security Management Server Type IP address mgmt server ip addr This IP address is used for establishing trusted communication between the Check Point Appliance and the log server Type IP address one time password SIC one time password Type A string that contains alphanumeri...

Страница 581: ...liance Series R80 20 05 CLI Reference Guide 581 show log servers configuration Description Shows external log server configuration Syntax show log servers configuration Parameters Parameter Description n a Example show log servers configuration ...

Страница 582: ...tion Connect to Management as a Service MaaS to manage policy log analysis and reporting log retention Syntax connect maas auth token auth token Parameters Parameter Description auth token Authentication token is used for connecting to MAAS Type base64 Example connect maas auth token base64 ...

Страница 583: ...I Reference Guide 583 set maas Description Configure the settings for Management as a Service MaaS Syntax set maas mode mode Parameters Parameter Description mode Connection to MAAS mode Options enable disable stop using Example set maas mode enable ...

Страница 584: ...aas SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 584 show maas Description Show if connected to Management as a Service MaaS Syntax show maas Parameters Parameter Description n a Example show maas ...

Страница 585: ...mac filtering list SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 585 mac filtering list ...

Страница 586: ...86 add mac filtering list Description Add a MAC address to the list of addresses allowed to access LAN DMZ networks Syntax add mac filtering list mac mac Parameters Parameter Description mac MAC address to allow Type MAC address Example add mac filtering list mac 00 1C 7F 21 05 BE ...

Страница 587: ...lete mac filtering list Description Delete a MAC address from the list of addresses allowed to access LAN DMZ networks Syntax delete mac filtering list mac mac Parameters Parameter Description mac MAC address to allow Type MAC address Example delete mac filtering list mac 00 1C 7F 21 05 BE ...

Страница 588: ... Series R80 20 05 CLI Reference Guide 588 show mac filtering list Description Show the MAC addresses that are allowed to access LAN DMZ networks Syntax show mac filtering list Parameters Parameter Description n a Example show mac filtering list ...

Страница 589: ...mac filtering settings SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 589 mac filtering settings ...

Страница 590: ...set mac filtering settings SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 590 set mac filtering settings Configure the settings for MAC filtering ...

Страница 591: ...LI Reference Guide 591 set mac filtering settings Description Configure the settings for MAC filtering Syntax set mac filtering settings state state Parameters Parameter Description state MAC filtering state Options on off Example set mac filtering settings state on ...

Страница 592: ...Guide 592 set mac filtering settings Description Configure the settings for MAC filtering Syntax set mac filtering settings advanced settings log activation log activation Parameters Parameter Description n a Example set mac filtering settings advanced settings log activation on ...

Страница 593: ...Guide 593 set mac filtering settings Description Configure the settings for MAC filtering Syntax set mac filtering settings advanced settings log interval log interval Parameters Parameter Description n a Example set mac filtering settings advanced settings log interval 1000000 ...

Страница 594: ...show mac filtering settings SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 594 show mac filtering settings Show the settings for MAC filtering ...

Страница 595: ...0 Appliance Series R80 20 05 CLI Reference Guide 595 show mac filtering settings Description Show the settings for MAC filtering Syntax show mac filtering settings Parameters Parameter Description n a Example show mac filtering settings ...

Страница 596: ... 20 05 CLI Reference Guide 596 show mac filtering settings Description Show the advanced settings for MAC filtering Syntax show mac filtering settings advanced settings Parameters Parameter Description n a Example show mac filtering settings advanced settings ...

Страница 597: ...scription Configure settings for a mobile device In this case for when the pairing code expires Syntax set mobile settings advanced settings pairing code expiration pairing code expiration Parameters Parameter Description n a Example set mobile settings advanced settings pairing code expiration 1000000 ...

Страница 598: ...ce Guide 598 set mobile settings Description Configure settings for a mobile device Syntax set mobile settings advanced settings not cloud server not cloud server Parameters Parameter Description n a Example set mobile settings advanced settings not cloud server urlv6 ...

Страница 599: ...80 20 05 CLI Reference Guide 599 show mobile settings Description Show configured advanced settings for a mobile device Syntax show mobile settings advanced settings Parameters Parameter Description n a Example show mobile settings advanced settings ...

Страница 600: ...de 600 mobile device revoke mobile device Description Remove mobile device from the list of associated devices Syntax revoke mobile device id id Parameters Parameter Description id id Type A number with no fractional part Integer Example revoke mobile device id 1000000 ...

Страница 601: ...mobile settings SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 601 mobile settings These commands are relevant for mobile settings ...

Страница 602: ...or a mobile device In this case for when the pairing code expires Syntax set mobile settings advanced settings pairing code expiration pairing code expiration Parameters Parameter Description pairing code expiration Number of hours until the pairing code expires Example set mobile settings advanced settings pairing code expiration 1 ...

Страница 603: ...onfigure settings for a mobile device Syntax set mobile settings advanced settings not cloud server not cloud server Parameters Parameter Description not cloud server Notification server URL URL for the cloud service that pushes the notifications Example set mobile settings advanced settings not cloud server urlv6 ...

Страница 604: ...80 20 05 CLI Reference Guide 604 show mobile settings Description Show configured advanced settings for a mobile device Syntax show mobile settings advanced settings Parameters Parameter Description n a Example show mobile settings advanced settings ...

Страница 605: ...rator name administrator name Parameters Parameter Description administrator name Administrator Name Type A string that contains A Z 0 9 and _ characters Example add mobile invitation administrator name admin show mobile invitation Description Show which mobile devices are connected Syntax show mobile invitation id id Parameters Parameter Description id id Type A number with no fractional part Int...

Страница 606: ...mobile invitation SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 606 Example show mobile invitation id 1000000 ...

Страница 607: ...ies R80 20 05 CLI Reference Guide 607 mobile push notification show mobile push notification Description Show mobile push notifications Syntax show mobile push notifications Parameters Parameter Description n a Example show mobile push notifications ...

Страница 608: ...monitor mode network SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 608 monitor mode network ...

Страница 609: ...ogy One of the options is a manual configuration of this topology using this command Syntax add monitor mode network ipv4 address ipv4 address subnet mask subnet mask Parameters Parameter Description ipv4 address Indicates a network IP address that will be recognized as Internal Type IP address subnet mask Network subnet mask Type A subnet mask or 255 255 255 255 Example add monitor mode network i...

Страница 610: ...IP addresses that determine the local networks in monitor mode when not working in automatic detection mode Syntax delete monitor mode network ipv4 address ipv4 address Parameters Parameter Description ipv4 address Indicates a network IP address that will be recognized as Internal Type IP address Example delete monitor mode network ipv4 address 192 168 1 1 ...

Страница 611: ...e interface inspection Syntax set monitor mode network ipv4 address ipv4 address ipv4 address ipv4 address subnet mask subnet mask Parameters Parameter Description ipv4 address Indicates a network IP address that will be recognized as Internal Type IP address subnet mask Network subnet mask Type A subnet mask or 255 255 255 255 Example set monitor mode network ipv4 address 192 168 1 1 ipv4 address...

Страница 612: ...ies R80 20 05 CLI Reference Guide 612 show monitor mode networks Description Shows manually defined local networks for monitor mode configuration Syntax show monitor mode networks Parameters Parameter Description n a Example show monitor mode networks ...

Страница 613: ...monitor mode configuration SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 613 monitor mode configuration ...

Страница 614: ...ction Determines if locally managed networks will be automatically detected or manually configured Syntax set monitor mode configuration use defined networks use defined networks Parameters Parameter Description use defined networks Indicates if user defined internal networks are used for Monitor mode Type Boolean true false Example set monitor mode configuration use defined networks true ...

Страница 615: ...e Series R80 20 05 CLI Reference Guide 615 show monitor mode configuration Description Shows monitor mode configuration for interfaces Syntax show monitor mode configuration Parameters Parameter Description n a Example show monitor mode configuration ...

Страница 616: ...message SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 616 message ...

Страница 617: ...essage type on off line msgvalue msgvalue Parameters Parameter Description msgvalue Indicates the banner messages text Type virtual status Indicates if a banner message for SSH login will appear Type Boolean true false type Indicates the type of the message only banner supported Options motd banner caption Example set message motd true line msgvalue My Banner message ...

Страница 618: ...show message SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 618 show message Shows banner message for the ssh login ...

Страница 619: ...eference Guide 619 show message Description Shows banner message for the ssh login Syntax show message type Parameters Parameter Description type Indicates the type of the message only banner supported Options motd banner caption Example show message motd ...

Страница 620: ...Reference Guide 620 show memory usage Description Shows the amount of memory that is being used Syntax show memory usage Parameters Parameter Description n a Example show memory usage Output Success shows used memory Failure shows an appropriate error message ...

Страница 621: ...nat SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 621 nat ...

Страница 622: ...set nat SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 622 set nat Configures general NAT policy settings ...

Страница 623: ...ll be hidden by default behind the external IP addresses of the gateway Syntax set nat hide internal networks hide internal networks Parameters Parameter Description hide internal networks Hide internal networks behind the Gateway s external IP address Type Boolean true false Example set nat hide internal networks true ...

Страница 624: ...uide 624 set nat Description Configures advanced NAT policy settings Syntax set nat advanced settings nat destination client side nat destination client side Parameters Parameter Description n a Example set nat advanced settings nat destination client side true ...

Страница 625: ...05 CLI Reference Guide 625 set nat Description Configures advanced NAT policy settings Syntax set nat advanced settings arp proxy merge arp proxy merge Parameters Parameter Description n a Example set nat advanced settings arp proxy merge true ...

Страница 626: ...20 05 CLI Reference Guide 626 set nat Description Configures advanced NAT policy settings Syntax set nat advanced settings address trans address trans Parameters Parameter Description n a Example set nat advanced settings address trans true ...

Страница 627: ...CLI Reference Guide 627 set nat Description Configures advanced NAT policy settings Syntax set nat advanced settings nat automatic arp nat automatic arp Parameters Parameter Description n a Example set nat advanced settings nat automatic arp true ...

Страница 628: ...t nat Description Configures advanced NAT policy settings Syntax set nat advanced settings nat destination client side manual nat destination client side manual Parameters Parameter Description n a Example set nat advanced settings nat destination client side manual true ...

Страница 629: ...20 05 CLI Reference Guide 629 set nat Description Configures advanced NAT policy settings Syntax set nat advanced settings nat hash size nat hash size Parameters Parameter Description n a Example set nat advanced settings nat hash size 1024 ...

Страница 630: ...ference Guide 630 set nat Description Configures advanced NAT policy settings Syntax set nat advanced settings nat cache num entries nat cache num entries Parameters Parameter Description n a Example set nat advanced settings nat cache num entries 100 ...

Страница 631: ...s R80 20 05 CLI Reference Guide 631 set nat Description Configures advanced NAT policy settings Syntax set nat advanced settings nat limit nat limit Parameters Parameter Description n a Example set nat advanced settings nat limit 100 ...

Страница 632: ...rence Guide 632 set nat Description Configures advanced NAT policy settings Syntax set nat advanced settings increase hide capacity increase hide capacity Parameters Parameter Description n a Example set nat advanced settings increase hide capacity true ...

Страница 633: ...Reference Guide 633 set nat Description Configures advanced NAT policy settings Syntax set nat advanced settings nat cache expiration nat cache expiration Parameters Parameter Description n a Example set nat advanced settings nat cache expiration 100 ...

Страница 634: ...e Guide 634 set nat Description Configures advanced NAT policy settings Syntax set nat advanced settings perform cluster hide fold perform cluster hide fold Parameters Parameter Description n a Example set nat advanced settings perform cluster hide fold true ...

Страница 635: ...2Gw ip pool gw2Gw ip pool unused return interval ip pool unused return interval log ip pool allocation log ip pool allocation ip pool mode ip pool mode ip pool alloc per destination ip pool alloc per destination Parameters Parameter Description n a Example set nat advanced settings ip pool nat ip pool securemote true ip pool log none ip pool per interface true ip pool override hide true ip pool gw...

Страница 636: ...show nat SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 636 show nat Shows NAT policy ...

Страница 637: ...show nat SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 637 show nat Description Shows NAT policy Syntax show nat Parameters Parameter Description n a Example show nat ...

Страница 638: ...0 Appliance Series R80 20 05 CLI Reference Guide 638 show nat Description Shows advanced settings for NAT policy Syntax show nat advanced settings Parameters Parameter Description n a Example show nat advanced settings ...

Страница 639: ...nat rule SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 639 nat rule ...

Страница 640: ...me Parameters Parameter Description comment Comment for manual NAT rule Type A string that contains less than 257 characters of this set 0 9 a z or enable arp proxy The gateway will reply to ARP requests sent to the original destination s IP address Does not apply to IP ranges networks Type Boolean true false hide sources Hide multiple sources behind the translated source addresses Type Boolean tr...

Страница 641: ...nslated destination Translated destination of rule translated service Translated service of rule translated source Translated source of rule Example add nat rule original source TEXT original destination TEXT original service TEXT translated source TEXT translated destination TEXT translated service TEXT comment This is a comment hide sources true enable arp proxy true position 2 name word ...

Страница 642: ...ce Guide 642 delete nat rule Description Deletes a manually configured NAT rule by name Syntax delete nat rule name name Parameters Parameter Description name name Type A string of alphanumeric characters without space between them Example delete nat rule name word ...

Страница 643: ...tion below position below name name disabled disabled Parameters Parameter Description comment Comment for manual NAT rule Type A string that contains less than 257 characters of this set 0 9 a z or disabled Indicates if rule is disabled Type Boolean true false enable arp proxy The gateway will reply to ARP requests sent to the original destination s IP address Does not apply to IP ranges networks...

Страница 644: ... order of the rule in comparison to other manual rules Type Decimal number translated destination Translated destination of rule translated service Translated service of rule translated source Translated source of rule Example set nat rule name word original source TEXT original destination TEXT original service TEXT translated source TEXT translated destination TEXT translated service TEXT commen...

Страница 645: ...eference Guide 645 show nat rule Description Shows the name or position of a specific NAT rule Includes auto generated rules Syntax show nat rule name name show nat rule position position Parameters Parameter Description n a Example show nat rule name word ...

Страница 646: ...ance Series R80 20 05 CLI Reference Guide 646 show nat rules Description Shows configuration of all manually and auto generated NAT rules Syntax show nat rules Parameters Parameter Description n a Example show nat rules position 2 ...

Страница 647: ...uide 647 show nat manual rules Description Shows configuration of manual NAT rules by name or position Syntax show nat manual rules name name show nat manual rules position Parameters Parameter Description name Rule name position Rule position Example show nat rule name word ...

Страница 648: ...nat rule position SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 648 nat rule position ...

Страница 649: ...9 delete nat rule position Description Deletes a manually configured NAT rule by position Syntax delete nat rule position position Parameters Parameter Description position The order of the rule in comparison to other manual rules Type Decimal number Example delete nat rule position 2 ...

Страница 650: ...tion above position below position below name name disabled disabled Parameters Parameter Description comment Comment for manual NAT rule Type A string that contains less than 257 characters of this set 0 9 a z or disabled Indicates if rule is disabled Type Boolean true false enable arp proxy The gateway will reply to ARP requests sent to the original destination s IP address Does not apply to IP ...

Страница 651: ... The order of the rule in comparison to other manual rules Type Decimal number translated destination Translated destination of rule translated service Translated service of rule translated source Translated source of rule Example set nat rule position 2 original source TEXT original destination TEXT original service TEXT translated source TEXT translated destination TEXT translated service TEXT c...

Страница 652: ...netflow collector SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 652 netflow collector ...

Страница 653: ...ported to each defined collector Syntax add netflow collector ip ip port port export format export format srcaddr srcaddr is enabled is enabled Parameters Parameter Description export format Export format Options Netflow_V9 Netflow_V5 ip IP address Type IP address is enabled Indicates if netflow is enabled Type Boolean true false port UDP port Type Port number srcaddr Source IP address Type IP add...

Страница 654: ...tflow collector Description Deletes an existing Netflow collector object by IP address and port Syntax delete netflow collector ip ip port port Parameters Parameter Description ip IP address Type IP address port UDP port Type Port number Example delete netflow collector ip 192 168 1 1 port 8080 ...

Страница 655: ...is enabled is enabled Parameters Parameter Description export format Export format Options Netflow_V9 Netflow_V5 for ip IP address Type IP address for port UDP port Type Port number ip IP address Type IP address is enabled Indicates if netflow is enabled Type Boolean true false port UDP port Type Port number srcaddr Source IP address Type IP address Example set netflow collector for ip 192 168 1 1...

Страница 656: ... show netflow collector Description Shows configuration of a specific NetFlow collector Syntax show netflow collector ip ip port port Parameters Parameter Description ip IP address Type IP address port UDP port Type Port number Example show netflow collector ip 192 168 1 1 port 8080 ...

Страница 657: ... Appliance Series R80 20 05 CLI Reference Guide 657 show netflow collectors Description Shows configuration of all NetFlow collectors Syntax show netflow collectors Parameters Parameter Description n a Example show netflow collectors ...

Страница 658: ...network SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 658 network ...

Страница 659: ... network name name network ipv4 address network ipv4 address subnet mask subnet mask mask length mask length Parameters Parameter Description mask length Mask length name Network Object name Type String network ipv4 address Network address subnet mask IP mask used in the related network Example add network name TEXT network ipv4 address 172 16 10 0 subnet mask 255 255 255 0 ...

Страница 660: ...erence Guide 660 delete network Description Deletes an existing network address range object a network and a subnet mask by object name Syntax delete network name Parameters Parameter Description name Network Object name Type String Example delete network TEXT ...

Страница 661: ... name network ipv4 address network ipv4 address subnet mask subnet mask mask length mask length Parameters Parameter Description mask length Mask length name Network Object name Type String network ipv4 address Network address subnet mask IP mask used in the related network Example set network TEXT name TEXT network ipv4 address 172 16 10 0 subnet mask 255 255 255 0 ...

Страница 662: ... R80 20 05 CLI Reference Guide 662 show network Description Shows configuration of a specific IP address network object Syntax show network name Parameters Parameter Description name Network Object name Type String Example show network TEXT ...

Страница 663: ...B 1500 Appliance Series R80 20 05 CLI Reference Guide 663 show networks Description Shows configuration of all IP address network objects Syntax show networks Parameters Parameter Description n a Example show networks ...

Страница 664: ...og SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 664 show notifications log Description Show the notification logs Syntax show notifications log Parameters Parameter Description n a Example show notifications log ...

Страница 665: ...notifications policy SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 665 notifications policy These commands are relevant for notifications policy ...

Страница 666: ...Parameters Parameter Description send detailed push notifications Notification previews may contain information about your network Turning it off means that the security gateway removes this information from the push notification Type Boolean true false send push notifications Indicates whether notifications are sent to mobile application Type Boolean true false send cloud notifications Enable sen...

Страница 667: ...ns policy Description Configure the policy for sending notifications to the user Syntax set notifications policy advanced settings limit push notifications limit push notifications Parameters Parameter Description n a Example set notifications policy advanced settings limit push notifications 1000000 ...

Страница 668: ...tions policy Description Configure the policy for sending notifications to the user Syntax set notifications policy advanced settings send push notifications send push notifications Parameters Parameter Description n a Example set notifications policy advanced settings send push notifications true ...

Страница 669: ...ance Series R80 20 05 CLI Reference Guide 669 show notifications policy Description Show the policy for sending notifications to the user Syntax show notifications policy Parameters Parameter Description n a Example show notifications policy ...

Страница 670: ... 05 CLI Reference Guide 670 show notifications policy Description Show the policy for sending notifications to the user Syntax show notifications policy advanced settings Parameters Parameter Description n a Example show notifications policy advanced settings ...

Страница 671: ...ntp SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 671 ntp ...

Страница 672: ...set ntp SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 672 set ntp Configures NTP settings ...

Страница 673: ...local time zone local time zone auto adjust daylight saving auto adjust daylight saving Parameters Parameter Description auto adjust daylight saving Auto daylight Options on off local time zone Region on earth that has a uniform standard time Example set ntp local time zone GMT 11 00 Midway Island auto adjust daylight saving on ...

Страница 674: ... 05 CLI Reference Guide 674 set ntp Description Enables Disables NTP functionality Syntax set ntp active active Parameters Parameter Description active Region on earth that has a uniform standard time Options on off Example set ntp active on ...

Страница 675: ... set ntp Description Configures NTP settings Syntax set ntp interval interval Parameters Parameter Description interval Time interval minutes to update date and time settings from the NTP server Type A number with no fractional part integer Example set ntp interval 15 ...

Страница 676: ...on auth Authentication with NTP servers flag Type Press TAB to see available options secret Key string for authentication with the NTP servers Type A string that contains alphanumeric and special characters secret id Authentication key identifier Type A number with no fractional part Values are between 4 503 599 627 370 495 to 4 503 599 627 370 495 Example set ntp auth on secret id 455397 secret a...

Страница 677: ...show ntp SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 677 show ntp Description Shows NTP configuration Syntax show ntp Parameters Parameter Description n a Example show ntp ...

Страница 678: ...p active SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 678 show ntp active Description Shows NTP activation status Syntax show ntp active Parameters Parameter Description n a Example show ntp active ...

Страница 679: ...ntp server SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 679 ntp server ...

Страница 680: ...set ntp server SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 680 set ntp server Configures NTP server settings ...

Страница 681: ...ference Guide 681 set ntp server Description Configures primary NTP server s IP address Syntax set ntp server primary primary Parameters Parameter Description primary Primary NTP server Type An IP address or host name Example set ntp server primary myHost com ...

Страница 682: ...e Guide 682 set ntp server Description Configures secondary NTP server s IP address Syntax set ntp server secondary secondary Parameters Parameter Description secondary Secondary NTP server Type An IP address or host name Example set ntp server secondary myHost com ...

Страница 683: ...ervers SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 683 show ntp servers Description Shows all defined NTP servers Syntax show ntp servers Parameters Parameter Description n a Example show ntp servers ...

Страница 684: ...periodic backup SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 684 periodic backup ...

Страница 685: ...tional part integer day of week Day of the week to backup Options sunday monday tuesday wednesday thursday friday saturday encryption password Encryption password Type A string that contains alphanumeric and special characters file encryption Choose whether to encrypt the backup data Type Boolean true false hour Scheduled backup hour The backup will be performed during this hour Type A number with...

Страница 686: ... server username Backup server username Type A string that contains 0 9 a z up to 64 characters without spaces Example set periodic backup mode true server address backupUrl server username admin server password a 7Ba file encryption true encryption password a 7Ba schedule monthly day of month 2 hour 2 ...

Страница 687: ...SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 687 show periodic backup Description Shows periodic backup configuration Syntax show periodic backup Parameters Parameter Description n a Example show periodic backup ...

Страница 688: ...ables or enables first time configuration from the USB autoplay configuration or the WebUI Syntax set property USB_auto_configuration always once off first time wizard always once Parameters Parameter Description n a Example n set property USB_auto_configuration off n set property first time wizard off ...

Страница 689: ...privacy settings SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 689 privacy settings ...

Страница 690: ...n Advanced Settings select if the customer consents to sending diagnostic data to Check Point Syntax set privacy settings advanced settings customer consent customer consent Parameters Parameter Description customer consent Type Boolean true false Example set privacy settings advanced settings customer consent true ...

Страница 691: ...1 show privacy settings Description In Advanced Settings show if the customer consents to sending diagnostic data Syntax show privacy settings advanced settings Parameters Parameter Description n a Example show privacy settings advanced settings Sample Output customer consent true ...

Страница 692: ...proxy SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 692 proxy ...

Страница 693: ...SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 693 delete proxy Description Deletes configured proxy settings for the appliance Syntax delete proxy Parameters Parameter Description n a Example delete proxy ...

Страница 694: ...set proxy SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 694 set proxy Configures proxy settings for connecting with Check Point update and license servers ...

Страница 695: ...cting with Check Point update and license servers when the device is located behind a proxy server Syntax set proxy server server port port Parameters Parameter Description port The proxy port Type Port number server The proxy Host name or IP address Type An IP address or host name Example set proxy server myHost com port 8080 ...

Страница 696: ...oxy configuration for the device Syntax set proxy enable disable Parameters Parameter Description use proxy A proxy server between the appliance and the Internet This proxy server will be used when the appliance s internal processes must reach a Check Point server Type Boolean true false Example set proxy true ...

Страница 697: ...show proxy SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 697 show proxy Description Shows proxy configuration Syntax show proxy Parameters Parameter Description n a Example show proxy ...

Страница 698: ...qos SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 698 qos ...

Страница 699: ...set qos SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 699 set qos Configures QoS policy ...

Страница 700: ...ries R80 20 05 CLI Reference Guide 700 set qos Description Enables Disables the QoS Syntax set qos mode mode Parameters Parameter Description mode Indicates if QoS blade is enabled Type Boolean true false Example set qos mode true ...

Страница 701: ...rcentage guarantee bandwidth percentage guarantee bandwidth traffic guarantee bandwidth traffic guarantee bandwidth on services guarantee bandwidth on services ensure low latency for delay sensitive services ensure low latency for delay sensitive services Parameters Parameter Description n a Example set qos default policy limit bandwidth consuming applications true limit upload traffic true upload...

Страница 702: ... 702 set qos Description Configures advanced QoS settings Syntax set qos low latency traffic maximum percentage of bandwidth maximum percentage of bandwidth Parameters Parameter Description n a Example set qos low latency traffic maximum percentage of bandwidth 80 ...

Страница 703: ...s R80 20 05 CLI Reference Guide 703 set qos Description Configures advanced QoS settings Syntax set qos advanced settings qos logging qos logging Parameters Parameter Description n a Example set qos advanced settings qos logging true ...

Страница 704: ...show qos SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 704 show qos Shows the policy of the QoS blade ...

Страница 705: ...show qos SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 705 show qos Description Shows the policy of the QoS blade Syntax show qos Parameters Parameter Description n a Example show qos ...

Страница 706: ... Appliance Series R80 20 05 CLI Reference Guide 706 show qos Description Shows advanced settings of the QoS blade Syntax show qos advanced settings Parameters Parameter Description n a Example show qos advanced settings ...

Страница 707: ...qos delay sensitive service SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 707 qos delay sensitive service ...

Страница 708: ...set qos delay sensitive service SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 708 set qos delay sensitive service Configures a default used group of services that are delay sensitive ...

Страница 709: ...os delay sensitive service Description Adds an existing service object to the default group of services that are delay sensitive Syntax set qos delay sensitive service add service service Parameters Parameter Description service Service name Example set qos delay sensitive service add service TEXT ...

Страница 710: ...lay sensitive service Description Removes an existing service object from the default group of services that are delay sensitive Syntax set qos delay sensitive service remove service service Parameters Parameter Description service Service name Example set qos delay sensitive service remove service TEXT ...

Страница 711: ...80 20 05 CLI Reference Guide 711 show qos delay sensitive services Description Shows the group of services that are considered delay sensitive Syntax show qos delay sensitive services Parameters Parameter Description n a Example show qos delay sensitive services ...

Страница 712: ...qos guarantee bandwidth selected services SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 712 qos guarantee bandwidth selected services ...

Страница 713: ...lected services SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 713 set qos guarantee bandwidth selected services Configures a default used group of services that will be guaranteed bandwidth according to QoS default policy ...

Страница 714: ...ces Description Adds an existing service object to the default used group of services that will be guaranteed bandwidth according to QoS default policy Syntax set qos guarantee bandwidth selected services add service service Parameters Parameter Description service Service name Example set qos guarantee bandwidth selected services add service TEXT ...

Страница 715: ...escription Removes an existing service object from the default used group of services that will be guaranteed bandwidth according to QoS default policy Syntax set qos guarantee bandwidth selected services remove service service Parameters Parameter Description service Service name Example set qos guarantee bandwidth selected services remove service TEXT ...

Страница 716: ...uide 716 show qos guarantee bandwidth selected services Description Shows the group of services that can be guaranteed bandwidth in the QoS default policy Syntax show qos guarantee bandwidth selected services Parameters Parameter Description n a Example show qos guarantee bandwidth selected services ...

Страница 717: ...qos rule SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 717 qos rule ...

Страница 718: ...iffserv mark val false name name position position position above position above position below position below Parameters Parameter Description comment Description of the rule Type A string that contains less than 257 characters of this set 0 9 a z or destination Network object that is the target of the connection diffserv mark DiffServ Mark is a way to mark connections so a third party will handl...

Страница 719: ...atency of the rule low or normal Type Press TAB to see available options name name Type A string of alphanumeric characters without space between them position The order of the rule in comparison to other manual rules Type Decimal number position above The order of the rule in comparison to other manual rules Type Decimal number position below The order of the rule in comparison to other manual ru...

Страница 720: ...on TEXT service TEXT low latency rule normal limit bandwidth true limit percentage 15 guarantee bandwidth true guarantee percentage 30 weight 30 log none comment This is a comment vpn true hours range enabled true hours range from 23 20 hours range to 23 20 diffserv mark true diffserv mark val 5 name word position 2 ...

Страница 721: ...delete qos rule SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 721 delete qos rule Deletes an existing bandwidth latency control rule in the QoS Rule Base ...

Страница 722: ...te qos rule Description Deletes an existing bandwidth latency control rule in the QoS Rule Base by idx Syntax delete qos rule idx idx Parameters Parameter Description idx The order of the rule in comparison to other manual rules Type Decimal number Example delete qos rule idx 3 141 ...

Страница 723: ...te qos rule Description Deletes an existing bandwidth latency control rule in the QoS Rule Base by name Syntax delete qos rule name name Parameters Parameter Description name name Type A string of alphanumeric characters without space between them Example delete qos rule name word ...

Страница 724: ...set qos rule SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 724 set qos rule Configures an existing bandwidth latency control rule within the QoS blade policy ...

Страница 725: ... true diffserv mark val diffserv mark val false name name position position position above position above position below position below disabled disabled Parameters Parameter Description comment Description of the rule Type A string that contains less than 257 characters of this set 0 9 a z or destination Network object that is the target of the connection diffserv mark DiffServ Mark is a way to m...

Страница 726: ...imit percentage Traffic limit percentage Type A number with no fractional part integer log Defines which logging method to use None do not log Log Create log Options none log low latency rule The latency of the rule low or normal Type Press TAB to see available options name name Type A string of alphanumeric characters without space between them position The order of the rule in comparison to othe...

Страница 727: ...ed for other rules Type A number with no fractional part integer Example set qos rule idx 3 141 source TEXT destination TEXT service TEXT low latency rule normal limit bandwidth true limit percentage 80 guarantee bandwidth true guarantee percentage 80 weight 15 log none comment This is a comment vpn true hours range enabled true hours range from 23 20 hours range to 23 20 diffserv mark true diffse...

Страница 728: ...k true diffserv mark val diffserv mark val false name name position position position above position above position below position below disabled disabled Parameters Parameter Description comment Description of the rule Type A string that contains less than 257 characters of this set 0 9 a z or destination Network object that is the target of the connection diffserv mark DiffServ Mark is a way to ...

Страница 729: ...Defines which logging method to use None do not log Log Create log Options none log low latency rule The latency of the rule low or normal Type Press TAB to see available options name name Type A string of alphanumeric characters without space between them position The order of the rule in comparison to other manual rules Type Decimal number position above The order of the rule in comparison to ot...

Страница 730: ...l part integer Example set qos rule name word source TEXT destination TEXT service TEXT low latency rule normal limit bandwidth true limit percentage 80 guarantee bandwidth true guarantee percentage 80 weight 15 log none comment This is a comment vpn true hours range enabled true hours range from 23 20 hours range to 23 20 diffserv mark true diffserv mark val 5 name word position 2 disabled true ...

Страница 731: ...show qos rule SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 731 show qos rule Shows configuration of QoS bandwidth latency control rules ...

Страница 732: ...configuration of a QoS rule by ID Syntax show qos rule idx idx Parameters Parameter Description idx The order of the rule in comparison to other manual rules Type Decimal number position The order of the rule in comparison to other manual rules Type Decimal number Example show qos rule idx 3 141 position 2 ...

Страница 733: ...configuration of a QoS rule by name Syntax show qos rule name name Parameters Parameter Description name name Type A string of alphanumeric characters without space between them position The order of the rule in comparison to other manual rules Type Decimal number Example show qos rule name word position 2 ...

Страница 734: ...os rules Description Shows configuration of a QoS rule by position Syntax show qos rules position position Parameters Parameter Description position The order of the generated rules in the QoS Rule Base Type A number with no fractional part integer Example show qos rules position 2 ...

Страница 735: ...radius server SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 735 radius server ...

Страница 736: ...s server Description Deletes an existing configured RADIUS server Syntax delete radius server priority priority Parameters Parameter Description priority Priority of the choose tab can be primary or secondary Type A number with no fractional part integer Example delete radius server priority 1 ...

Страница 737: ... tab can be primary or secondary Type A number with no fractional part integer shared secret Pre shared secret between the RADIUS server and the Appliance Type A string that contains alphanumeric and special characters timeout A timeout value in seconds for communication with the RADIUS server Type A number with no fractional part integer udp port The port number through which the RADIUS server co...

Страница 738: ...us server Description Shows the configuration of a RADIUS server Syntax show radius server priority priority Parameters Parameter Description priority Priority of the choose tab can be primary or secondary Type A number with no fractional part integer Example show radius server priority 1 ...

Страница 739: ...1500 Appliance Series R80 20 05 CLI Reference Guide 739 show radius servers Description Shows the configuration of all RADIUS servers Syntax show radius servers Parameters Parameter Description n a Example show radius servers ...

Страница 740: ...reach my device SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 740 reach my device ...

Страница 741: ...vice SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 741 set reach my device Configures the Reach my device service which enables connecting to the device s management portal even when the device is behind NAT ...

Страница 742: ...e validation token validation token false Parameters Parameter Description existing host name Register with an existing host name Type Boolean true false host name Gateway Host name DNS Prefix Type A string of alphanumeric characters without space between them mode Reach my device mode on off Type Boolean true false validation token Gateway validation token Type A string of alphanumeric characters...

Страница 743: ... advanced settings of the Reach my device service which enables connecting to the device s management portal even when the device is behind NAT Syntax set reach my device advanced settings ignore ssl cert ignore ssl cert Parameters Parameter Description n a Example set reach my device advanced settings ignore ssl cert true ...

Страница 744: ...ach my device service which enables connecting to the device s management portal even when the device is behind NAT Syntax set reach my device advanced settings reach my device server addr reach my device server addr Parameters Parameter Description n a Example set reach my device advanced settings reach my device server addr http www checkpoint com ...

Страница 745: ...show reach my device SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 745 show reach my device Shows the configuration of Reach My Device cloud service ...

Страница 746: ...ppliance Series R80 20 05 CLI Reference Guide 746 show reach my device Description Shows the configuration of Reach My Device cloud service Syntax show reach my device Parameters Parameter Description n a Example show reach my device ...

Страница 747: ...0 20 05 CLI Reference Guide 747 show reach my device Description Shows advanced settings of Reach My Device cloud service Syntax show reach my device advanced settings Parameters Parameter Description n a Example show reach my device advanced settings ...

Страница 748: ...oups true radius groups radius groups false false Parameters Parameter Description radius auth Remote users RADIUS authentication Type Boolean true false radius groups RADIUS groups for authentication Example RADIUS group1 RADIUS class2 Type A string that contains A Z 0 9 _ and space characters use radius groups Use RADIUS groups for authentication Type Boolean true false Example set remote access...

Страница 749: ...R80 20 05 CLI Reference Guide 749 show remote access users radius auth Description Shows RADIUS based users VPN remote access configuration Syntax show remote access users radius auth Parameters Parameter Description n a Example show remote access users radius auth ...

Страница 750: ...reboot SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 750 reboot Description Reboots the system Syntax reboot Parameters Parameter Description n a Example reboot ...

Страница 751: ... can be located on a USB device or on a TFTP server Syntax restore settings from usb tftp server serverIP filename file_name Parameters Parameter Description file_name Name of the backup file serverIP IPv4 address of the TFTP server Example restore settings from tftp server 1 1 1 1 filename sg80 Comments The appliance automatically reboots after the settings are restored ...

Страница 752: ...display these restore settings log files n restore settings log Log file for restoring saved settings n restore default settings log Log file for restoring the default settings Syntax show restore settings log restore default settings log Parameters Parameter Description n a Example show restore settings log Output Success shows the restore settings log file Failure shows an appropriate error mess...

Страница 753: ...erence Guide 753 show revert log Description Shows the log file of previous revert operations Syntax show revert log Parameters Parameter Description n a Example show revert log Output Success shows the revert log file Failure shows an appropriate error message ...

Страница 754: ...vert the appliance to the original factory defaults This command deletes all data and software images from the appliance Syntax revert to factory defaults Parameters Parameter Description n a Example revert to factory defaults Output Success shows a warning message Enter yesto continue Failure shows an appropriate error message ...

Страница 755: ...nce Guide 755 revert to saved image Description Reverts the appliance to the previous software image Syntax revert to previous image Parameters Parameter Description n a Example revert to previous image Output Success shows OK Failure shows an appropriate error message ...

Страница 756: ...report settings SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 756 report settings ...

Страница 757: ...set report settings SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 757 set report settings Configure local reports settings ...

Страница 758: ...et report settings Description Configure advanced local reports settings Syntax set report settings advanced settings centrally max period centrally max period Parameters Parameter Description n a Example set report settings advanced settings centrally max period report period hour ...

Страница 759: ...9 set report settings Description Configure advanced local reports settings Syntax set report settings advanced settings locally max period locally max period Parameters Parameter Description n a Example set report settings advanced settings locally max period report period hour ...

Страница 760: ... R80 20 05 CLI Reference Guide 760 show report settings Description Shows report scheduling and creation configuration Syntax show report settings advanced settings Parameters Parameter Description n a Example show report settings advanced settings ...

Страница 761: ...wall policy rule hits Syntax show rule hits top rule Parameters Parameter Description rule Number of rules in the security policy that are displayed Minimum value i 1 Return Value 0 on success 1 on failure Example show rule hits top 3 Output Success shows number of hits per rule Failure shows an appropriate error message ...

Страница 762: ...ce Guide 762 show saved image Description Shows information about the saved backup image Syntax show saved image Parameters Parameter Description n a Example show saved image Output Success shows information about the image Failure shows an appropriate error message ...

Страница 763: ...1500 Appliance Series R80 20 05 CLI Reference Guide 763 update security blades Description Manually update Software Blades Syntax update security blades all Parameters Parameter Description n a Example update security blades all ...

Страница 764: ...security management SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 764 security management ...

Страница 765: ...ide mgmt addr Indicates if the management address used in the next manual fetch command will be saved and continuously used instead of the address downloaded in the policy Type Boolean true false mgmt addr The IP address or hostname of the Security Management Server Type An IP address or host name send logs to Indicates from where the address of the log server is taken Type Press TAB to see availa...

Страница 766: ...set security management SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 766 set security management Configures settings to connect to a remote Security Management Server and log server ...

Страница 767: ... Description addr The logs are sent to this address Type An IP address or host name local override mgmt addr Indicates if the management address used in the next manual fetch command will be saved and continuously used instead of the address downloaded in the policy Type Boolean true false mgmt address IP address or hostname of the Security Management Server Type An IP address or host name send lo...

Страница 768: ...s only the networking configurations are available and the security policy comes from the remote Security Management Server Syntax set security management mode mode Parameters Parameter Description mode Indicates whether the appliance is managed locally or centrally using a Check Point Security Management Server Options locally managed centrally managed Example set security management mode locally...

Страница 769: ...ppliance Series R80 20 05 CLI Reference Guide 769 show security management Description Shows settings of the Security Management Server Syntax show security management Parameters Parameter Description n a Example show security management ...

Страница 770: ...serial port SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 770 serial port ...

Страница 771: ...set serial port SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 771 set serial port Configures the physical serial port settings ...

Страница 772: ...escription disabled Indicates if the serial port is disabled flow control Indicates the method of data flow control to and from the serial port mode Indicates if the serial port is used to connect to the appliance s console a remote telnet server or allow a remote telnet connection to the device connected to the serial port port speed Indicates the port speed Baud Rate of the serial connection Exa...

Страница 773: ...ures the physical serial port as a relay to which incoming TELNET traffic on a configured port will be redirected Syntax set serial port passive mode tcp port tcp port allow implicitly allow implicitly Parameters Parameter Description n a Example set serial port passive mode tcp port 8080 allow implicitly true ...

Страница 774: ...o outgoing connection to a remote TELNET server Syntax set serial port active mode tcp port tcp port primary server address primary server address secondary server address secondary server address Parameters Parameter Description n a Example set serial port active mode tcp port 8080 primary server address myHost com secondary server address myHost com ...

Страница 775: ...arameter Description disabled Indicates if the 9 PIN serial port is disabled flow control Indicates the method of data flow control to and from the 9 PIN serial port mode Indicates if the 9 PIN serial port can be used by a remote telnet server or allow a remote telnet connection to the device connected to the serial port port speed Indicates the 9 PIN port speed Baud Rate of the serial connection ...

Страница 776: ...ial port nine pin Description Configure the settings for the 9 PIN serial port Syntax set serial port nine pin passive mode tcp port tcp port allow implicitly allow implicitly Parameters Parameter Description n a Example set serial port nine pin passive mode tcp port 8080 allow implicitly true ...

Страница 777: ...or the 9 PIN serial port Syntax set serial port nine pin active mode tcp port tcp port primary server address primary server address secondary server address secondary server address Parameters Parameter Description n a Example set serial port nine pin active mode tcp port 8080 primary server address myHost com secondary server address myHost com ...

Страница 778: ...t SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 778 show serial port Description Shows configuration for the serial port Syntax show serial port Parameters Parameter Description n a Example show serial port ...

Страница 779: ...Appliance Series R80 20 05 CLI Reference Guide 779 show serial port nine pin Description Show the settings for the 9 PIN serial port Syntax show serial port nine pin Parameters Parameter Description n a Example show serial port nine pin ...

Страница 780: ...server SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 780 server ...

Страница 781: ... Comments Type A string that contains less than 257 characters of this set 0 9 a z or dhcp exclude ip addr Indicates if the internal DHCP service will not distribute the configured IP address of this server network object to anyone Type Press TAB to see available options dhcp reserve ip addr to mac Indicates if the internal DHCP service will distribute the configured IP address only to this server...

Страница 782: ...Protocol tcpProtocol Type Boolean true false udp ports UDP ports for server of type other Type Port range udpProtocol udpProtocol Type Boolean true false Example add server name myObject_17 ipv4 address 192 168 1 1 dhcp exclude ip addr on dhcp reserve ip addr to mac on mac addr 00 1C 7F 21 05 BE comments This is a comment dns resolving true type web server ...

Страница 783: ...e server Description Deletes an existing server object Syntax delete server name Parameters Parameter Description name Server object name Type A string that begins with a letter and contain up to 32 alphanumeric 0 9 a z _ characters without spaces Example delete server myObject_17 ...

Страница 784: ... Description Shows configuration of an existing server object Syntax show server name Parameters Parameter Description name Server object name Type A string that begins with a letter and contain up to 32 alphanumeric 0 9 a z _ characters without spaces Example show server myObject_17 ...

Страница 785: ...rs SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 785 show servers Description Shows the configuration of all server objects Syntax show servers Parameters Parameter Description n a Example show servers ...

Страница 786: ...service details SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 786 service details ...

Страница 787: ...et device details hostname hostname country country Parameters Parameter Description country The country where you are located The country configured for the WLAN Options country hostname The appliance name used to identify the gateway Type A string that contains A Z 0 9 and characters Example set device details hostname My appliance country albania ...

Страница 788: ... 1500 Appliance Series R80 20 05 CLI Reference Guide 788 show device details Description Shows configuration of basic device details Syntax show device details Parameters Parameter Description n a Example show device details ...

Страница 789: ...service group SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 789 service group ...

Страница 790: ...arameter Description comments Comments and explanation about the Service Group Type A string that contains less than 257 characters of this set 0 9 a z or member An association field for the contained services name Service Group name Type A string that begins with a letter and contain up to 32 alphanumeric 0 9 a z _ characters without spaces Example add service group name myObject_17 comments This...

Страница 791: ...ion Deletes an existing group object for service objects by object name Syntax delete service group name Parameters Parameter Description name Service Group name Type A string that begins with a letter and contain up to 32 alphanumeric 0 9 a z _ characters without spaces Example delete service group myObject_17 ...

Страница 792: ...set service group SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 792 set service group Configures an existing service objects group ...

Страница 793: ...nd explanation about the Service Group Type A string that contains less than 257 characters of this set 0 9 a z or name Service Group name Type A string that begins with a letter and contain up to 32 alphanumeric 0 9 a z _ characters without spaces new name Service Group name Type A string that begins with a letter and contain up to 32 alphanumeric 0 9 a z _ characters without spaces Example set s...

Страница 794: ...vice objects from an existing service objects group Syntax set service group name remove all members Parameters Parameter Description name Service Group name Type A string that begins with a letter and contain up to 32 alphanumeric 0 9 a z _ characters without spaces Example set service group myObject_17 remove all members ...

Страница 795: ... object to an existing service objects group Syntax set service group name add member member Parameters Parameter Description member Service name name Service Group name Type A string that begins with a letter and contain up to 32 alphanumeric 0 9 a z _ characters without spaces Example set service group myObject_17 add member TEXT ...

Страница 796: ...bject from an existing service objects group Syntax set service group name remove member member Parameters Parameter Description member Service name name Service Group name Type A string that begins with a letter and contain up to 32 alphanumeric 0 9 a z _ characters without spaces Example set service group myObject_17 remove member TEXT ...

Страница 797: ...oup Description Shows the content of a service object group Syntax show service group name Parameters Parameter Description name Service Group name Type A string that begins with a letter and contain up to 32 alphanumeric 0 9 a z _ characters without spaces Example show service group myObject_17 ...

Страница 798: ...1500 Appliance Series R80 20 05 CLI Reference Guide 798 show service groups Description Shows the content of all service object groups Syntax show service groups Parameters Parameter Description n a Example show service groups ...

Страница 799: ...service icmp SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 799 service icmp ...

Страница 800: ... comments Parameters Parameter Description comments Comments and explanation about the service Type A string that contains less than 257 characters of this set 0 9 a z or icmp code ICMP code Type A number with no fractional part integer icmp type ICMP message type Type A number with no fractional part integer name Service name Type String Example add service icmp name TEXT icmp code 2 icmp type 5 ...

Страница 801: ... R80 20 05 CLI Reference Guide 801 delete service icmp Description Deletes an existing ICMP type service object by name Syntax delete service icmp name Parameters Parameter Description name Service name Type String Example delete service icmp TEXT ...

Страница 802: ...mments comments Parameters Parameter Description comments Comments and explanation about the service Type A string that contains less than 257 characters of this set 0 9 a z or icmp code ICMP code Type A number with no fractional part integer icmp type ICMP message type Type A number with no fractional part integer name Service name Type String Example set service icmp TEXT name TEXT icmp code 2 i...

Страница 803: ...0 20 05 CLI Reference Guide 803 show service icmp Description Shows the configuration of a specific ICMP type service object Syntax show service icmp name Parameters Parameter Description name Service name Type String Example show service icmp TEXT ...

Страница 804: ...protocol name name ip protocol ip protocol comments comments Parameters Parameter Description comments Comments and explanation about the service Type A string that contains less than 257 characters of this set 0 9 a z or ip protocol IP Protocol number Type A number with no fractional part integer name Service name Type String Example add service protocol name TEXT ip protocol 50 comments This is ...

Страница 805: ...service protocol SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 805 service protocol ...

Страница 806: ... R80 20 05 CLI Reference Guide 806 delete service protocol Description Deletes a non TCP UDP service object by name Syntax delete service protocol name Parameters Parameter Description name Service name Type String Example delete service protocol TEXT ...

Страница 807: ...pacity and memory consumption of the firewall to increase durability and stability aggressive aging timeout Time in seconds before the aggressive aging times out comments Comments and explanation about the service Type A string that contains less than 257 characters of this set 0 9 a z or ip protocol IP Protocol number Type A number with no fractional part integer match INSPECT expression that sea...

Страница 808: ...0 05 CLI Reference Guide 808 Example set service protocol TEXT name TEXT ip protocol 50 comments This is a comment session timeout 15 accept replies true sync connections on cluster true match TEXT aggressive aging enable true aggressive aging timeout 15 ...

Страница 809: ...05 CLI Reference Guide 809 show service protocol Description Shows the configuration of a specific non TCP UDP service object Syntax show service protocol name Parameters Parameter Description name Service name Type String Example show service protocol TEXT ...

Страница 810: ...iance Series R80 20 05 CLI Reference Guide 810 show services protocol Description Shows the configuration of all non TCP UDP service objects Syntax show services protocol Parameters Parameter Description n a Example show services protocol ...

Страница 811: ...ssible from by default accept all by default accept only from configured zones or define no server specific default access policy Manual policy rules will override this policy Type Press TAB to see available options allow ping to server Indicates if default access policy will work on ICMP traffic as well as defined ports This option will not work on multiple ports hidden behind the gateway Type Bo...

Страница 812: ...lowed trusted zone vpn sites Indicates if encrypted traffic from remote VPN sites to the server is allowed or blocked by default Options blocked allowed trusted zone vpn users Indicates if encrypted traffic from VPN remote access users to the server is allowed or blocked by default Options blocked allowed Example set server server access myObject_17 access zones blocked trusted zone lan blocked tr...

Страница 813: ...name Type A string that begins with a letter and contain up to 32 alphanumeric 0 9 a z _ characters without spaces nat settings Indicates the general NAT settings configured no NAT hide behind the gateway s external IP address or use a different external IP address Type Press TAB to see available options port address translation For servers with a single port indicates if the external port is not ...

Страница 814: ...I Reference Guide 814 Example set server server nat settings myObject_17 nat settings static nat static nat ipv4 address 192 168 1 1 static nat for outgoing traffic true port address translation true port address translation external port 8080 force source hide nat true ...

Страница 815: ... addr Indicates if the internal DHCP service will not distribute the configured IP address of this server network object to anyone Type Press TAB to see available options dhcp reserve ip addr to mac Indicates if the internal DHCP service will distribute the configured IP address only to this server network object according to its MAC address Type Press TAB to see available options dns resolving In...

Страница 816: ...s R80 20 05 CLI Reference Guide 816 Example set server server network settings myObject_17 name myObject_17 dhcp exclude ip addr on dhcp reserve ip addr to mac on mac addr 00 1C 7F 21 05 BE comments This is a comment dns resolving true ipv4 address 192 168 1 1 ...

Страница 817: ...tp server true service pptp selected true service pptp ports service pptp ports false false custom server true tcpProtocol tcpProtocol tcp ports tcp ports udpProtocol udpProtocol udp ports udp ports false Parameters Parameter Description citrix server Indicates a Citrix server for each type we provide default but configurable ports custom server Server type custom dns server Indicates a DNS server...

Страница 818: ...ice https ports Configured ports for HTTPS for a web server service imap Indicates if ports are defined for IMAP for a mail server service imap ports Configured ports for IMAP for a web server service pop3 Indicates if ports are defined for POP3 for a mail server service pop3 ports Configured ports for POP3 for a web server service pptp ports Configured ports for PPTP for a PPTP server service ppt...

Страница 819: ...e https true service https ports 8080 8090 mail server true service smtp true service smtp ports 8080 8090 service pop3 true service pop3 ports 8080 8090 service imap true service imap ports 8080 8090 dns server true service dns true service dns ports 8080 8090 ftp server true service ftp true service ftp ports 8080 8090 citrix server true service citrix true service citrix ports 8080 8090 pptp se...

Страница 820: ...service system default SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 820 service system default ...

Страница 821: ...able Enable to manage the connections table capacity and memory consumption of the firewall to increase durability and stability aggressive aging timeout Time in seconds before the aggressive aging times out delay sync interval Time in seconds after connection initiation to start synchronizing connections keep connections open after policy installation True to keep connections open after policy ha...

Страница 822: ...ions synchronization use source port Use source port Example set service system default Any_TCP port 8080 8090 session timeout 15 use source port false source port 8080 keep connections open after policy installation true sync connections on cluster true sync delay enable true delay sync interval 15 aggressive aging enable true aggressive aging timeout 15 ...

Страница 823: ...R80 20 05 CLI Reference Guide 823 show service system default Any_TCP Description Shows the settings of the built in Any_TCP service object Syntax show service system default Any_TCP Parameters Parameter Description n a Example show service system default Any_TCP ...

Страница 824: ... replies are to be accepted aggressive aging enable Enable to manage the connections table capacity and memory consumption of the firewall to increase durability and stability aggressive aging timeout Time in seconds before the aggressive aging times out keep connections open after policy installation True to keep connections open after policy has been installed even if they are not allowed under ...

Страница 825: ...uide 825 Example set service system default Any_UDP port 8080 8090 session timeout 15 use source port false source port 8080 keep connections open after policy installation true sync connections on cluster true aggressive aging enable true aggressive aging timeout 15 accept replies true ...

Страница 826: ...R80 20 05 CLI Reference Guide 826 show service system default Any_UDP Description Shows the settings of the built in Any_UDP service object Syntax show service system default Any_UDP Parameters Parameter Description n a Example show service system default Any_UDP ...

Страница 827: ...ble aggressive aging timeout aggressive aging timeout Parameters Parameter Description aggressive aging enable Enable to manage the connections table capacity and memory consumption of the firewall to increase durability and stability aggressive aging timeout Time in seconds before the aggressive aging times out delay sync interval Time in seconds after connection initiation to start synchronizing...

Страница 828: ...ynchronize connections on cluster will be synchronized as they pass through the cluster sync delay enable True to delay connections synchronization use source port Use source port Example set service system default CIFS port 8080 8090 disable inspection true session timeout 15 use source port false source port 8080 keep connections open after policy installation true sync connections on cluster tr...

Страница 829: ...ries R80 20 05 CLI Reference Guide 829 show service system default CIFS Description Shows the settings of the built in CIFS service object Syntax show service system default CIFS Parameters Parameter Description n a Example show service system default CIFS ...

Страница 830: ... enable aggressive aging timeout aggressive aging timeout Parameters Parameter Description aggressive aging enable Enable to manage the connections table capacity and memory consumption of the firewall to increase durability and stability aggressive aging timeout Time in seconds before the aggressive aging times out delay sync interval Time in seconds after connection initiation to start synchroni...

Страница 831: ...ynchronize connections on cluster will be synchronized as they pass through the cluster sync delay enable True to delay connections synchronization use source port Use source port Example set service system default Citrix port 8080 8090 disable inspection true session timeout 15 use source port false source port 8080 keep connections open after policy installation true sync connections on cluster ...

Страница 832: ...s R80 20 05 CLI Reference Guide 832 show service system default Citrix Description Shows the settings of the built in Citrix service object Syntax show service system default Citrix Parameters Parameter Description n a Example show service system default Citrix ...

Страница 833: ...rvice object Syntax set service system default Citrix firewall settings protocol support protocol support Parameters Parameter Description protocol support Which protocol to support on the configured ports The default port 1494 is commonly used by two different protocols Winframe or Citrix ICA Options PROTO_TYPE WIN_FRAME PROTO_TYPE CITRIX_ICA Example set service system default Citrix firewall set...

Страница 834: ...e Guide 834 show service system default Citrix firewall settings Description Shows the inspection settings of the built in Citrix service object Syntax show service system default Citrix firewall settings Parameters Parameter Description n a Example show service system default Citrix firewall settings ...

Страница 835: ...replies accept replies Parameters Parameter Description accept replies Specifies if service replies are to be accepted disable inspection Disable deep inspection of traffic matching this service Type Boolean true false port Destination ports a comma separated list of ports ranges Type Port range session timeout Time in seconds before the session times out source port Source port use source port Us...

Страница 836: ...ries R80 20 05 CLI Reference Guide 836 show service system default DHCP Description Shows the settings of the built in DHCP service object Syntax show service system default DHCP Parameters Parameter Description n a Example show service system default DHCP ...

Страница 837: ...ng enable aggressive aging timeout aggressive aging timeout Parameters Parameter Description aggressive aging enable Enable to manage the connections table capacity and memory consumption of the firewall to increase durability and stability aggressive aging timeout Time in seconds before the aggressive aging times out delay sync interval Time in seconds after connection initiation to start synchro...

Страница 838: ...ynchronize connections on cluster will be synchronized as they pass through the cluster sync delay enable True to delay connections synchronization use source port Use source port Example set service system default DNS_TCP port 8080 8090 disable inspection true session timeout 15 use source port false source port 8080 keep connections open after policy installation true sync connections on cluster...

Страница 839: ...R80 20 05 CLI Reference Guide 839 show service system default DNS_TCP Description Shows the settings of the built in DNS_TCP service object Syntax show service system default DNS_TCP Parameters Parameter Description n a Example show service system default DNS_TCP ...

Страница 840: ...cept replies accept replies Parameters Parameter Description accept replies Specifies if service replies are to be accepted disable inspection Disable deep inspection of traffic matching this service Type Boolean true false port Destination ports a comma separated list of ports ranges Type Port range session timeout Time in seconds before the session times out source port Source port use source po...

Страница 841: ...R80 20 05 CLI Reference Guide 841 show service system default DNS_UDP Description Shows the settings of the built in DNS_UDP service object Syntax show service system default DNS_UDP Parameters Parameter Description n a Example show service system default DNS_UDP ...

Страница 842: ...e aggressive aging timeout aggressive aging timeout Parameters Parameter Description aggressive aging enable Enable to manage the connections table capacity and memory consumption of the firewall to increase durability and stability aggressive aging timeout Time in seconds before the aggressive aging times out delay sync interval Time in seconds after connection initiation to start synchronizing c...

Страница 843: ...ynchronize connections on cluster will be synchronized as they pass through the cluster sync delay enable True to delay connections synchronization use source port Use source port Example set service system default FTP port 8080 8090 disable inspection true session timeout 15 use source port false source port 8080 keep connections open after policy installation true sync connections on cluster tru...

Страница 844: ...eries R80 20 05 CLI Reference Guide 844 show service system default FTP Description Shows the settings of the built in FTP service object Syntax show service system default FTP Parameters Parameter Description n a Example show service system default FTP ...

Страница 845: ...ettings Description Configures firewall inspection settings of the built in FTP service object Syntax set service system default FTP firewall settings mode mode Parameters Parameter Description mode FTP connection mode allowed values are Any Active or Passive Options any active passive Example set service system default FTP firewall settings mode any ...

Страница 846: ...erence Guide 846 show service system default FTP firewall settings Description Shows the inspection settings of the built in FTP service object Syntax show service system default FTP firewall settings Parameters Parameter Description n a Example show service system default FTP firewall settings ...

Страница 847: ...nections table capacity and memory consumption of the firewall to increase durability and stability aggressive aging timeout Time in seconds before the aggressive aging times out disable inspection Disable deep inspection of traffic matching this service Type Boolean true false ip protocol IP Protocol number Type A number with no fractional part integer keep connections open after policy installat...

Страница 848: ... Guide 848 Example set service system default GRE ip protocol 15 disable inspection true session timeout 15 accept replies true match TEXT keep connections open after policy installation true sync connections on cluster true aggressive aging enable true aggressive aging timeout 15 ...

Страница 849: ...eries R80 20 05 CLI Reference Guide 849 show service system default GRE Description Shows the settings of the built in GRE service object Syntax show service system default GRE Parameters Parameter Description n a Example show service system default GRE ...

Страница 850: ...ds after connection initiation to start synchronizing connections disable inspection Disable deep inspection of traffic matching this service Type Boolean true false keep connections open after policy installation True to keep connections open after policy has been installed even if they are not allowed under the new policy port Destination ports a comma separated list of ports ranges Type Port ra...

Страница 851: ...ce Guide 851 Example set service system default H323 port 8080 8090 disable inspection true session timeout 15 use source port false source port 8080 keep connections open after policy installation true sync connections on cluster true sync delay enable true delay sync interval 15 ...

Страница 852: ...ries R80 20 05 CLI Reference Guide 852 show service system default H323 Description Shows the settings of the built in H323 service object Syntax show service system default H323 Parameters Parameter Description n a Example show service system default H323 ...

Страница 853: ...ccept replies accept replies Parameters Parameter Description accept replies Specifies if service replies are to be accepted disable inspection Disable deep inspection of traffic matching this service Type Boolean true false port Destination ports a comma separated list of ports ranges Type Port range session timeout Time in seconds before the session times out source port Source port use source p...

Страница 854: ...80 20 05 CLI Reference Guide 854 show service system default H323_RAS Description Shows the settings of the built in H323_RAS service object Syntax show service system default H323_RAS Parameters Parameter Description n a Example show service system default H323_RAS ...

Страница 855: ...ble aggressive aging timeout aggressive aging timeout Parameters Parameter Description aggressive aging enable Enable to manage the connections table capacity and memory consumption of the firewall to increase durability and stability aggressive aging timeout Time in seconds before the aggressive aging times out delay sync interval Time in seconds after connection initiation to start synchronizing...

Страница 856: ...ynchronize connections on cluster will be synchronized as they pass through the cluster sync delay enable True to delay connections synchronization use source port Use source port Example set service system default HTTP port 8080 8090 disable inspection true session timeout 15 use source port false source port 8080 keep connections open after policy installation true sync connections on cluster tr...

Страница 857: ...ries R80 20 05 CLI Reference Guide 857 show service system default HTTP Description Shows the settings of the built in HTTP service object Syntax show service system default HTTP Parameters Parameter Description n a Example show service system default HTTP ...

Страница 858: ...nable aggressive aging timeout aggressive aging timeout Parameters Parameter Description aggressive aging enable Enable to manage the connections table capacity and memory consumption of the firewall to increase durability and stability aggressive aging timeout Time in seconds before the aggressive aging times out delay sync interval Time in seconds after connection initiation to start synchronizi...

Страница 859: ...ynchronize connections on cluster will be synchronized as they pass through the cluster sync delay enable True to delay connections synchronization use source port Use source port Example set service system default HTTPS port 8080 8090 disable inspection true session timeout 15 use source port false source port 8080 keep connections open after policy installation true sync connections on cluster t...

Страница 860: ...es R80 20 05 CLI Reference Guide 860 show service system default HTTPS Description Shows the settings of the built in HTTPS service object Syntax show service system default HTTPS Parameters Parameter Description n a Example show service system default HTTPS ...

Страница 861: ...e content length duplicate content length duplicate host duplicate host responses responses invalid chunk invalid chunk empty value empty value post post recursive url recursive url trailing whitespaces trailing whitespaces Parameters Parameter Description duplicate content length True to block duplicate Content Length header with same value Type Boolean true false duplicate host True to block dup...

Страница 862: ... headers Type Boolean true false split url True to split the URL between the query and fragment sections instructs the HTTP protections to inspect the query and fragment sections separately Type Boolean true false strict request True to enforce strict HTTP request parsing Type Boolean true false strict response True to enforce strict HTTP response parsing Type Boolean true false tab as seperator T...

Страница 863: ...Reference Guide 863 show service system default HTTP ips settings Description Shows the inspection settings of the built in HTTP service object Syntax show service system default HTTP ips settings Parameters Parameter Description n a Example show service system default HTTP ips settings ...

Страница 864: ...ng over HTTPS Enables categorization over HTTPS even without full SSL inspection Syntax set service system default HTTPS url filtering settings categorize https sites categorize https sites Parameters Parameter Description categorize https sites Categorize HTTPS sites by their certificate CN Type Boolean true false Example set service system default HTTPS url filtering settings categorize https si...

Страница 865: ... 865 show service system default HTTPS url filtering settings Description Shows the configuration of URL filtering categorization option over HTTPS Syntax show service system default HTTPS url filtering settings Parameters Parameter Description n a Example show service system default HTTPS url filtering settings ...

Страница 866: ...ble aggressive aging timeout aggressive aging timeout Parameters Parameter Description aggressive aging enable Enable to manage the connections table capacity and memory consumption of the firewall to increase durability and stability aggressive aging timeout Time in seconds before the aggressive aging times out delay sync interval Time in seconds after connection initiation to start synchronizing...

Страница 867: ...ynchronize connections on cluster will be synchronized as they pass through the cluster sync delay enable True to delay connections synchronization use source port Use source port Example set service system default IIOP port 8080 8090 disable inspection true session timeout 15 use source port false source port 8080 keep connections open after policy installation true sync connections on cluster tr...

Страница 868: ...ries R80 20 05 CLI Reference Guide 868 show service system default IIOP Description Shows the settings of the built in IIOP service object Syntax show service system default IIOP Parameters Parameter Description n a Example show service system default IIOP ...

Страница 869: ...ble aggressive aging timeout aggressive aging timeout Parameters Parameter Description aggressive aging enable Enable to manage the connections table capacity and memory consumption of the firewall to increase durability and stability aggressive aging timeout Time in seconds before the aggressive aging times out delay sync interval Time in seconds after connection initiation to start synchronizing...

Страница 870: ...ynchronize connections on cluster will be synchronized as they pass through the cluster sync delay enable True to delay connections synchronization use source port Use source port Example set service system default IMAP port 8080 8090 disable inspection true session timeout 15 use source port false source port 8080 keep connections open after policy installation true sync connections on cluster tr...

Страница 871: ...ries R80 20 05 CLI Reference Guide 871 show service system default IMAP Description Shows the settings of the built in IMAP service object Syntax show service system default IMAP Parameters Parameter Description n a Example show service system default IMAP ...

Страница 872: ...ble aggressive aging timeout aggressive aging timeout Parameters Parameter Description aggressive aging enable Enable to manage the connections table capacity and memory consumption of the firewall to increase durability and stability aggressive aging timeout Time in seconds before the aggressive aging times out delay sync interval Time in seconds after connection initiation to start synchronizing...

Страница 873: ...ynchronize connections on cluster will be synchronized as they pass through the cluster sync delay enable True to delay connections synchronization use source port Use source port Example set service system default LDAP port 8080 8090 disable inspection true session timeout 15 use source port false source port 8080 keep connections open after policy installation true sync connections on cluster tr...

Страница 874: ...ries R80 20 05 CLI Reference Guide 874 show service system default LDAP Description Shows the settings of the built in LDAP service object Syntax show service system default LDAP Parameters Parameter Description n a Example show service system default LDAP ...

Страница 875: ...replies accept replies Parameters Parameter Description accept replies Specifies if service replies are to be accepted disable inspection Disable deep inspection of traffic matching this service Type Boolean true false port Destination ports a comma separated list of ports ranges Type Port range session timeout Time in seconds before the session times out source port Source port use source port Us...

Страница 876: ...ries R80 20 05 CLI Reference Guide 876 show service system default MGCP Description Shows the settings of the built in MGCP service object Syntax show service system default MGCP Parameters Parameter Description n a Example show service system default MGCP ...

Страница 877: ...urce port accept replies accept replies Parameters Parameter Description accept replies Specifies if service replies are to be accepted disable inspection Disable deep inspection of traffic matching this service Type Boolean true false port Destination ports a comma separated list of ports ranges Type Port range session timeout Time in seconds before the session times out source port Source port u...

Страница 878: ...I Reference Guide 878 show service system default NetBIOSDatagram Description Shows the settings of the built in NetBiosDatagram service object Syntax show service system default NetBIOSDatagram Parameters Parameter Description n a Example show service system default NetBIOSDatagram ...

Страница 879: ...ort accept replies accept replies Parameters Parameter Description accept replies Specifies if service replies are to be accepted disable inspection Disable deep inspection of traffic matching this service Type Boolean true false port Destination ports a comma separated list of ports ranges Type Port range session timeout Time in seconds before the session times out source port Source port use sou...

Страница 880: ... 05 CLI Reference Guide 880 show service system default NetBIOSName Description Shows the settings of the built in NetBiosName service object Syntax show service system default NetBIOSName Parameters Parameter Description n a Example show service system default NetBIOSName ...

Страница 881: ...ng enable aggressive aging timeout aggressive aging timeout Parameters Parameter Description aggressive aging enable Enable to manage the connections table capacity and memory consumption of the firewall to increase durability and stability aggressive aging timeout Time in seconds before the aggressive aging times out delay sync interval Time in seconds after connection initiation to start synchro...

Страница 882: ...ynchronize connections on cluster will be synchronized as they pass through the cluster sync delay enable True to delay connections synchronization use source port Use source port Example set service system default NetShow port 8080 8090 disable inspection true session timeout 15 use source port false source port 8080 keep connections open after policy installation true sync connections on cluster...

Страница 883: ...R80 20 05 CLI Reference Guide 883 show service system default NetShow Description Shows the settings of the built in NetShow service object Syntax show service system default NetShow Parameters Parameter Description n a Example show service system default NetShow ...

Страница 884: ...ble aggressive aging timeout aggressive aging timeout Parameters Parameter Description aggressive aging enable Enable to manage the connections table capacity and memory consumption of the firewall to increase durability and stability aggressive aging timeout Time in seconds before the aggressive aging times out delay sync interval Time in seconds after connection initiation to start synchronizing...

Страница 885: ...ynchronize connections on cluster will be synchronized as they pass through the cluster sync delay enable True to delay connections synchronization use source port Use source port Example set service system default NNTP port 8080 8090 disable inspection true session timeout 15 use source port false source port 8080 keep connections open after policy installation true sync connections on cluster tr...

Страница 886: ...ries R80 20 05 CLI Reference Guide 886 show service system default NNTP Description Shows the settings of the built in NNTP service object Syntax show service system default NNTP Parameters Parameter Description n a Example show service system default NNTP ...

Страница 887: ...ble aggressive aging timeout aggressive aging timeout Parameters Parameter Description aggressive aging enable Enable to manage the connections table capacity and memory consumption of the firewall to increase durability and stability aggressive aging timeout Time in seconds before the aggressive aging times out delay sync interval Time in seconds after connection initiation to start synchronizing...

Страница 888: ...ynchronize connections on cluster will be synchronized as they pass through the cluster sync delay enable True to delay connections synchronization use source port Use source port Example set service system default POP3 port 8080 8090 disable inspection true session timeout 15 use source port false source port 8080 keep connections open after policy installation true sync connections on cluster tr...

Страница 889: ...ries R80 20 05 CLI Reference Guide 889 show service system default POP3 Description Shows the settings of the built in POP3 service object Syntax show service system default POP3 Parameters Parameter Description n a Example show service system default POP3 ...

Страница 890: ...ging enable aggressive aging timeout aggressive aging timeout Parameters Parameter Description aggressive aging enable Enable to manage the connections table capacity and memory consumption of the firewall to increase durability and stability aggressive aging timeout Time in seconds before the aggressive aging times out delay sync interval Time in seconds after connection initiation to start synch...

Страница 891: ...ynchronize connections on cluster will be synchronized as they pass through the cluster sync delay enable True to delay connections synchronization use source port Use source port Example set service system default PPTP_TCP port 8080 8090 disable inspection true session timeout 15 use source port false source port 8080 keep connections open after policy installation true sync connections on cluste...

Страница 892: ...80 20 05 CLI Reference Guide 892 show service system default PPTP_TCP Description Shows the settings of the built in PPTP_TCP service object Syntax show service system default PPTP_TCP Parameters Parameter Description n a Example show service system default PPTP_TCP ...

Страница 893: ...em default PPTP_TCP ips settings action action track track strict strict Parameters Parameter Description action Select action for PPTP connections allowed values are Accept and Block Options block accept strict True to enforce strict PPTP parsing Type Boolean true false track Select track option for PPTP connections allowed values are log alert and don t log Options none log alert Example set ser...

Страница 894: ...ence Guide 894 show service system default PPTP_TCP ips settings Description Shows the inspection settings of the built in Any_TCP service object Syntax show service system default PPTP_TCP ips settings Parameters Parameter Description n a Example show service system default PPTP_TCP ips settings ...

Страница 895: ... aging enable aggressive aging timeout aggressive aging timeout Parameters Parameter Description aggressive aging enable Enable to manage the connections table capacity and memory consumption of the firewall to increase durability and stability aggressive aging timeout Time in seconds before the aggressive aging times out delay sync interval Time in seconds after connection initiation to start syn...

Страница 896: ...ynchronize connections on cluster will be synchronized as they pass through the cluster sync delay enable True to delay connections synchronization use source port Use source port Example set service system default RealAudio port 8080 8090 disable inspection true session timeout 15 use source port false source port 8080 keep connections open after policy installation true sync connections on clust...

Страница 897: ... 20 05 CLI Reference Guide 897 show service system default RealAudio Description Shows the settings of the built in RealAudio service object Syntax show service system default RealAudio Parameters Parameter Description n a Example show service system default RealAudio ...

Страница 898: ...e aggressive aging timeout aggressive aging timeout Parameters Parameter Description aggressive aging enable Enable to manage the connections table capacity and memory consumption of the firewall to increase durability and stability aggressive aging timeout Time in seconds before the aggressive aging times out delay sync interval Time in seconds after connection initiation to start synchronizing c...

Страница 899: ...ynchronize connections on cluster will be synchronized as they pass through the cluster sync delay enable True to delay connections synchronization use source port Use source port Example set service system default RSH port 8080 8090 disable inspection true session timeout 15 use source port false source port 8080 keep connections open after policy installation true sync connections on cluster tru...

Страница 900: ...eries R80 20 05 CLI Reference Guide 900 show service system default RSH Description Shows the settings of the built in RSH service object Syntax show service system default RSH Parameters Parameter Description n a Example show service system default RSH ...

Страница 901: ...ble aggressive aging timeout aggressive aging timeout Parameters Parameter Description aggressive aging enable Enable to manage the connections table capacity and memory consumption of the firewall to increase durability and stability aggressive aging timeout Time in seconds before the aggressive aging times out delay sync interval Time in seconds after connection initiation to start synchronizing...

Страница 902: ...ynchronize connections on cluster will be synchronized as they pass through the cluster sync delay enable True to delay connections synchronization use source port Use source port Example set service system default RTSP port 8080 8090 disable inspection true session timeout 15 use source port false source port 8080 keep connections open after policy installation true sync connections on cluster tr...

Страница 903: ...ries R80 20 05 CLI Reference Guide 903 show service system default RTSP Description Shows the settings of the built in RTSP service object Syntax show service system default RTSP Parameters Parameter Description n a Example show service system default RTSP ...

Страница 904: ...ble aggressive aging timeout aggressive aging timeout Parameters Parameter Description aggressive aging enable Enable to manage the connections table capacity and memory consumption of the firewall to increase durability and stability aggressive aging timeout Time in seconds before the aggressive aging times out delay sync interval Time in seconds after connection initiation to start synchronizing...

Страница 905: ...ynchronize connections on cluster will be synchronized as they pass through the cluster sync delay enable True to delay connections synchronization use source port Use source port Example set service system default SCCP port 8080 8090 disable inspection true session timeout 15 use source port false source port 8080 keep connections open after policy installation true sync connections on cluster tr...

Страница 906: ...ries R80 20 05 CLI Reference Guide 906 show service system default SCCP Description Shows the settings of the built in SCCP service object Syntax show service system default SCCP Parameters Parameter Description n a Example show service system default SCCP ...

Страница 907: ...nable aggressive aging timeout aggressive aging timeout Parameters Parameter Description aggressive aging enable Enable to manage the connections table capacity and memory consumption of the firewall to increase durability and stability aggressive aging timeout Time in seconds before the aggressive aging times out delay sync interval Time in seconds after connection initiation to start synchronizi...

Страница 908: ...ynchronize connections on cluster will be synchronized as they pass through the cluster sync delay enable True to delay connections synchronization use source port Use source port Example set service system default SCCPS port 8080 8090 disable inspection true session timeout 15 use source port false source port 8080 keep connections open after policy installation true sync connections on cluster t...

Страница 909: ...es R80 20 05 CLI Reference Guide 909 show service system default SCCPS Description Shows the settings of the built in SCCPS service object Syntax show service system default SCCPS Parameters Parameter Description n a Example show service system default SCCPS ...

Страница 910: ...ng enable aggressive aging timeout aggressive aging timeout Parameters Parameter Description aggressive aging enable Enable to manage the connections table capacity and memory consumption of the firewall to increase durability and stability aggressive aging timeout Time in seconds before the aggressive aging times out delay sync interval Time in seconds after connection initiation to start synchro...

Страница 911: ...ynchronize connections on cluster will be synchronized as they pass through the cluster sync delay enable True to delay connections synchronization use source port Use source port Example set service system default SIP_TCP port 8080 8090 disable inspection true session timeout 15 use source port false source port 8080 keep connections open after policy installation true sync connections on cluster...

Страница 912: ...R80 20 05 CLI Reference Guide 912 show service system default SIP_TCP Description Shows the settings of the built in SIP_TCP service object Syntax show service system default SIP_TCP Parameters Parameter Description n a Example show service system default SIP_TCP ...

Страница 913: ...cept replies accept replies Parameters Parameter Description accept replies Specifies if service replies are to be accepted disable inspection Disable deep inspection of traffic matching this service Type Boolean true false port Destination ports a comma separated list of ports ranges Type Port range session timeout Time in seconds before the session times out source port Source port use source po...

Страница 914: ...R80 20 05 CLI Reference Guide 914 show service system default SIP_UDP Description Shows the settings of the built in SIP_UDP service object Syntax show service system default SIP_UDP Parameters Parameter Description n a Example show service system default SIP_UDP ...

Страница 915: ...ble aggressive aging timeout aggressive aging timeout Parameters Parameter Description aggressive aging enable Enable to manage the connections table capacity and memory consumption of the firewall to increase durability and stability aggressive aging timeout Time in seconds before the aggressive aging times out delay sync interval Time in seconds after connection initiation to start synchronizing...

Страница 916: ...ynchronize connections on cluster will be synchronized as they pass through the cluster sync delay enable True to delay connections synchronization use source port Use source port Example set service system default SMTP port 8080 8090 disable inspection true session timeout 15 use source port false source port 8080 keep connections open after policy installation true sync connections on cluster tr...

Страница 917: ...ries R80 20 05 CLI Reference Guide 917 show service system default SMTP Description Shows the settings of the built in SMTP service object Syntax show service system default SMTP Parameters Parameter Description n a Example show service system default SMTP ...

Страница 918: ...replies accept replies Parameters Parameter Description accept replies Specifies if service replies are to be accepted disable inspection Disable deep inspection of traffic matching this service Type Boolean true false port Destination ports a comma separated list of ports ranges Type Port range session timeout Time in seconds before the session times out source port Source port use source port Us...

Страница 919: ...ries R80 20 05 CLI Reference Guide 919 show service system default SNMP Description Shows the settings of the built in SNMP service object Syntax show service system default SNMP Parameters Parameter Description n a Example show service system default SNMP ...

Страница 920: ...efault SNMP firewall settings Description Additional configuration for SNMP service Syntax set service system default SNMP firewall settings read only read only Parameters Parameter Description read only True to enforce read only mode Type Boolean true false Example set service system default SNMP firewall settings read only true ...

Страница 921: ...ence Guide 921 show service system default SNMP firewall settings Description Shows the inspection settings of the built in SNMP service object Syntax show service system default SNMP firewall settings Parameters Parameter Description n a Example show service system default SNMP firewall settings ...

Страница 922: ... enable aggressive aging timeout aggressive aging timeout Parameters Parameter Description aggressive aging enable Enable to manage the connections table capacity and memory consumption of the firewall to increase durability and stability aggressive aging timeout Time in seconds before the aggressive aging times out delay sync interval Time in seconds after connection initiation to start synchroni...

Страница 923: ...ynchronize connections on cluster will be synchronized as they pass through the cluster sync delay enable True to delay connections synchronization use source port Use source port Example set service system default SQLNet port 8080 8090 disable inspection true session timeout 15 use source port false source port 8080 keep connections open after policy installation true sync connections on cluster ...

Страница 924: ...s R80 20 05 CLI Reference Guide 924 show service system default SQLNet Description Shows the settings of the built in SQLNet service object Syntax show service system default SQLNet Parameters Parameter Description n a Example show service system default SQLNet ...

Страница 925: ...e aggressive aging timeout aggressive aging timeout Parameters Parameter Description aggressive aging enable Enable to manage the connections table capacity and memory consumption of the firewall to increase durability and stability aggressive aging timeout Time in seconds before the aggressive aging times out delay sync interval Time in seconds after connection initiation to start synchronizing c...

Страница 926: ...ynchronize connections on cluster will be synchronized as they pass through the cluster sync delay enable True to delay connections synchronization use source port Use source port Example set service system default SSH port 8080 8090 disable inspection true session timeout 15 use source port false source port 8080 keep connections open after policy installation true sync connections on cluster tru...

Страница 927: ...eries R80 20 05 CLI Reference Guide 927 show service system default SSH Description Shows the settings of the built in SSH service object Syntax show service system default SSH Parameters Parameter Description n a Example show service system default SSH ...

Страница 928: ...Description Configures additional inspection settings of the built in SSH service object Syntax set service system default SSH ips settings block version block version Parameters Parameter Description block version True to enforce blocking of version 1 x Type Boolean true false Example set service system default SSH ips settings block version true ...

Страница 929: ...I Reference Guide 929 show service system default SSH ips settings Description Shows the inspection settings of the built in SSH service object Syntax show service system default SSH ips settings Parameters Parameter Description n a Example show service system default SSH ips settings ...

Страница 930: ... enable aggressive aging timeout aggressive aging timeout Parameters Parameter Description aggressive aging enable Enable to manage the connections table capacity and memory consumption of the firewall to increase durability and stability aggressive aging timeout Time in seconds before the aggressive aging times out delay sync interval Time in seconds after connection initiation to start synchroni...

Страница 931: ...ynchronize connections on cluster will be synchronized as they pass through the cluster sync delay enable True to delay connections synchronization use source port Use source port Example set service system default TELNET port 8080 8090 disable inspection true session timeout 15 use source port false source port 8080 keep connections open after policy installation true sync connections on cluster ...

Страница 932: ...s R80 20 05 CLI Reference Guide 932 show service system default TELNET Description Shows the settings of the built in TELNET service object Syntax show service system default TELNET Parameters Parameter Description n a Example show service system default TELNET ...

Страница 933: ...eplies Specifies if service replies are to be accepted disable inspection Disable deep inspection of traffic matching this service Type Boolean true false keep connections open after policy installation True to keep connections open after policy has been installed even if they are not allowed under the new policy port Destination ports a comma separated list of ports ranges Type Port range session...

Страница 934: ...5 CLI Reference Guide 934 Example set service system default TFTP port 8080 8090 disable inspection true accept replies true session timeout 15 use source port false source port 8080 keep connections open after policy installation true sync connections on cluster true ...

Страница 935: ...ries R80 20 05 CLI Reference Guide 935 show service system default TFTP Description Shows the settings of the built in TFTP service object Syntax show service system default TFTP Parameters Parameter Description n a Example show service system default TFTP ...

Страница 936: ...service tcp SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 936 service tcp ...

Страница 937: ...name name port port comments comments Parameters Parameter Description comments Comments and explanation about the service Type A string that contains less than 257 characters of this set 0 9 a z or name Service name Type String port Destination ports a comma separated list of ports ranges Type Port range Example add service tcp name TEXT port 8080 8090 comments This is a comment ...

Страница 938: ...source port source port Parameters Parameter Description aggressive aging enable Enable to manage the connections table capacity and memory consumption of the firewall to increase durability and stability aggressive aging timeout Time in seconds before the aggressive aging times out comments Comments and explanation about the service Type A string that contains less than 257 characters of this set...

Страница 939: ...only those with synchronize connections on cluster will be synchronized as they pass through the cluster sync delay enable True to delay connections synchronization use source port Use source port Example set service tcp TEXT name TEXT port 8080 8090 comments This is a comment session timeout 15 sync connections on cluster true sync delay enable true delay sync interval 15 aggressive aging enable ...

Страница 940: ...ce Series R80 20 05 CLI Reference Guide 940 delete service tcp Description Deletes a TCP service object by name Syntax delete service tcp name Parameters Parameter Description name Service name Type String Example delete service tcp TEXT ...

Страница 941: ...s R80 20 05 CLI Reference Guide 941 show service tcp Description Shows the configuration of a specific TCP service object Syntax show service tcp name Parameters Parameter Description name Service name Type String Example show service tcp TEXT ...

Страница 942: ...1500 Appliance Series R80 20 05 CLI Reference Guide 942 show services tcp Description Shows the configuration of all TCP service objects Syntax show services tcp Parameters Parameter Description n a Example show services tcp ...

Страница 943: ...service udp SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 943 service udp ...

Страница 944: ...name name port port comments comments Parameters Parameter Description comments Comments and explanation about the service Type A string that contains less than 257 characters of this set 0 9 a z or name Service name Type String port Destination ports a comma separated list of ports ranges Type Port range Example add service udp name TEXT port 8080 8090 comments This is a comment ...

Страница 945: ...ce Series R80 20 05 CLI Reference Guide 945 delete service udp Description Deletes a UDP service object by name Syntax delete service udp name Parameters Parameter Description name Service name Type String Example delete service udp TEXT ...

Страница 946: ...age the connections table capacity and memory consumption of the firewall to increase durability and stability aggressive aging timeout Time in seconds before the aggressive aging times out comments Comments and explanation about the service Type A string that contains less than 257 characters of this set 0 9 a z or name Service name Type String port Destination ports a comma separated list of por...

Страница 947: ...R80 20 05 CLI Reference Guide 947 Example set service udp TEXT name TEXT port 8080 8090 comments This is a comment session timeout 15 accept replies true sync connections on cluster true aggressive aging enable true aggressive aging timeout 15 ...

Страница 948: ...s R80 20 05 CLI Reference Guide 948 show service udp Description Shows the configuration of a specific UDP service object Syntax show service udp name Parameters Parameter Description name Service name Type String Example show service udp TEXT ...

Страница 949: ...1500 Appliance Series R80 20 05 CLI Reference Guide 949 show services udp Description Shows the configuration of all UDP service objects Syntax show services udp Parameters Parameter Description n a Example show services udp ...

Страница 950: ... Appliance Series R80 20 05 CLI Reference Guide 950 show services icmp Description Shows the configuration of all ICMP type service objects Syntax show services icmp Parameters Parameter Description n a Example show services icmp ...

Страница 951: ...ference Guide 951 shell expert The shelland expertcommands switch between the shell and expert modes Description Changes to expert mode Syntax shell expert Parameters Parameter Description n a Example shell Comments Use the cpshell command to start cpshell ...

Страница 952: ...nce Guide 952 set sic_init Description Sets the SIC password Syntax set sic_init password pass Parameters Parameter Description pass One time password as specified by the Security Management Server administrator Example set sic_init password verySecurePassword ...

Страница 953: ...name print the table content s for summary ranges print the range content tab d templates print only templates in drop state dbg options set the sim debug flags affinity get set affinity options nonaccel s c name s set or clear interface s as not accelerated feature feature on off enable disable features tmplquota options configure template quota feature hlqos options configure Heavy Load CPU QOS ...

Страница 954: ...snmp SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 954 snmp ...

Страница 955: ...add snmp SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 955 add snmp Adds SNMP trap receiver and SNMP users to the SNMP configuration ...

Страница 956: ... Parameters Parameter Description community Community name of the receivers trap public is default for version2 users Type A string of alphanumeric characters without space between them traps receiver Receivers IP address that the trap associated with Type IP address user SNMP version3 Defined user version SNMP Version options are v2 or v3 Type Press TAB to see available options Example add snmp t...

Страница 957: ...ic and special characters auth pass type Authentication protocol type for the version3 user options are MD5 or SHA1 Options MD5 SHA1 privacy pass phrase Privacy password chosen by the version3 user in case privacy is set Type A string that contains alphanumeric and special characters privacy pass type Privacy protocol type for the version3 user options are AES or DES Options AES DES security level...

Страница 958: ...delete snmp SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 958 delete snmp Deletes SNMP trap receivers and SNMP users ...

Страница 959: ...snmp Description Deletes an existing SNMP trap receiver by IP address Syntax delete snmp traps receiver traps receiver Parameters Parameter Description traps receiver Receivers IP address that the trap associated with Type IP address Example delete snmp traps receiver 192 168 1 1 ...

Страница 960: ...p SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 960 delete snmp Description Deletes a configured SNMP contact Syntax delete snmp contact Parameters Parameter Description n a Example delete snmp contact ...

Страница 961: ... SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 961 delete snmp Description Deletes a configured SNMP location Syntax delete snmp location Parameters Parameter Description n a Example delete snmp location ...

Страница 962: ...set snmp SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 962 set snmp Configures SNMP settings ...

Страница 963: ...false agent version Is the defined SNMP version is version3 only Type Boolean true false community Community name of the SNMP public is the default Type A string of alphanumeric characters without space between them contact System contact name maximum length is 128 Type A string that contains less than 257 characters of this set 0 9 a z or location System location name Type A string that contains ...

Страница 964: ... false agent version Is the defined SNMP version is version3 only Type Boolean true false community Community name of the SNMP public is the default Type A string of alphanumeric characters without space between them contact System contact name maximum length is 128 Type A string that contains less than 257 characters of this set 0 9 a z or location System location name Type A string that contains...

Страница 965: ...ue false agent version Is the defined SNMP version is version3 only Type Boolean true false community Community name of the SNMP public is the default Type A string of alphanumeric characters without space between them contact System contact name maximum length is 128 Type A string that contains less than 257 characters of this set 0 9 a z or location System location name Type A string that contai...

Страница 966: ...e false agent version Is the defined SNMP version is version3 only Type Boolean true false community Community name of the SNMP public is the default Type A string of alphanumeric characters without space between them contact System contact name maximum length is 128 Type A string that contains less than 257 characters of this set 0 9 a z or location System location name Type A string that contain...

Страница 967: ...e false agent version Is the defined SNMP version is version3 only Type Boolean true false community Community name of the SNMP public is the default Type A string of alphanumeric characters without space between them contact System contact name maximum length is 128 Type A string that contains less than 257 characters of this set 0 9 a z or location System location name Type A string that contain...

Страница 968: ...show snmp SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 968 show snmp Shows SNMP configuration ...

Страница 969: ...ow snmp SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 969 show snmp Description Shows SNMP agent configuration Syntax show snmp agent Parameters Parameter Description n a Example show snmp agent ...

Страница 970: ...1500 Appliance Series R80 20 05 CLI Reference Guide 970 show snmp Description Shows SNMP agent version configuration Syntax show snmp agent version Parameters Parameter Description n a Example show snmp agent version ...

Страница 971: ...p SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 971 show snmp Description Shows SNMP community configuration Syntax show snmp community Parameters Parameter Description n a Example show snmp community ...

Страница 972: ...snmp SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 972 show snmp Description Shows SNMP contact configuration Syntax show snmp contact Parameters Parameter Description n a Example show snmp contact ...

Страница 973: ...mp SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 973 show snmp Description Shows SNMP location configuration Syntax show snmp location Parameters Parameter Description n a Example show snmp location ...

Страница 974: ... all SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 974 show snmp general all Description Shows SNMP configuration Syntax show snmp general all Parameters Parameter Description n a Example show snmp general all ...

Страница 975: ...snmp traps SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 975 snmp traps ...

Страница 976: ...set snmp traps SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 976 set snmp traps Configures enables or disables traps from the list the enabled traps are sent to the trap receivers ...

Страница 977: ... 05 CLI Reference Guide 977 set snmp traps Description Enable Disable SNMP traps functionality Syntax set snmp traps enable disable Parameters Parameter Description snmpTrapsEnable snmpTrapsEnable Type Boolean true false Example set snmp traps true ...

Страница 978: ...itions on trap sending times between 0 10 optional field Type A number with no fractional part integer repetitions delay Wait time in seconds between sending each trap optional field Type A number with no fractional part integer severity Trap hazardous level optional field severity of the trap between 1 4 Type A number with no fractional part integer threshold The mathematical value associated wit...

Страница 979: ...ers Parameter Description community Community name of the receivers trap public is default for version2 users Type A string of alphanumeric characters without space between them receiver Receivers IP address that the trap associated with Type IP address user SNMP version3 Defined user version SNMP Version options are v2 or v3 Type Press TAB to see available options Example set snmp traps receiver ...

Страница 980: ...aps SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 980 show snmp traps Description Shows SNMP traps status Syntax show snmp traps status Parameters Parameter Description n a Example show snmp traps status ...

Страница 981: ...ance Series R80 20 05 CLI Reference Guide 981 delete snmp traps receivers Description Deletes all configured SNMP trap receivers Syntax delete snmp traps receivers all Parameters Parameter Description n a Example delete snmp traps receivers all ...

Страница 982: ...B 1500 Appliance Series R80 20 05 CLI Reference Guide 982 show snmp traps receivers Description Shows all SNMP trap receivers Syntax show snmp traps receivers Parameters Parameter Description n a Example show snmp traps receivers ...

Страница 983: ...MB 1500 Appliance Series R80 20 05 CLI Reference Guide 983 show snmp traps enabled traps Description Shows all SNMP traps Syntax show snmp traps enabled traps Parameters Parameter Description n a Example show snmp traps enabled traps ...

Страница 984: ...snmp user SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 984 snmp user ...

Страница 985: ...de 985 delete snmp user Description Deletes a configured SNMP user by name Syntax delete snmp user user name Parameters Parameter Description user name version3 user name Type A string that contains 0 9 a z up to 64 characters without spaces Example delete snmp user admin ...

Страница 986: ...c and special characters auth pass type Authentication protocol type for the version3 user options are MD5 or SHA1 Options MD5 SHA1 privacy pass phrase Privacy password chosen by the version3 user in case privacy is set Type A string that contains alphanumeric and special characters privacy pass type Privacy protocol type for the version3 user options are AES or DES Options AES DES security level ...

Страница 987: ...Guide 987 show snmp user Description Shows the configuration of SNMP user Syntax show snmp user user name Parameters Parameter Description user name version3 user name Type A string that contains 0 9 a z up to 64 characters without spaces Example show snmp user admin ...

Страница 988: ...s SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 988 show snmp users Description Shows the configuration of all SNMP users Syntax show snmp users Parameters Parameter Description n a Example show snmp users ...

Страница 989: ...SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 989 delete snmp users Description Deletes all configured SNMP users Syntax delete snmp users all Parameters Parameter Description n a Example delete snmp users all ...

Страница 990: ...90 show software version Description Shows the version of the current software Syntax show software version ver Parameters Parameter Description n a Example show software version Output Success shows the software version of the appliance Failure shows an appropriate error message ...

Страница 991: ...ssl inspection advanced settings SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 991 ssl inspection advanced settings ...

Страница 992: ...cates Parameters Parameter Description additional https ports Additional HTTPS ports for ssl inspection a comma separated list ofports ranges Type Port range bypass well known update services Bypass HTTPS Inspection of traffic to well known software update services Type Boolean true false log empty ssl connections Log connections that were terminated by the client before data was sent might indica...

Страница 993: ... certificate with an unreachable CRL Type Boolean true false validate untrusted certificates Indicates if the SSL inspection mechanism will drop connections that present an untrusted server certificate Type Boolean true false Example set ssl inspection advanced settings bypass well known update services true validate crl true validate cert expiration true validate unreachable crl true track valida...

Страница 994: ...eries R80 20 05 CLI Reference Guide 994 show ssl inspection advanced settings Description Show advanced settings for SSL Inspection Syntax show ssl inspection advanced settings Parameters Parameter Description n a Example show ssl inspection advanced settings ...

Страница 995: ...ssl inspection exception SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 995 ssl inspection exception ...

Страница 996: ...tegory negate If true the category is all traffic except what is defined in the category field Type Boolean true false comment Description of the rule Type A string that contains less than 257 characters of this set 0 9 a z or destination Network object that is the target of the connection destination negate If true the destination is all traffic except what is defined in the destination field Typ...

Страница 997: ...track The action taken when there is a match on the rule Options none log alert Example add ssl inspection exception source TEXT source negate true destination TEXT destination negate true service TEXT service negate true category name TEXT category negate true comment This is a comment track none disabled true ...

Страница 998: ...delete ssl inspection exception SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 998 delete ssl inspection exception Delete an existing SSL Inspection policy exception ...

Страница 999: ...99 delete ssl inspection exception Description Delete an existing SSL Inspection policy exception Syntax delete ssl inspection exception position position Parameters Parameter Description position The index of exception Type Decimal number Example delete ssl inspection exception position 2 ...

Страница 1000: ...es R80 20 05 CLI Reference Guide 1000 delete ssl inspection exception Description Delete an existing SSL Inspection policy exception Syntax delete ssl inspection exception all Parameters Parameter Description n a Example delete ssl inspection exception all ...

Страница 1001: ...eter Description category id Application or custom application name category name Application or custom application name category negate If true the category is all traffic except what is defined in the category field Type Boolean true false comment Description of the rule Type A string that contains less than 257 characters of this set 0 9 a z or destination Network object that is the target of t...

Страница 1002: ...hat initiates the connection source negate If true the source is all traffic except what is defined in the source field Type Boolean true false track The action taken when there is a match on the rule Options none log alert Example set ssl inspection exception position 2 source TEXT source negate true destination TEXT destination negate true service TEXT service negate true category name TEXT cate...

Страница 1003: ...n exception Description Show the configuration of a specific SSL Inspection policy exception Syntax show ssl inspection exception position position position position Parameters Parameter Description position The index of exception Type Decimal number Example show ssl inspection exception position 2 position 2 ...

Страница 1004: ...004 show ssl inspection exceptions Description Show all configured SSL Inspection policy exceptions Syntax show ssl inspection exceptions position position Parameters Parameter Description position The index of exception Type Decimal number Example show ssl inspection exceptions position 2 ...

Страница 1005: ...ssl inspection policy SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1005 ssl inspection policy ...

Страница 1006: ...ireless ssl inspection bypass untrusted wireless ssl inspection bypass untrusted wireless ssl inspection bypass well known update services bypass well known update services Parameters Parameter Description bypass banking category traffic Bypass banking category traffic Type Boolean true false bypass government and military category traffic Bypass government category traffic Type Boolean true false...

Страница 1007: ...icy bypass traffic Generate an SSL bypass log for SSL traffic that was not inspected by SSL inspection Type Boolean true false mode Indicates if SSL inspection feature is active Type Boolean true false Example set ssl inspection policy mode true log policy bypass traffic true log inspected traffic true bypass health category traffic true bypass government and military category traffic true bypass ...

Страница 1008: ...filtering for HTTPS sites and applications based on server s certificate without activating SSL traffic inspection Syntax set ssl inspection policy https categorization only mode on Parameters Parameter Description https categorization only mode HTTPS categorization only cane be enabled via HTTPS service Type Boolean true false Example set ssl inspection policy https categorization only mode true ...

Страница 1009: ...cy inspect https protocol Description Enable SSL Inspection policy to inspect HTTPS protocol Note SSL Inspection must be enabled first Syntax set ssl inspection policy inspect https protocol true false Parameters Parameter Description true false true Enabled false Disabled Example set ssl inspection policy inspect https protocol true ...

Страница 1010: ...cy inspect imaps protocol Description Enable SSL Inspection policy to inspect IMAPS protocol Note SSL Inspection must be enabled first Syntax set ssl inspection policy inspect imaps protocol true false Parameters Parameter Description true false true Enabled false Disabled Example set ssl inspection policy inspect imaps protocol true ...

Страница 1011: ...B 1500 Appliance Series R80 20 05 CLI Reference Guide 1011 show ssl inspection policy Description Show SSL Inspection policy Syntax show ssl inspection policy Parameters Parameter Description n a Example show ssl inspection policy ...

Страница 1012: ...delete ssl network extender Description Forces a manual deletion of the SSL network extender thus forcing the gateway to re download the latest version of the extender from the cloud Syntax delete ssl network extender Parameters Parameter Description n a Example delete ssl network extender ...

Страница 1013: ...static route SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1013 static route ...

Страница 1014: ...on destination IP address and subnet length of the destination of the packet in the format IP subnet e g 192 168 0 0 16 Type An IP address with a mask length metric Metric Type A number with no fractional part integer service Route service name Type String source IP address and subnet length of the source of the packet in the format IP subnet e g 192 168 1 0 24 Type An IP address with a mask lengt...

Страница 1015: ...of the destination of the packet in the format IP subnet e g 192 168 0 0 16 Type An IP address with a mask length disabled Is rule disabled Type Boolean true false id id Type A number with no fractional part integer metric Metric Type A number with no fractional part integer service Route service name Type String source IP address and subnet length of the source of the packet in the format IP subn...

Страница 1016: ... Guide 1016 delete static route Description Deletes a manually defined routing rule Syntax delete static route id Parameters Parameter Description id The rule order as shown in show static routes Type A number with no fractional part integer Example delete static route 3 ...

Страница 1017: ...0 Appliance Series R80 20 05 CLI Reference Guide 1017 delete static routes Description Deletes all manually defined static routing rules Syntax delete static routes Parameters Parameter Description n a Example delete static routes ...

Страница 1018: ... routes SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1018 show static routes Description Shows all static routes Syntax show static routes Parameters Parameter Description n a Example show static routes ...

Страница 1019: ...streaming engine settings SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1019 streaming engine settings ...

Страница 1020: ...set streaming engine settings SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1020 set streaming engine settings Configures the streaming engine settings ...

Страница 1021: ...timeout track tcp hold timeout track tcp invalid checksum mon only tcp invalid checksum mon only tcp invalid checksum track tcp invalid checksum track tcp segment limit mon only tcp segment limit mon only tcp segment limit track tcp segment limit track Parameters Parameter Description tcp block out of win mon only TCP Out of Sequence activation mode Options prevent detect tcp block out of win trac...

Страница 1022: ... Options none log alert tcp segment limit mon only TCP Segment Limit Enforcement activation mode Options prevent detect tcp segment limit track TCP Segment Limit Enforcement tracking Options none log alert Example set streaming engine settings tcp block out of win mon only prevent tcp block out of win track none tcp block retrans err mon only prevent tcp block retrans err track none tcp block syn ...

Страница 1023: ... tcp invalid checksum mon only tcp invalid checksum mon only tcp segment limit track tcp segment limit track tcp block urg bit mon only tcp block urg bit mon only tcp segment limit mon only tcp segment limit mon only tcp hold timeout mon only tcp hold timeout mon only tcp hold timeout track tcp hold timeout track Parameters Parameter Description n a Example set streaming engine settings advanced s...

Страница 1024: ...show streaming engine settings SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1024 show streaming engine settings Shows streaming engine settings ...

Страница 1025: ... Appliance Series R80 20 05 CLI Reference Guide 1025 show streaming engine settings Description Shows streaming engine settings Syntax show streaming engine settings Parameters Parameter Description n a Example show streaming engine settings ...

Страница 1026: ...0 05 CLI Reference Guide 1026 show streaming engine settings Description Shows streaming engine advanced settings Syntax show streaming engine settings advanced settings Parameters Parameter Description n a Example show streaming engine settings advanced settings ...

Страница 1027: ...switch SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1027 switch ...

Страница 1028: ...a switch object which passes traffic between those ports in the hardware level traffic doesn t undergo inspection as it is not routed between those ports In essence the switch combines physical LAN ports into a single network Syntax add switch name name Parameters Parameter Description name Name Type A switch name should be LAN 1 8 _Switch Example add switch name LAN2_Switch ...

Страница 1029: ...LI Reference Guide 1029 delete switch Description Deletes a defined port based VLAN switch object by name Syntax delete switch name Parameters Parameter Description name Name Type A switch name should be LAN 1 8 _Switch Example delete switch LAN2_Switch ...

Страница 1030: ...set switch SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1030 set switch Configures an existing port based VLAN switch ...

Страница 1031: ...e 1031 set switch Description Add a physical port to an existing port based VLAN switch Syntax set switch name add port port Parameters Parameter Description name Name Type A switch name should be LAN 1 8 _Switch port Name Example set switch LAN2_Switch add port LAN4 ...

Страница 1032: ... set switch Description Removes a physical port from an existing port based VLAN switch Syntax set switch name remove port port Parameters Parameter Description name Name Type A switch name should be LAN 1 8 _Switch port Name Example set switch LAN2_Switch remove port LAN4 ...

Страница 1033: ...show switch SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1033 show switch Shows port based VLAN switch configuration ...

Страница 1034: ... 20 05 CLI Reference Guide 1034 show switch Description Shows port based VLAN switch configuration Syntax show switch name Parameters Parameter Description name Name Type A switch name should be LAN 1 8 _Switch Example show switch LAN2_Switch ...

Страница 1035: ...e Guide 1035 show switch Description Shows ports within a configured port based VLAN switch configuration Syntax show switch name ports Parameters Parameter Description name Name Type A switch name should be LAN 1 8 _Switch Example show switch LAN2_Switch ports ...

Страница 1036: ...itches SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1036 show switches Description Shows all port based VLANs switches Syntax show switches Parameters Parameter Description n a Example show switches ...

Страница 1037: ...syslog server SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1037 syslog server ...

Страница 1038: ...eter Description enabled Determine if an external System Log Server is active Type Boolean true false ipv4 address The desired external System Log Server IP address Type IP address name System Log Server name Type A string of alphanumeric characters with space between them port Port in the external System Log Server that receives the logs default is 514 Type Port number sent logs Determine which l...

Страница 1039: ...eries R80 20 05 CLI Reference Guide 1039 add syslog server protocol tls Description Adds a new external syslog server for the TLS protocol Syntax add syslog server protocol tls Parameters Parameter Description n a Example add syslog server protocol tls ...

Страница 1040: ...delete syslog server SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1040 delete syslog server Deletes a configured external syslog server ...

Страница 1041: ... server Description Deletes a configured external syslog server by IP address Syntax delete syslog server ipv4 address ipv4 address Parameters Parameter Description ipv4 address The desired external System Log Server IP address Type IP address Example delete syslog server ipv4 address 192 168 1 1 ...

Страница 1042: ...slog server Description Deletes a configured external syslog server by name Syntax delete syslog server name name Parameters Parameter Description name System Log Server name Type A string of alphanumeric characters with space between them Example delete syslog server name syslog_server_name ...

Страница 1043: ...set syslog server SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1043 set syslog server Configure an existing syslog server s settings ...

Страница 1044: ...rver is active Type Boolean true false ipv4 address The desired external System Log Server IP address Type IP address name System Log Server name Type A string of alphanumeric characters with space between them port Port in the external System Log Server that receives the logs default is 514 Type Port number sent logs Determine which logs types will be sent to the System Log Server Options system ...

Страница 1045: ...active Type Boolean true false ipv4 address The desired external System Log Server IP address Type IP address name System Log Server name Type A string of alphanumeric characters with space between them port Port in the external System Log Server that receives the logs default is 514 Type Port number sent logs Determine which logs types will be sent to the System Log Server Options system logs sec...

Страница 1046: ...show syslog server SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1046 show syslog server Shows configuration of external syslog servers ...

Страница 1047: ...rver Description Shows configuration of an external syslog server by IP address Syntax show syslog server ipv4 address ipv4 address Parameters Parameter Description ipv4 address The desired external System Log Server IP address Type IP address Example show syslog server ipv4 address 192 168 1 1 ...

Страница 1048: ...slog server Description Shows configuration of an external syslog server by name Syntax show syslog server name name Parameters Parameter Description name System Log Server name Type A string of alphanumeric characters with space between them Example show syslog server name several words ...

Страница 1049: ...ppliance Series R80 20 05 CLI Reference Guide 1049 show syslog server all Description Shows configuration of all external syslog servers Syntax show syslog server all Parameters Parameter Description n a Example show syslog server all ...

Страница 1050: ...show syslog server all SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1050 system settings Relevant commands for system settings ...

Страница 1051: ... 1051 show system settings is custom branding Description Shows whether white labeling has been enabled and the appliance has been customized with a particular brand Syntax show system settings is custom branding Parameters Parameter Description n a Example show system settings is custom branding ...

Страница 1052: ...ription The maximal value for TTL field for a packet to be considered as a traceroute Syntax set stateful_inspection advanced settings traceroute max ttl value Parameters Parameter Description value Integer between 0 and 64 Default 29 Example set stateful_inspection advanced settings traceroute max ttl 0 ...

Страница 1053: ...threat prevention advanced SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1053 threat prevention advanced ...

Страница 1054: ...tion advanced Description Configures advanced settings for Threat Prevention blades Syntax set threat prevention advanced advanced settings file inspection size kb file inspection size kb Parameters Parameter Description n a Example set threat prevention advanced advanced settings file inspection size kb 15000 ...

Страница 1055: ...Reference Guide 1055 show threat prevention advanced Description Shows advanced settings for the Threat Prevention blades Syntax show threat prevention advanced advanced settings Parameters Parameter Description n a Example show threat prevention advanced advanced settings ...

Страница 1056: ...threat prevention anti bot SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1056 threat prevention anti bot ...

Страница 1057: ...ith a bad reputation will be according to the policy or a manually configured specific action Options ask prevent detect inactive policy action reputation ips Indicates if the action upon detecting attempted access to IP addresses with a bad reputation will be according to the policy or a manually configured specific action Options ask prevent detect inactive policy action reputation urls Indicate...

Страница 1058: ...s R80 20 05 CLI Reference Guide 1058 show threat prevention anti bot engine Description Shows the engine settings of the Anti Bot blade Syntax show threat prevention anti bot engine Parameters Parameter Description n a Example show threat prevention anti bot engine ...

Страница 1059: ...set threat prevention anti bot policy SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1059 set threat prevention anti bot policy Configures the policy of the Anti Bot blade ...

Страница 1060: ...of the Anti Bot blade Syntax set threat prevention anti bot policy mode mode detect mode detect mode Parameters Parameter Description detect mode Indicates if the Anti Bot blade is set to Detect Only mode Type Boolean true false mode Indicates if the Anti Bot blade is active Type Boolean true false Example set threat prevention anti bot policy mode true detect mode true ...

Страница 1061: ...at prevention anti bot policy Description Configures advanced settings of the Anti Bot blade Syntax set threat prevention anti bot policy advanced settings res class mode res class mode Parameters Parameter Description n a Example set threat prevention anti bot policy advanced settings res class mode rs hold ...

Страница 1062: ...show threat prevention anti bot policy SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1062 show threat prevention anti bot policy Shows the policy of the Anti Bot blade ...

Страница 1063: ...eries R80 20 05 CLI Reference Guide 1063 show threat prevention anti bot policy Description Shows the policy of the Anti Bot blade Syntax show threat prevention anti bot policy Parameters Parameter Description n a Example show threat prevention anti bot policy ...

Страница 1064: ...erence Guide 1064 show threat prevention anti bot policy Description Shows the advanced settings of the Anti Bot blade Syntax show threat prevention anti bot policy advanced settings Parameters Parameter Description n a Example show threat prevention anti bot policy advanced settings ...

Страница 1065: ...ext that appears in the Anti Bot Ask user message Type A string that contains only printable characters fallback action Indicates the action to take when an Ask user message cannot be displayed Options block accept frequency Indicates how often is the Anti Bot Ask user message is being presented to the same user Options day week month reason displayed Indicates if the user must enter a reason for ...

Страница 1066: ...6 show threat prevention anti bot user check ask Description Shows the settings of the customizable ask message shown to users upon match on browser based traffic Syntax show threat prevention anti bot user check ask Parameters Parameter Description n a Example show threat prevention anti bot user check ask ...

Страница 1067: ...only printable characters redirect to url Indicates if the user will be redirected to a custom URL in case of a Block action Type Boolean true false redirect url Indicates the URL to redirect the user in case of a Block action if configured to do so The URL to redirect the user in case of a Block action Redirection happens only if this functionality is turned on Type urlWithHttp subject The subjec...

Страница 1068: ...hreat prevention anti bot user check block Description Shows the settings of the customizable block message shown to users upon Anti Bot match on browser based traffic Syntax show threat prevention anti bot user check block Parameters Parameter Description n a Example show threat prevention anti bot user check block ...

Страница 1069: ...threat prevention anti virus SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1069 threat prevention anti virus ...

Страница 1070: ...eters Parameter Description urls with malware Indicates if the action upon detecting access to and from URLs with a bad reputation will be according to the policy or a manually configured specific action Options ask prevent detect inactive policy action viruses Indicates if the action upon detecting viruses will be according to the policy or a manually configured specific action Options ask preven...

Страница 1071: ...80 20 05 CLI Reference Guide 1071 show threat prevention anti virus engine Description Shows the engine settings of the Anti Virus blade Syntax show threat prevention anti virus engine Parameters Parameter Description n a Example show threat prevention anti virus engine ...

Страница 1072: ...at prevention anti virus file type extension extension action action description description Parameters Parameter Description action Indicates the action when the file type is detected Options block pass scan description The file description Type A string that contains less than 257 characters of this set 0 9 a z or extension File extension that represents this file type Type A string that contain...

Страница 1073: ...tes a manually configured custom file type according to extension Syntax delete threat prevention anti virus file type extension extension Parameters Parameter Description extension File extension that represents this file type Type A string that contains less than 257 characters of this set 0 9 a z or Example delete threat prevention anti virus file type extension pdf ...

Страница 1074: ...sion action action description description Parameters Parameter Description action Indicates the action when the file type is detected Options block pass scan description The file description Type A string that contains less than 257 characters of this set 0 9 a z or extension File extension that represents this file type Type A string that contains less than 257 characters of this set 0 9 a z or ...

Страница 1075: ...ows the Anti Virus blade configuration for a specific file type Syntax show threat prevention anti virus file type extension extension Parameters Parameter Description extension File extension that represents this file type Type A string that contains less than 257 characters of this set 0 9 a z or Example show threat prevention anti virus file type extension pdf ...

Страница 1076: ...Reference Guide 1076 show threat prevention anti virus file types Description Shows the Anti Virus blade configuration for all defined file types Syntax show threat prevention anti virus file types Parameters Parameter Description n a Example show threat prevention anti virus file types ...

Страница 1077: ...erence Guide 1077 delete threat prevention anti virus file type custom Description Deletes all manually configured custom file types Syntax delete threat prevention anti virus file type custom all Parameters Parameter Description n a Example delete threat prevention anti virus file type custom all ...

Страница 1078: ...set threat prevention anti virus policy SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1078 set threat prevention anti virus policy Configures the policy of the Anti Virus blade ...

Страница 1079: ...malware known to contain malware all all file types specific configured file families Options malware all types specific families interfaces Indicates the source zones for inspected incoming files External External and DMZ or all interfaces Options all external external dmz mode Indicates if the Anti Virus blade is active Type Boolean true false protocol ftp Indicates if Anti Virus inspection will...

Страница 1080: ... 1500 Appliance Series R80 20 05 CLI Reference Guide 1080 Example set threat prevention anti virus policy mode true detect mode true scope incoming interfaces all protocol http true protocol mail true protocol ftp true file types policy malware ...

Страница 1081: ...vention anti virus policy Description Configures advanced settings of the Anti Virus blade Syntax set threat prevention anti virus policy advanced settings priority scanning priority scanning Parameters Parameter Description n a Example set threat prevention anti virus policy advanced settings priority scanning true ...

Страница 1082: ...ention anti virus policy Description Configures advanced settings of the Anti Virus blade Syntax set threat prevention anti virus policy advanced settings file scan size kb file scan size kb Parameters Parameter Description n a Example set threat prevention anti virus policy advanced settings file scan size kb 15000 ...

Страница 1083: ...evention anti virus policy Description Configures advanced settings of the Anti Virus blade Syntax set threat prevention anti virus policy advanced settings max nesting level max nesting level Parameters Parameter Description n a Example set threat prevention anti virus policy advanced settings max nesting level 2 ...

Страница 1084: ...Description Configures advanced settings of the Anti Virus blade Syntax set threat prevention anti virus policy advanced settings action when nesting level exceeded action when nesting level exceeded Parameters Parameter Description n a Example set threat prevention anti virus policy advanced settings action when nesting level exceeded allow ...

Страница 1085: ...prevention anti virus policy Description Configures advanced settings of the Anti Virus blade Syntax set threat prevention anti virus policy advanced settings res class mode res class mode Parameters Parameter Description n a Example set threat prevention anti virus policy advanced settings res class mode rs hold ...

Страница 1086: ...show threat prevention anti virus policy SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1086 show threat prevention anti virus policy Shows the policy for the Anti Virus blade ...

Страница 1087: ...es R80 20 05 CLI Reference Guide 1087 show threat prevention anti virus policy Description Shows the policy for the Anti Virus blade Syntax show threat prevention anti virus policy Parameters Parameter Description n a Example show threat prevention anti virus policy ...

Страница 1088: ...ence Guide 1088 show threat prevention anti virus policy Description Shows advanced settings for the Anti Virus blade Syntax show threat prevention anti virus policy advanced settings Parameters Parameter Description n a Example show threat prevention anti virus policy advanced settings ...

Страница 1089: ...xt that appears in the Anti Virus Ask user message Type A string that contains only printable characters fallback action Indicates the action to take when an Ask user message cannot be displayed Options block accept frequency Indicates how often is the Anti Virus Ask user message is being presented to the same user Options day week month reason displayed Indicates if the user must enter a reason f...

Страница 1090: ...hreat prevention anti virus user check ask Description Shows the settings of the customizable ask message shown to users upon Anti Virus match on browser based traffic Syntax show threat prevention anti virus user check ask Parameters Parameter Description n a Example show threat prevention anti virus user check ask ...

Страница 1091: ... only printable characters redirect to url Indicates if the user will be redirected to a custom URL in case of a Block action Type Boolean true false redirect url Indicates the URL to redirect the user in case of a Block action if configured to do so The URL to redirect the user in case of a Block action Redirection happens only if this functionality is turned on Type urlWithHttp subject The subje...

Страница 1092: ...at prevention anti virus user check block Description Shows the settings of the customizable block message shown to users upon Anti Virus match on browser based traffic Syntax show threat prevention anti virus user check block Parameters Parameter Description n a Example show threat prevention anti virus user check block ...

Страница 1093: ...threat prevention exception SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1093 threat prevention exception ...

Страница 1094: ...plies Anti Virus Anti Bot or both Options any any av any ab any ips comment Additional description for the exception Type A string that contains less than 257 characters of this set 0 9 a z or destination Network object that is the target of the connection destination negate If true the destination is all traffic except what is defined in the destination field Type Boolean true false log The loggi...

Страница 1095: ...oup that the exception applies to source negate If true the source is all traffic except what is defined in the source field Type Boolean true false Example add threat prevention exception destination TEXT destination negate true service TEXT service negate true source TEXT source negate true protection name word action ask log none comment This is a comment ...

Страница 1096: ...ention exception Description Deletes an existing malware exception rule by name Syntax delete threat prevention exception name name Parameters Parameter Description name The name of the exception Type A string of alphanumeric characters without space between them Example delete threat prevention exception name word ...

Страница 1097: ...t detect inactive blade The blade to which the exception applies Anti Virus Anti Bot or both Options any any av any ab any ips comment Additional description for the exception Type A string that contains less than 257 characters of this set 0 9 a z or destination Network object that is the target of the connection destination negate If true the destination is all traffic except what is defined in ...

Страница 1098: ...the service field Type Boolean true false source IP address network object or user group that the exception applies to source negate If true the source is all traffic except what is defined in the source field Type Boolean true false Example set threat prevention exception 2 destination TEXT destination negate true service TEXT service negate true source TEXT source negate true protection name wor...

Страница 1099: ...exception rule by name Syntax show threat prevention exception name name show threat prevention exception position position Parameters Parameter Description name The name of the exception Type A string of alphanumeric characters without space between them position The order of the rule in comparison to other rules Type Decimal number Example show threat prevention exception name word ...

Страница 1100: ... 1100 delete threat prevention exceptions Description Deletes all existing malware exception rules for Anti Virus Anti Bot and Threat Emulation where applicable Syntax delete threat prevention exceptions all Parameters Parameter Description n a Example delete threat prevention exceptions all ...

Страница 1101: ...05 CLI Reference Guide 1101 show threat prevention infected hosts Description Shows a list of infected hosts detected by Threat Prevention blades Syntax show threat prevention infected hosts Parameters Parameter Description n a Example show threat prevention infected hosts ...

Страница 1102: ...threat prevention ips SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1102 threat prevention ips ...

Страница 1103: ...Description client protections Indicates if Client protections are active by default Type Boolean true false disable by confidence level Indicates if protections will be deactivated if their confidence level is below or equal configured level Type Boolean true false disable by performance impact Indicates if protections will be deactivated if their performance impact is above or equal configured l...

Страница 1104: ... Critical server protections Indicates if Server protections are active by default Type Boolean true false Example set threat prevention ips custom default policy server protections true client protections true disable by confidence level true disable confidence level below or equal Low disable by severity true disable severity below or equal Low disable by performance impact true disable performa...

Страница 1105: ...5 CLI Reference Guide 1105 show threat prevention ips custom default policy Description Shows the configuration of a custom IPS policy Syntax show threat prevention ips custom default policy Parameters Parameter Description n a Example show threat prevention ips custom default policy ...

Страница 1106: ...add threat prevention ips network exception SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1106 add threat prevention ips network exception Adds a new exception rule for the IPS blade ...

Страница 1107: ...9 a z or destination Network object that is the target of the connection destination negate If true the destination is all traffic except what is defined in the destination field Type Boolean true false protection name Indicates if the exception rule will be matched on all IPS protections or a specific one service Type of network service that is under exception service negate If true the service i...

Страница 1108: ... a z or destination Network object that is the target of the connection destination negate If true the destination is all traffic except what is defined in the destination field Type Boolean true false protection code Indicates if the exception rule will be matched on all IPS protections or a specific one service Type of network service that is under exception service negate If true the service is...

Страница 1109: ...t prevention ips network exception SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1109 delete threat prevention ips network exception Deletes exception rules to bypass IPS protections for specific traffic ...

Страница 1110: ...ps network exception Description Deletes an existing exception rule for the IPS blade by position Syntax delete threat prevention ips network exception position position Parameters Parameter Description position The order of the rule in the Rule Base Type Decimal number Example delete threat prevention ips network exception position 2 ...

Страница 1111: ...Reference Guide 1111 delete threat prevention ips network exception Description Deletes all existing exception rules for the IPS blade Syntax delete threat prevention ips network exception all Parameters Parameter Description n a Example delete threat prevention ips network exception all ...

Страница 1112: ... prevention ips network exception SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1112 set threat prevention ips network exception Configure exception rules to bypass IPS protections for specific traffic ...

Страница 1113: ...k exception Type A string that contains less than 257 characters of this set 0 9 a z or destination Network object that is the target of the connection destination negate If true the destination is all traffic except what is defined in the destination field Type Boolean true false position The order of the rule in the Rule Base Type Decimal number protection code Indicates if the exception rule wi...

Страница 1114: ...e Series R80 20 05 CLI Reference Guide 1114 Example set threat prevention ips network exception position 2 protection code 12345678 destination TEXT destination negate true service TEXT service negate true source TEXT source negate true comment This is a comment ...

Страница 1115: ... exception Type A string that contains less than 257 characters of this set 0 9 a z or destination Network object that is the target of the connection destination negate If true the destination is all traffic except what is defined in the destination field Type Boolean true false position The order of the rule in the Rule Base Type Decimal number protection name Indicates if the exception rule wil...

Страница 1116: ...nce Series R80 20 05 CLI Reference Guide 1116 Example set threat prevention ips network exception position 2 protection name word destination TEXT destination negate true service TEXT service negate true source TEXT source negate true comment This is a comment ...

Страница 1117: ... ips network exception Description Shows the configuration of an IPS exception rule by position Syntax show threat prevention ips network exception position position Parameters Parameter Description position The order of the rule in the Rule Base Type Decimal number Example show threat prevention ips network exception position 2 ...

Страница 1118: ...detect mode detect mode Parameters Parameter Description default policy The type of policy used for IPS strict typical or custom detect mode Indicates if the default policy of IPS is to only logs events and not block them Type Boolean true false log Indicates the tracking level for IPS none block or alert Options none log alert mode Indicates if IPS blade is active Type Boolean true false Example ...

Страница 1119: ...liance Series R80 20 05 CLI Reference Guide 1119 show threat prevention ips policy Description Shows the policy of the IPS blade Syntax show threat prevention ips policy Parameters Parameter Description n a Example show threat prevention ips policy ...

Страница 1120: ...ion Description Find an IPS protection by name or partial string to view further details regarding it Syntax find threat prevention ips protection name Parameters Parameter Description name The name of the IPS topic Type A string of alphanumeric characters without space between them Example find threat prevention ips protection word ...

Страница 1121: ...n ips protection action override SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1121 set threat prevention ips protection action override Configures actions to override the IPS policy for a specific IPS protection ...

Страница 1122: ...n code protection code action action track track Parameters Parameter Description action Indicates the manually configured action for this protection protection code The IPS topic the override belongs to Every override belongs to a single topic Type A number with no fractional part Values are between 4 503 599 627 370 495 to 4 503 599 627 370 495 track Indicates the manually configured tracking op...

Страница 1123: ... protection action override protection name protection name action action track track Parameters Parameter Description action Indicates the manually configured action for this protection protection name The name of the IPS topic Type A string of alphanumeric characters without space between them track Indicates the manually configured tracking option for this protection Example set threat preventi...

Страница 1124: ...ide policy action override policy action Parameters Parameter Description override policy action Indicates if the action upon detection will be according to the general IPS policy or manually configured for this protection Type Boolean true false protection code The IPS topic the override belongs to Every override belongs to a single topic Type A number with no fractional part Values are between 4...

Страница 1125: ...ride protection name protection name override policy action override policy action Parameters Parameter Description override policy action Indicates if the action upon detection will be according to the general IPS policy or manually configured for this protection Type Boolean true false protection name The name of the IPS topic Type A string of alphanumeric characters without space between them E...

Страница 1126: ...at prevention ips protection action override SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1126 show threat prevention ips protection action override Shows action overrides for specific IPS protections ...

Страница 1127: ... by protection ID code Syntax show threat prevention ips protection action override protection code protection code Parameters Parameter Description protection code The IPS topic the override belongs to Every override belongs to a single topic Type A number with no fractional part Values are between 4 503 599 627 370 495 to 4 503 599 627 370 495 Example show threat prevention ips protection action...

Страница 1128: ...s action overrides for a specific IPS protection by protection name Syntax show threat prevention ips protection action override protection name protection name Parameters Parameter Description protection name The name of the IPS topic Type A string of alphanumeric characters without space between them Example show threat prevention ips protection action override protection name word ...

Страница 1129: ...ettings fail mode fail mode set threat prevention policy advanced settings block requests when the web service is block requests when the web service is unavailable Parameters Parameter Description profile Unified policy profile track Tracking options for Threat Prevention protections None do not log Log Create log Alert log with alert Options none log alert Example set threat prevention policy hi...

Страница 1130: ...threat prevention policy SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1130 threat prevention policy Shows commands relevant to Threat Prevention policy ...

Страница 1131: ...y advanced settings block requests when the web service is block requests when the web service is unavailable Parameters Parameter Description profile Unified policy profile track Tracking options for Threat Prevention protections None do not log Log Create log Alert log with alert Options none log alert Example set threat prevention policy high confidence ask medium confidence ask low confidence ...

Страница 1132: ...s the configuration for the Threat Prevention policy shared by the Anti Bot Anti Virus and Threat Emulation where applicable blades Syntax show threat prevention policy show threat prevention policy advanced settings Parameters Parameter Description n a Example show threat prevention policy show threat prevention policy advanced settings ...

Страница 1133: ...threat prevention threat emulation additional remote emulator SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1133 threat prevention threat emulation additional remote emulator ...

Страница 1134: ...dditional private emulation gateways Syntax add threat prevention threat emulation additional remote emulator ip address ip address name name Parameters Parameter Description ip address Remote emulation gateway IP address Type IP address name Remote emulation gateway name Type A string of alphanumeric characters with space between them Example add threat prevention threat emulation additional remo...

Страница 1135: ...dditional remote emulator SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1135 delete threat prevention threat emulation additional remote emulator Delete a gateway from the threat emulation list of additional private emulation gateways ...

Страница 1136: ...or Description Delete a gateway from the threat emulation list of additional private emulation gateways Syntax delete threat prevention threat emulation additional remote emulator ip address ip address Parameters Parameter Description ip address Remote emulation gateway IP address Type IP address Example delete threat prevention threat emulation additional remote emulator ip address 192 168 1 1 ...

Страница 1137: ...tion Delete a gateway from the threat emulation list of additional private emulation gateways Syntax delete threat prevention threat emulation additional remote emulator name name Parameters Parameter Description name Remote emulation gateway name Type A string of alphanumeric characters with space between them Example delete threat prevention threat emulation additional remote emulator name sever...

Страница 1138: ...n gateway Syntax set threat prevention threat emulation additional remote emulator name name ip address ip address name name Parameters Parameter Description ip address Remote emulation gateway IP address Type IP address name Remote emulation gateway name Type A string of alphanumeric characters with space between them Example textset threat prevention threat emulation additional remote emulator n...

Страница 1139: ...ion additional remote emulator SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1139 show threat prevention threat emulation additional remote emulator Show all gateways that are configured as additional private emulation gateways ...

Страница 1140: ...reat prevention threat emulation additional remote emulator Description Show all gateways that are configured as additional private emulation gateways Syntax show threat prevention threat emulation additional remote emulator Parameters Parameter Description n a Example show threat prevention threat emulation additional remote emulator ...

Страница 1141: ...scription Show all gateways that are configured as additional private emulation gateways Syntax show threat prevention threat emulation additional remote emulator name name Parameters Parameter Description name Remote emulation gateway name Type A string of alphanumeric characters with space between them Example show threat prevention threat emulation additional remote emulator name several words ...

Страница 1142: ... threat emulation file types revert actions to default Description Reverts all actions on specific file types to their default value in the factory settings Syntax set threat prevention threat emulation file types revert actions to default Parameters Parameter Description n a Example set threat prevention threat emulation file types revert actions to default ...

Страница 1143: ...threat prevention threat emulation SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1143 threat prevention threat emulation ...

Страница 1144: ...tion file type extension action action description description Parameters Parameter Description action Indicates the action when the file type is detected Options bypass inspect description The file description Type A string that contains less than 257 characters of this set 0 9 a z or extension File extension that represents this file type Type A string of alphanumeric characters without space be...

Страница 1145: ...on Shows the Threat Emulation where applicable configuration for a specific file type Syntax show threat prevention threat emulation file type extension Parameters Parameter Description extension File extension that represents this file type Type A string of alphanumeric characters without space between them Example show threat prevention threat emulation file type word ...

Страница 1146: ... 1146 show threat prevention threat emulation file types Description Shows the Threat Emulation where applicable configuration for all specific file types Syntax show threat prevention threat emulation file types Parameters Parameter Description n a Example show threat prevention threat emulation file types ...

Страница 1147: ...evention threat emulation policy SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1147 set threat prevention threat emulation policy Configures a policy specific to the Threat Emulation blade where applicable ...

Страница 1148: ...is completed Options background hold connection handling mode smtp Indicates the strictness mode of the Threat Emulation engine over SMTP Back ground connections are allowed while the file emulation runs if needed Hold connections are blocked until the file emulation is completed Options background hold detect mode Indicates if the Threat Emulation blade is set to Detect Only mode Type Boolean tru...

Страница 1149: ...ies R80 20 05 CLI Reference Guide 1149 Example set threat prevention threat emulation policy mode true detect mode true scope incoming interfaces all protocol http true protocol mail true connection handling mode http background connection handling mode smtp background ...

Страница 1150: ...tion Configures advanced settings for the Threat Emulation blade where applicable Syntax set threat prevention threat emulation policy advanced settings connection handling mode smtp connection handling mode smtp Parameters Parameter Description n a Example set threat prevention threat emulation policy advanced settings connection handling mode smtp background ...

Страница 1151: ...show threat prevention threat emulation policy SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1151 show threat prevention threat emulation policy Shows the policy of the Threat Emulation policy ...

Страница 1152: ... 05 CLI Reference Guide 1152 show threat prevention threat emulation policy Description Shows the policy of the Threat Emulation policy Syntax show threat prevention threat emulation policy Parameters Parameter Description n a Example show threat prevention threat emulation policy ...

Страница 1153: ...e 1153 show threat prevention threat emulation policy Description Shows advanced settings of the Threat Emulation policy Syntax show threat prevention threat emulation policy advanced settings Parameters Parameter Description n a Example show threat prevention threat emulation policy advanced settings ...

Страница 1154: ...threat prevention whitelist SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1154 threat prevention whitelist ...

Страница 1155: ...ation blade where applicable Syntax add threat prevention whitelist mail email address email address type type Parameters Parameter Description email address The email address of the recipient or sender Type Email address type The type of the email address recipient sender or both Options recipient sender both Example add threat prevention whitelist mail email address MyEmail mail com type recipie...

Страница 1156: ...LI Reference Guide 1156 show threat prevention whitelist files Description Shows the list of whitelist files md5sum for the Threat Prevention blades Syntax show threat prevention whitelist files Parameters Parameter Description n a Example show threat prevention whitelist files ...

Страница 1157: ...t mail Description Deletes an excluded mail address for the Threat Emulation blade where applicable Syntax delete threat prevention whitelist mail email address Parameters Parameter Description email address The email address of the recipient or sender Type Email address Example delete threat prevention whitelist mail MyEmail mail com ...

Страница 1158: ...he Threat Emulation blade where applicable Syntax set threat prevention whitelist mail email address type type Parameters Parameter Description email address The email address of the recipient or sender Type Email address type The type of the email address recipient sender or both Options recipient sender both Example set threat prevention whitelist mail MyEmail mail com type recipient ...

Страница 1159: ...mail Description Shows the setting for a whitelist email address set for the Threat Prevention blades Syntax show threat prevention whitelist mail email address Parameters Parameter Description email address The email address of the recipient or sender Type Email address Example show threat prevention whitelist mail MyEmail mail com ...

Страница 1160: ...e Guide 1160 delete threat prevention whitelist mails Description Deletes all excluded mail addresses for the Threat Emulation blade where applicable Syntax delete threat prevention whitelist mails all Parameters Parameter Description n a Example delete threat prevention whitelist mails all ...

Страница 1161: ...LI Reference Guide 1161 show threat prevention whitelist mails Description Shows the whitelist email addresses set for the Threat Prevention blades Syntax show threat prevention whitelist mails Parameters Parameter Description n a Example show threat prevention whitelist mails ...

Страница 1162: ...luded file for Threat Prevention blades according to md5 Syntax add threat prevention whitelist type file md5 md5 Parameters Parameter Description md5 MD5 encryption for the file in the whitelist Type MD5 checksum of a file Contains only a f and 0 9 characters and of exact length of 32 Example add threat prevention whitelist type file md5 d41d8cd98f00b204e9800998ecf8427e ...

Страница 1163: ...delete threat prevention whitelist type file SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1163 delete threat prevention whitelist type file Deletes excluded files for Threat Prevention blades ...

Страница 1164: ...n excluded file for Threat Prevention blades by md5 Syntax delete threat prevention whitelist type file md5 md5 Parameters Parameter Description md5 MD5 encryption for the file in the whitelist Type MD5 checksum of a file Contains only a f and 0 9 characters and of exact length of 32 Example delete threat prevention whitelist type file md5 d41d8cd98f00b204e9800998ecf8427e ...

Страница 1165: ...I Reference Guide 1165 delete threat prevention whitelist type file Description Removes all excluded files for Threat Prevention blades Syntax delete threat prevention whitelist type file all Parameters Parameter Description n a Example delete threat prevention whitelist type file all ...

Страница 1166: ...e 1166 add threat prevention whitelist type url Description Adds a new excluded URL for Threat Prevention blades Syntax add threat prevention whitelist type url url url Parameters Parameter Description url URL Type URL Example add threat prevention whitelist type url url http somehost example com ...

Страница 1167: ...delete threat prevention whitelist type url SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1167 delete threat prevention whitelist type url Deletes excluded URLs for Threat Prevention blades ...

Страница 1168: ...168 delete threat prevention whitelist type url Description Removes an excluded URL for Threat Prevention blades Syntax delete threat prevention whitelist type url url url Parameters Parameter Description url URL Type URL Example delete threat prevention whitelist type url url http somehost example com ...

Страница 1169: ...LI Reference Guide 1169 delete threat prevention whitelist type url Description Removes all excluded URLs for Threat Prevention blades Syntax delete threat prevention whitelist type url all Parameters Parameter Description n a Example delete threat prevention whitelist type url all ...

Страница 1170: ...20 05 CLI Reference Guide 1170 show threat prevention whitelist urls Description Shows the whitelist URLs set for the Threat Prevention blades Syntax show threat prevention whitelist urls Parameters Parameter Description n a Example show threat prevention whitelist urls ...

Страница 1171: ...ui settings SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1171 ui settings ...

Страница 1172: ...set ui settings SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1172 set ui settings Configures customizations that can be done for the administration portal ...

Страница 1173: ...ustom webui logo url custom webui logo url Parameters Parameter Description custom webui logo url Clicking the company logo in the web interface opens this URL Type urlWithHttp use custom webui logo The company logo is displayed on the appliance s web interface and on its login page The customized logo should follow the size restrictions in order to be displayed properly Type Boolean true false Ex...

Страница 1174: ...ne for the administration portal Syntax set ui settings advanced settings AboutConfigCustomLogos custom webui logo url custom webui logo url use custom webui logo use custom webui logo Parameters Parameter Description n a Example set ui settings advanced settings AboutConfigCustomLogos custom webui logo url urlWithHttp use custom webui logo true ...

Страница 1175: ...show ui settings SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1175 show ui settings Shows web interface settings and customizations ...

Страница 1176: ...B 1500 Appliance Series R80 20 05 CLI Reference Guide 1176 show ui settings Description Shows web interface settings and customizations Syntax show ui settings Parameters Parameter Description n a Example show ui settings ...

Страница 1177: ...nce Series R80 20 05 CLI Reference Guide 1177 show ui settings Description Shows web Interface advanced settings Syntax show ui settings advanced settings Parameters Parameter Description n a Example show ui settings advanced settings ...

Страница 1178: ...usb modem advanced SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1178 usb modem advanced ...

Страница 1179: ...d product id Parameters Parameter Description field name Name Type A string that contains a z A Z 0 9 _ field value Value Type A string that contains a z A Z 0 9 _ is any device Does paramter apply to all devices Type Boolean true false product id Product ID Type A hexadecimal string vendor id Vendor ID Type A hexadecimal string Example add usb modem advanced field name usb_advanced_config_name fi...

Страница 1180: ... Reference Guide 1180 delete usb modem advanced Description Delete an existing USB modem advanced entry Syntax delete usb modem advanced id Parameters Parameter Description id id Type A number with no fractional part integer Example delete usb modem advanced 1000000 ...

Страница 1181: ...nce Series R80 20 05 CLI Reference Guide 1181 delete usb modem advanced all Description Delete all existing USB modem advanced entries Syntax delete usb modem advanced all Parameters Parameter Description n a Example delete usb modem advanced all ...

Страница 1182: ...ameter Description field name Name Type A string that contains a z A Z 0 9 _ field value Value Type A string that contains a z A Z 0 9 _ id id Type A number with no fractional part integer is any device Does parameter apply to all devices Type Boolean true false product id Product ID Type A hexadecimal string vendor id Vendor ID Type A hexa decimal string Example set usb modem advanced 1000000 fie...

Страница 1183: ...00 Appliance Series R80 20 05 CLI Reference Guide 1183 show usb modem advanced Description Show existing USB modem advanced entries Syntax show usb modem advanced Parameters Parameter Description n a Example show usb modem advanced ...

Страница 1184: ...Series R80 20 05 CLI Reference Guide 1184 show usb modem advanced table Description Show the existing USB modem advanced entries in a table Syntax show usb modem advanced table Parameters Parameter Description n a Example show usb modem advanced table ...

Страница 1185: ...usb modem info SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1185 usb modem info ...

Страница 1186: ... SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1186 show usb modem info Description Show existing USB modem information Syntax show usb modem info Parameters Parameter Description n a Example show usb modem info ...

Страница 1187: ...pliance Series R80 20 05 CLI Reference Guide 1187 show usb modem info table Description Show existing USB modem information in a table Syntax show usb modem info table Parameters Parameter Description n a Example show usb modem info table ...

Страница 1188: ...usb modem watchdog SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1188 usb modem watchdog ...

Страница 1189: ...watchdog SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1189 set usb modem watchdog Configures the internet probing if probing is enabled to automatically detect and fix 3G 4G internet connectivity problems ...

Страница 1190: ...hdog Description Configures the internet probing if probing is enabled to automatically detect and fix 3G 4G internet connectivity problems Syntax set usb modem watchdog advanced settings interval interval Parameters Parameter Description n a Example set usb modem watchdog advanced settings interval 10 ...

Страница 1191: ...m watchdog Description Configures the internet probing if probing is enabled to automatically detect and fix 3G 4G internet connectivity problems Syntax set usb modem watchdog advanced settings mode mode Parameters Parameter Description n a Example set usb modem watchdog advanced settings mode off ...

Страница 1192: ...rence Guide 1192 show usb modem watchdog Description Shows configuration for additional health monitoring functionality to USB modems Syntax show usb modem watchdog advanced settings Parameters Parameter Description n a Example show usb modem watchdog advanced settings ...

Страница 1193: ...set used ad group SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1193 set used ad group Configures settings of a user group defined in the AD server ...

Страница 1194: ...e AD server This is relevant only if the user group is defined with VPN remote access privileges Syntax set used ad group name name add bookmark label bookmark label Parameters Parameter Description bookmark label Text for the bookmark in the SSL Network Extender portal name Group name Type Active Directory group name Example set used ad group name my AD group add bookmark label myLabel ...

Страница 1195: ...he AD server This is relevant only if the user group is defined with VPN remote access privileges Syntax set used ad group name name remove bookmark label bookmark label Parameters Parameter Description bookmark label Text for the bookmark in the SSL Network Extender portal name Group name Type Active Directory group name Example set used ad group name my AD group remove bookmark label myLabel ...

Страница 1196: ...user awareness SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1196 user awareness ...

Страница 1197: ...set user awareness SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1197 set user awareness Configures settings for the User Awareness blade ...

Страница 1198: ... mode Parameters Parameter Description ad queries mode Indicates if User Awareness seamlessly queries the AD Active Directory servers to get user information Type Boolean true false browser based authentication mode Indicates if User Awareness uses a portal to identify locally defined users or as a backup to other identification methods Type Boolean true false mode User Awareness mode true for on ...

Страница 1199: ...9 set user awareness Description Configures advanced settings for the User Awareness blade Syntax set user awareness advanced settings association timeout association timeout Parameters Parameter Description n a Example set user awareness advanced settings association timeout 10 ...

Страница 1200: ...00 set user awareness Description Configures advanced settings for the User Awareness blade Syntax set user awareness advanced settings assume single user assume single user Parameters Parameter Description n a Example set user awareness advanced settings assume single user true ...

Страница 1201: ...r based authentication SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1201 set user awareness browser based authentication Configures settings for browser based authentication captive portal by the User Awareness blade ...

Страница 1202: ...out on portal close Parameters Parameter Description agreement text The conditions shown to the users to agree to Type A string that contains only printable characters block unauthenticated non web traffic When true users using non HTTP traffic are forced to login first through Browser Based Authentication Type Boolean true false log out on portal close When true the user is forced to keep the por...

Страница 1203: ...t agree to the legal conditions Type Boolean true false session timeout Session timeout duration in minutes for browser based authentication Type A number with no fractional part integer Units should be entered in minutes Example set user awareness browser based authentication redirect upon destinations manually defined redirect upon destination internet true redirect upon destinations net o true ...

Страница 1204: ...reness browser based authentication Description Configures network objects to be used in the User Awareness blade Syntax set user awareness browser based authentication add net obj net obj Parameters Parameter Description net obj Network object name Example set user awareness browser based authentication add net obj TEXT ...

Страница 1205: ...ess browser based authentication Description Configures network objects to be used in the User Awareness blade Syntax set user awareness browser based authentication remove net obj net obj Parameters Parameter Description net obj Network object name Example set user awareness browser based authentication remove net obj TEXT ...

Страница 1206: ...et user awareness browser based authentication Description Configures network objects to be used in the User Awareness blade Syntax set user awareness browser based authentication remove all net objs Parameters Parameter Description n a Example set user awareness browser based authentication remove all net objs ...

Страница 1207: ...show user awareness SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1207 show user awareness Shows the configuration of the User Awareness blade ...

Страница 1208: ...0 Appliance Series R80 20 05 CLI Reference Guide 1208 show user awareness Description Shows the configuration of the User Awareness blade Syntax show user awareness Parameters Parameter Description n a Example show user awareness ...

Страница 1209: ... R80 20 05 CLI Reference Guide 1209 show user awareness Description Shows advanced settings of the User Awareness blade Syntax show user awareness advanced settings Parameters Parameter Description n a Example show user awareness advanced settings ...

Страница 1210: ...uide 1210 show user awareness browser based authentication Description Shows the browser based authentication configuration of the User Awareness blade Syntax show user awareness browser based authentication Parameters Parameter Description n a Example show user awareness browser based authentication ...

Страница 1211: ...t Description Configures advanced settings for the User Awareness blade Syntax set user management advanced settings auto delete expired local users auto delete expired local users Parameters Parameter Description n a Example set user management advanced settings auto delete expired local users true ...

Страница 1212: ...grade log SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1212 show upgrade log Description Shows upgrade log files Syntax show upgrade log Parameters Parameter Description n a Example show upgrade log ...

Страница 1213: ...e 1213 show used ad group bookmarks Description Show bookmarks configured to a user group defined in AD Syntax show used ad group bookmarks name name Parameters Parameter Description name Group name Type Active Directory group name Example show used ad group bookmarks name my AD group ...

Страница 1214: ...m a file on a USB drive or TFTP server Syntax upgrade from usb file usb_file tftp server server filename tftp_file Parameters Parameter Description usb_file Name of software image file on USB drive server Host name or IP address of TFTP server tftp_file Name of software image file on TFTP server Example upgrade from tftp server my tftp server filename my new software ...

Страница 1215: ...vpn SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1215 vpn ...

Страница 1216: ...vpn SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1216 vpn The vpncommand manages the VPN driver and helps to debug the VPN ...

Страница 1217: ...ls the VPN kernel vpnk and connects to the firewall kernel fwk attaching the VPN driver to the Firewall driver Syntax vpn drv on off Parameters Parameter Description on off Starts or stops the VPN kernel Return Value 0 on success 1 on failure Example vpn drv on Output Success shows OK Failure shows an appropriate error message ...

Страница 1218: ...ool Description Launches the VPN TunnelUtil tool to n List IKE and IPSec SAs n Delete IKE and IPSec SAs Syntax vpn tunnelutil Parameters Parameter Description n a Return Value 0 on success 1 on failure Example vpn tunnelutil Output Success launches VPN TunnelUtil tool Failure shows an appropriate error message ...

Страница 1219: ...n moff Parameters Parameter Description on off Writes debugging information t FWDIR log sfwd elg TOPIC level Sets level of debugging for a particular topic This argument can only be used afte on o trunc ikeon ikeoff Writes IKE packet information int FWDIR log ike elg trunc Writes bot sfwd elg an ike elg but first clears the files mon moff Writes raw IKE packets t FWDIR log ikemonitor snoop Return ...

Страница 1220: ...Debugging VPN SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1220 Example vpn debug on ...

Страница 1221: ... vpn Description Delete a configured Virtual Tunnel Interface VTI by tunnel ID Syntax delete vpn tunnel tunnel Parameters Parameter Description tunnel A number identifying the Virtual Tunnel Interface VTI Type A number with no fractional part integer Example delete vpn tunnel 12 ...

Страница 1222: ...set vpn SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1222 set vpn Configures existing remote VPN sites ...

Страница 1223: ...ode gateway id false enc method enc method use trusted ca use trusted ca match cert ip match cert ip match cert dn true match cert dn string match cert dn string false match cert e mail true match cert e mail string match cert e mail string false link selection probing method link selection probing method name name remote site link selection remote site link selection remote site host name remote ...

Страница 1224: ... user name auth method Indicates the type of authentication used when connecting to the remote site Type Press TAB to see available options disable nat Disable NAT for traffic to from the remote site Useful when one of the internal networks contains a server Type Boolean true false enable perfect forward secrecy Ensures that a session key will not be compromised if one of the long term private key...

Страница 1225: ...match the E mail string in the certificate to the configured E mail string Type Boolean true false match cert e mail string Indicates the configured E mail string for certificate matching Type Email address match cert ip Indicates if certificate matching should match IP address in the certificate to the site s IP address Type Boolean true false name Site name Type A string that begins with a lette...

Страница 1226: ...tatic NAT used by the remote site when configured as such use trusted ca Indicates if a specific trusted CA is used for matching the remote site s certificate or all configured trusted CAs Example set vpn site site17 enabled true remote site enc dom type manually defined enc dom enc profile custom phase1 reneg interval 15 phase2 reneg interval 15 enable perfect forward secrecy true phase2 dh word ...

Страница 1227: ...tax set vpn site site add remote site enc dom network obj remote site enc dom network obj Parameters Parameter Description remote site enc dom network obj Network Object name site Site name Type A string that begins with a letter and contains up to 32 alphanumeric 0 9 a z _ characters without spaces Example set vpn site site17 add remote site enc dom network obj TEXT ...

Страница 1228: ...x set vpn site site remove all remote site enc dom network obj remote site enc dom network obj Parameters Parameter Description remote site enc dom network obj Network Object name site Site name Type A string that begins with a letter and contains up to 32 alphanumeric 0 9 a z _ characters without spaces Example set vpn site site17 remove all remote site enc dom network obj TEXT ...

Страница 1229: ...ax set vpn site site remove remote site enc dom network obj remote site enc dom network obj Parameters Parameter Description remote site enc dom network obj Network Object name site Site name Type A string that begins with a letter and contains up to 32 alphanumeric 0 9 a z _ characters without spaces Example set vpn site site17 remove remote site enc dom network obj TEXT ...

Страница 1230: ... the link selection functionality Syntax set vpn site site add link selection multiple addrs addr link selection multiple addrs addr Parameters Parameter Description link selection multiple addrs addr IP address site Site name Type A string that begins with a letter and contains up to 32 alphanumeric 0 9 a z _ characters without spaces Example set vpn site site17 add link selection multiple addrs ...

Страница 1231: ...et vpn site site remove all link selection multiple addrs addr link selection multiple addrs addr Parameters Parameter Description link selection multiple addrs addr IP address site Site name Type A string that begins with a letter and contains up to 32 alphanumeric 0 9 a z _ characters without spaces Example set vpn site site17 remove all link selection multiple addrs addr 192 168 1 1 ...

Страница 1232: ...the link selection functionality Syntax set vpn site site remove link selection multiple addrs addr link selection multiple addrs addr Parameters Parameter Description link selection multiple addrs addr IP address site Site name Type A string that begins with a letter and contains up to 32 alphanumeric 0 9 a z _ characters without spaces Example set vpn site site17 remove link selection multiple a...

Страница 1233: ... vpn site site add custom enc phase1 enc custom enc phase1 enc Parameters Parameter Description custom enc phase1 enc Encryption algorithm preferences for phase1 in the VPN encryption algorithm which sets the base for phase2 site Site name Type A string that begins with a letter and contains up to 32 alphanumeric 0 9 a z _ characters without spaces Example set vpn site site17 add custom enc phase1...

Страница 1234: ...n site site remove all custom enc phase1 enc custom enc phase1 enc Parameters Parameter Description custom enc phase1 enc Encryption algorithm preferences for phase1 in the VPN encryption algorithm which sets the base for phase2 site Site name Type A string that begins with a letter and contains up to 32 alphanumeric 0 9 a z _ characters without spaces Example set vpn site site17 remove all custom...

Страница 1235: ... vpn site site remove custom enc phase1 enc custom enc phase1 enc Parameters Parameter Description custom enc phase1 enc Encryption algorithm preferences for phase1 in the VPN encryption algorithm which sets the base for phase2 site Site name Type A string that begins with a letter and contains up to 32 alphanumeric 0 9 a z _ characters without spaces Example set vpn site site17 remove custom enc ...

Страница 1236: ...ncryption suite Syntax set vpn site site add custom enc phase1 auth custom enc phase1 auth Parameters Parameter Description custom enc phase1 auth Authentication algorithm used for encryption validation site Site name Type A string that begins with a letter and contains up to 32 alphanumeric 0 9 a z _ characters without spaces Example set vpn site site17 add custom enc phase1 auth word ...

Страница 1237: ...yption suite Syntax set vpn site site remove all custom enc phase1 auth custom enc phase1 auth Parameters Parameter Description custom enc phase1 auth Authentication algorithm used for encryption validation site Site name Type A string that begins with a letter and contains up to 32 alphanumeric 0 9 a z _ characters without spaces Example set vpn site site17 remove all custom enc phase1 auth word ...

Страница 1238: ...cryption suite Syntax set vpn site site remove custom enc phase1 auth custom enc phase1 auth Parameters Parameter Description custom enc phase1 auth Authentication algorithm used for encryption validation site Site name Type A string that begins with a letter and contains up to 32 alphanumeric 0 9 a z _ characters without spaces Example set vpn site site17 remove custom enc phase1 auth word ...

Страница 1239: ...uite Syntax set vpn site site add custom enc phase1 dh group custom enc phase1 dh group Parameters Parameter Description custom enc phase1 dh group VPN Diffie Hellman key exchange encryption level site Site name Type A string that begins with a letter and contains up to 32 alphanumeric 0 9 a z _ characters without spaces Example set vpn site site17 add custom enc phase1 dh group word ...

Страница 1240: ...e Syntax set vpn site site remove all custom enc phase1 dh group custom enc phase1 dh group Parameters Parameter Description custom enc phase1 dh group VPN Diffie Hellman key exchange encryption level site Site name Type A string that begins with a letter and contains up to 32 alphanumeric 0 9 a z _ characters without spaces Example set vpn site site17 remove all custom enc phase1 dh group word ...

Страница 1241: ...uite Syntax set vpn site site remove custom enc phase1 dh group custom enc phase1 dh group Parameters Parameter Description custom enc phase1 dh group VPN Diffie Hellman key exchange encryption level site Site name Type A string that begins with a letter and contains up to 32 alphanumeric 0 9 a z _ characters without spaces Example set vpn site site17 remove custom enc phase1 dh group word ...

Страница 1242: ...suite Syntax set vpn site site add custom enc phase2 enc custom enc phase2 enc Parameters Parameter Description custom enc phase2 enc Encryption algorithm preferences for phase2 in the VPN encryption algorithm site Site name Type A string that begins with a letter and contains up to 32 alphanumeric 0 9 a z _ characters without spaces Example set vpn site site17 add custom enc phase2 enc word ...

Страница 1243: ...te Syntax set vpn site site remove all custom enc phase2 enc custom enc phase2 enc Parameters Parameter Description custom enc phase2 enc Encryption algorithm preferences for phase2 in the VPN encryption algorithm site Site name Type A string that begins with a letter and contains up to 32 alphanumeric 0 9 a z _ characters without spaces Example set vpn site site17 remove all custom enc phase2 enc...

Страница 1244: ...uite Syntax set vpn site site remove custom enc phase2 enc custom enc phase2 enc Parameters Parameter Description custom enc phase2 enc Encryption algorithm preferences for phase2 in the VPN encryption algorithm site Site name Type A string that begins with a letter and contains up to 32 alphanumeric 0 9 a z _ characters without spaces Example set vpn site site17 remove custom enc phase2 enc word ...

Страница 1245: ...ncryption suite Syntax set vpn site site add custom enc phase2 auth custom enc phase2 auth Parameters Parameter Description custom enc phase2 auth Authentication algorithm used for encryption validation site Site name Type A string that begins with a letter and contains up to 32 alphanumeric 0 9 a z _ characters without spaces Example set vpn site site17 add custom enc phase2 auth word ...

Страница 1246: ...yption suite Syntax set vpn site site remove all custom enc phase2 auth custom enc phase2 auth Parameters Parameter Description custom enc phase2 auth Authentication algorithm used for encryption validation site Site name Type A string that begins with a letter and contains up to 32 alphanumeric 0 9 a z _ characters without spaces Example set vpn site site17 remove all custom enc phase2 auth word ...

Страница 1247: ...cryption suite Syntax set vpn site site remove custom enc phase2 auth custom enc phase2 auth Parameters Parameter Description custom enc phase2 auth Authentication algorithm used for encryption validation site Site name Type A string that begins with a letter and contains up to 32 alphanumeric 0 9 a z _ characters without spaces Example set vpn site site17 remove custom enc phase2 auth word ...

Страница 1248: ... before you can define the VTI The Peer ID is an alpha numeric character string Type A string that begins with a letter and contains up to 32 alphanumeric 0 9 a z _ characters without spaces remote Defines the remote peer IPv4 address used at the peer gateway s point to point virtual interface numbered VTI only Type IP address tunnel A number identifying the Virtual Tunnel Interface VTI Type A num...

Страница 1249: ...show vpn SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1249 show vpn Shows VPN site to site configuration ...

Страница 1250: ... vpn Description Shows the configuration of a remote VPN site Syntax show vpn site site Parameters Parameter Description site Site name Type A string that begins with a letter and contains up to 32 alphanumeric 0 9 a z _ characters without spaces Example show vpn site site17 ...

Страница 1251: ...iption Shows the configuration of a Virtual Tunnel Interface VTI used for route based VPN Syntax show vpn tunnel tunnel Parameters Parameter Description tunnel A number identifying the Virtual Tunnel Interface VTI Type A number with no fractional part integer Example show vpn tunnel 12 ...

Страница 1252: ...vpn remote access SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1252 vpn remote access ...

Страница 1253: ...set vpn remote access SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1253 set vpn remote access Configures settings for VPN remote access Client to server VPN ...

Страница 1254: ...e shared key L2TP Pre Shared Key Type A string of alphanumeric characters without space between them l2tp vpn client Enable VPN remote access clients to connect via native VPN client L2TP Type Boolean true false mobile client Enable VPN remote access mobile clients to connect via Check Point Mobile VPN client Type Boolean true false mode Enable VPN Remote Access Type Boolean true false sslvpn clie...

Страница 1255: ...de 1255 set vpn remote access Description Configures advanced settings for VPN remote access Syntax set vpn remote access advanced settings enc dns traffic enc dns traffic Parameters Parameter Description n a Example set vpn remote access advanced settings enc dns traffic true ...

Страница 1256: ...6 set vpn remote access Description Configures advanced settings for VPN remote access Syntax set vpn remote access advanced settings verify gateway cert verify gateway cert Parameters Parameter Description n a Example set vpn remote access advanced settings verify gateway cert true ...

Страница 1257: ...7 set vpn remote access Description Configures advanced settings for VPN remote access Syntax set vpn remote access advanced settings update topo startup update topo startup Parameters Parameter Description n a Example set vpn remote access advanced settings update topo startup true ...

Страница 1258: ...ide 1258 set vpn remote access Description Configures advanced settings for VPN remote access Syntax set vpn remote access advanced settings keep alive time keep alive time Parameters Parameter Description n a Example set vpn remote access advanced settings keep alive time 15 ...

Страница 1259: ...ess Description Configures advanced settings for VPN remote access Syntax set vpn remote access advanced settings endpoint vpn user re auth timeout endpoint vpn user re auth timeout Parameters Parameter Description n a Example set vpn remote access advanced settings endpoint vpn user re auth timeout 15 ...

Страница 1260: ... Guide 1260 set vpn remote access Description Configures advanced settings for VPN remote access Syntax set vpn remote access advanced settings ike over tcp ike over tcp Parameters Parameter Description n a Example set vpn remote access advanced settings ike over tcp true ...

Страница 1261: ...1261 set vpn remote access Description Configures advanced settings for VPN remote access Syntax set vpn remote access advanced settings is udp enc active is udp enc active Parameters Parameter Description n a Example set vpn remote access advanced settings is udp enc active true ...

Страница 1262: ...n remote access Description Configures advanced settings for VPN remote access Syntax set vpn remote access advanced settings radius retransmit timeout radius retransmit timeout Parameters Parameter Description n a Example set vpn remote access advanced settings radius retransmit timeout 15 ...

Страница 1263: ... 1263 set vpn remote access Description Configures advanced settings for VPN remote access Syntax set vpn remote access advanced settings om method radius om method radius Parameters Parameter Description n a Example set vpn remote access advanced settings om method radius true ...

Страница 1264: ...te access Description Configures advanced settings for VPN remote access Syntax set vpn remote access advanced settings snx uninstall on disconnect snx uninstall on disconnect Parameters Parameter Description n a Example set vpn remote access advanced settings snx uninstall on disconnect ask user ...

Страница 1265: ...t vpn remote access Description Configures advanced settings for VPN remote access Syntax set vpn remote access advanced settings snx keep alive timeout snx keep alive timeout Parameters Parameter Description n a Example set vpn remote access advanced settings snx keep alive timeout 15 ...

Страница 1266: ... Guide 1266 set vpn remote access Description Configures advanced settings for VPN remote access Syntax set vpn remote access advanced settings snx min tls snx min tls Parameters Parameter Description n a Example set vpn remote access advanced settings snx min tls tls 1 0 ...

Страница 1267: ...emote access Description Configures advanced settings for VPN remote access Syntax set vpn remote access advanced settings snx encryption enable 3des snx encryption enable 3des Parameters Parameter Description n a Example set vpn remote access advanced settings snx encryption enable 3des true ...

Страница 1268: ...nce Guide 1268 set vpn remote access Description Configures advanced settings for VPN remote access Syntax set vpn remote access advanced settings update topo update topo Parameters Parameter Description n a Example set vpn remote access advanced settings update topo 15 ...

Страница 1269: ...n remote access Description Configures advanced settings for VPN remote access Syntax set vpn remote access advanced settings use limited auth timeout use limited auth timeout Parameters Parameter Description n a Example set vpn remote access advanced settings use limited auth timeout true ...

Страница 1270: ...270 set vpn remote access Description Configures advanced settings for VPN remote access Syntax set vpn remote access advanced settings auth timeout limit auth timeout limit Parameters Parameter Description n a Example set vpn remote access advanced settings auth timeout limit 15 ...

Страница 1271: ...emote access Description Configures advanced settings for VPN remote access Syntax set vpn remote access advanced settings om enable with multiple if om enable with multiple if Parameters Parameter Description n a Example set vpn remote access advanced settings om enable with multiple if true ...

Страница 1272: ...et vpn remote access Description Configures advanced settings for VPN remote access Syntax set vpn remote access advanced settings disconnect enc domain disconnect enc domain Parameters Parameter Description n a Example set vpn remote access advanced settings disconnect enc domain true ...

Страница 1273: ... 1273 set vpn remote access Description Configures advanced settings for VPN remote access Syntax set vpn remote access advanced settings enable back conn enable back conn Parameters Parameter Description n a Example set vpn remote access advanced settings enable back conn true ...

Страница 1274: ...1274 set vpn remote access Description Configures advanced settings for VPN remote access Syntax set vpn remote access advanced settings allow update topo allow update topo Parameters Parameter Description n a Example set vpn remote access advanced settings allow update topo true ...

Страница 1275: ... remote access Description Configures advanced settings for VPN remote access Syntax set vpn remote access advanced settings snx encryption enable rc4 snx encryption enable rc4 Parameters Parameter Description n a Example set vpn remote access advanced settings snx encryption enable rc4 true ...

Страница 1276: ...6 set vpn remote access Description Configures advanced settings for VPN remote access Syntax set vpn remote access advanced settings ike ip comp support ike ip comp support Parameters Parameter Description n a Example set vpn remote access advanced settings ike ip comp support true ...

Страница 1277: ...ce Guide 1277 set vpn remote access Description Configures advanced settings for VPN remote access Syntax set vpn remote access advanced settings enc method enc method Parameters Parameter Description n a Example set vpn remote access advanced settings enc method ike v1 ...

Страница 1278: ... Guide 1278 set vpn remote access Description Configures advanced settings for VPN remote access Syntax set vpn remote access advanced settings snx upgrade snx upgrade Parameters Parameter Description n a Example set vpn remote access advanced settings snx upgrade ask user ...

Страница 1279: ...emote access Description Configures advanced settings for VPN remote access Syntax set vpn remote access advanced settings ike support crash recovery ike support crash recovery Parameters Parameter Description n a Example set vpn remote access advanced settings ike support crash recovery true ...

Страница 1280: ...iption Configures advanced settings for VPN remote access Syntax set vpn remote access advanced settings allow clear traffic while disconnected allow clear traffic while disconnected Parameters Parameter Description n a Example set vpn remote access advanced settings allow clear traffic while disconnected true ...

Страница 1281: ...ss Description Configures advanced settings for VPN remote access Syntax set vpn remote access advanced settings allow caching passwords on client allow caching passwords on client Parameters Parameter Description n a Example set vpn remote access advanced settings allow caching passwords on client true ...

Страница 1282: ...2 set vpn remote access Description Configures advanced settings for VPN remote access Syntax set vpn remote access advanced settings prevent ip pool nat prevent ip pool nat Parameters Parameter Description n a Example set vpn remote access advanced settings prevent ip pool nat true ...

Страница 1283: ...3 set vpn remote access Description Configures advanced settings for VPN remote access Syntax set vpn remote access advanced settings disable office mode disable office mode Parameters Parameter Description n a Example set vpn remote access advanced settings disable office mode true ...

Страница 1284: ...pn remote access Description Configures advanced settings for VPN remote access Syntax set vpn remote access advanced settings snx user re auth timeout snx user re auth timeout Parameters Parameter Description n a Example set vpn remote access advanced settings snx user re auth timeout 15 ...

Страница 1285: ...n remote access Description Configures advanced settings for VPN remote access Syntax set vpn remote access advanced settings allow simultaneous login allow simultaneous login Parameters Parameter Description n a Example set vpn remote access advanced settings allow simultaneous login true ...

Страница 1286: ...ption Configures advanced settings for VPN remote access Syntax set vpn remote access advanced settings port visitor mode port visitor mode port reserve port 443 reserve port 443 Parameters Parameter Description n a Example set vpn remote access advanced settings port visitor mode port 8080 reserve port 443 true ...

Страница 1287: ...vanced settings for VPN remote access Syntax set vpn remote access advanced settings office mode om perform antispoofing om perform antispoofing single om per site single om per site Parameters Parameter Description n a Example set vpn remote access advanced settings office mode om perform antispoofing true single om per site true ...

Страница 1288: ...tings for VPN remote access Syntax set vpn remote access advanced settings visitor mode enable visitor mode all enable visitor mode all visitor mode interface visitor mode interface Parameters Parameter Description n a Example set vpn remote access advanced settings visitor mode enable visitor mode all all visitor mode interface 192 168 1 1 ...

Страница 1289: ...show vpn remote access SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1289 show vpn remote access Shows configuration of remote access VPN ...

Страница 1290: ...500 Appliance Series R80 20 05 CLI Reference Guide 1290 show vpn remote access Description Shows configuration of remote access VPN Syntax show vpn remote access Parameters Parameter Description n a Example show vpn remote access ...

Страница 1291: ... R80 20 05 CLI Reference Guide 1291 show vpn remote access Description Shows advanced settings of remote access VPN Syntax show vpn remote access advanced settings Parameters Parameter Description n a Example show vpn remote access advanced settings ...

Страница 1292: ...dicates if Internet traffic from connected clients will be routed first through this gateway Type Boolean true false dns domain mode Indicates if remote access clients use the domain name configured under DNS network settings of the device or a manually configured domain name Type Boolean true false dns primary Configure manually office mode first DNS Type IP address dns secondary Configure manual...

Страница 1293: ... if the remote access clients will use this gateway as a DNS server Applicable only when encryption domain is calculated automatically Type Boolean true false Example set vpn remote access advanced om network ip 172 16 10 0 om subnet mask 255 255 255 0 default route through this gateway true enc dom manual use this gateway as dns server true dns primary 192 168 1 1 dns secondary 192 168 1 1 dns te...

Страница 1294: ...ce Series R80 20 05 CLI Reference Guide 1294 show vpn remote access advanced Description Shows advanced settings of remote access VPN Syntax show vpn remote access advanced Parameters Parameter Description n a Example show vpn remote access advanced ...

Страница 1295: ...ote access advanced enc dom obj manual SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1295 set vpn remote access advanced enc dom obj manual Configures manual encryption domain for VPN remote access users ...

Страница 1296: ...te access advanced enc dom obj manual Description Adds a network object to the manual encryption domain of VPN remote access Syntax set vpn remote access advanced enc dom obj manual add name name Parameters Parameter Description name Network Object name Example set vpn remote access advanced enc dom obj manual add name TEXT ...

Страница 1297: ...ess advanced enc dom obj manual Description Removes a network object from the manual encryption domain of VPN remote access Syntax set vpn remote access advanced enc dom obj manual remove name name Parameters Parameter Description name Network Object name Example set vpn remote access advanced enc dom obj manual remove name TEXT ...

Страница 1298: ...vpn site SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1298 vpn site ...

Страница 1299: ...add vpn site SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1299 add vpn site Description Adds a new remote VPN site for VPN site to site ...

Страница 1300: ...add vpn site SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1300 Syntax ...

Страница 1301: ...e aggressive mode DH group aggressive mode DH group aggressive mode enable peer id true aggressive mode peer id type aggressive mode peer id type aggressive mode peer id aggressive mode peer id false aggressive mode enable gateway id true aggressive mode gateway id type aggressive mode gateway id type aggressive mode gateway id aggressive mode gateway id false false enc method enc method use trust...

Страница 1302: ...ype Indicates the type of gateway ID that will be used for matching when configured Options domain name user name aggressive mode peer id The peer ID that will be used for matching when configured to Type vpnAggressiveModePeerId aggressive mode peer id type Indicates the type of peer ID that will be used for matching when configured Options domain name user name auth method Indicates the type of a...

Страница 1303: ...or link selection when multiple IP addresses are configured for the remote site Options ongoing one time match cert dn Indicates if certificate matching should match the DN string in the certificate to the configured DN string Type Boolean true false match cert dn string Indicates the configured DN string for certificate matching Type String match cert e mail Indicates if certificate matching shou...

Страница 1304: ... with no fractional part integer remote site enc dom type The method of defining the remote site s encryption domain Options manually defined enc dom route all traffic to site route based vpn enc dom hidden behind remote site remote site host name Indicates the host name of the remote site Type An IP address or host name remote site ip address Indicates the IP address of the remote site Type IP ad...

Страница 1305: ...v1 use trusted ca TEXT match cert ip true match cert dn true match cert dn string TEXT match cert e mail true match cert e mail string MyEmail mail com link selection probing method ongoing auth method preshared secret password vpnPassword enabled true remote site enc dom type manually defined enc dom enc profile custom phase1 reneg interval 15 phase2 reneg interval 15 enable perfect forward secre...

Страница 1306: ...delete vpn site SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1306 delete vpn site Delete VPN sites ...

Страница 1307: ... vpn site Description Delete an existing VPN site by name Syntax delete vpn site name name Parameters Parameter Description name Site name Type A string that begins with a letter and contains up to 32 alphanumeric 0 9 a z _ characters without spaces Example delete vpn site name site17 ...

Страница 1308: ...ite SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1308 delete vpn site Description Delete all existing VPN sites Syntax delete vpn site all Parameters Parameter Description n a Example delete vpn site all ...

Страница 1309: ...ites SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1309 show vpn sites Description Show all configured remote VPN sites Syntax show vpn sites Parameters Parameter Description n a Example show vpn sites ...

Страница 1310: ...vpn site to site SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1310 vpn site to site ...

Страница 1311: ...set vpn site to site SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1311 set vpn site to site Configure global settings for VPN site to site ...

Страница 1312: ...emote sites by default A I Options block accept local encryption domain Indicates if the local encryption domain is configured manually or determined automatically using the local networks Options auto manual manual source ip address A manually configured source IP address to be used if configured to for VPN tunnels Type IP address mode Indicates whether or not VPN site to site is active Type Bool...

Страница 1313: ...esponder mode Once checked DPD responder mode will be enabled otherwise permanent tunnel based on DPD mode will be enabled Type Boolean true false Example set vpn site to site mode true default access to lan block track none local encryption domain auto manual source ip address 192 168 1 1 source ip address selection automatically outgoing interface selection routing table use dpd responder mode t...

Страница 1314: ...te Description Configure advanced settings for VPN site to site Syntax set vpn site to site advanced settings sync sa with other cluster members sync sa with other cluster members Parameters Parameter Description n a Example set vpn site to site advanced settings sync sa with other cluster members 15 ...

Страница 1315: ...ite Description Configure advanced settings for VPN site to site Syntax set vpn site to site advanced settings keep dont fragment flag on packet keep dont fragment flag on packet Parameters Parameter Description n a Example set vpn site to site advanced settings keep dont fragment flag on packet true ...

Страница 1316: ...o site Description Configure advanced settings for VPN site to site Syntax set vpn site to site advanced settings delete ipsec sas on ikes delete delete ipsec sas on ikes delete Parameters Parameter Description n a Example set vpn site to site advanced settings delete ipsec sas on ikes delete true ...

Страница 1317: ...pn site to site Description Configure advanced settings for VPN site to site Syntax set vpn site to site advanced settings period after crl not valid period after crl not valid Parameters Parameter Description n a Example set vpn site to site advanced settings period after crl not valid 2 ...

Страница 1318: ... Configure advanced settings for VPN site to site Syntax set vpn site to site advanced settings log notification for administrative actions log notification for administrative actions Parameters Parameter Description n a Example set vpn site to site advanced settings log notification for administrative actions none ...

Страница 1319: ... Configure advanced settings for VPN site to site Syntax set vpn site to site advanced settings udp encapsulation for firewalls and proxies udp encapsulation for firewalls and proxies Parameters Parameter Description n a Example set vpn site to site advanced settings udp encapsulation for firewalls and proxies true ...

Страница 1320: ...site Description Configure advanced settings for VPN site to site Syntax set vpn site to site advanced settings copy diff serv from ipsec packet copy diff serv from ipsec packet Parameters Parameter Description n a Example set vpn site to site advanced settings copy diff serv from ipsec packet true ...

Страница 1321: ...o site Description Configure advanced settings for VPN site to site Syntax set vpn site to site advanced settings log vpn successful key exchange log vpn successful key exchange Parameters Parameter Description n a Example set vpn site to site advanced settings log vpn successful key exchange none ...

Страница 1322: ...site Description Configure advanced settings for VPN site to site Syntax set vpn site to site advanced settings dpd triggers new ike negotiation dpd triggers new ike negotiation Parameters Parameter Description n a Example set vpn site to site advanced settings dpd triggers new ike negotiation true ...

Страница 1323: ...to site Description Configure advanced settings for VPN site to site Syntax set vpn site to site advanced settings log vpn packet handling errors log vpn packet handling errors Parameters Parameter Description n a Example set vpn site to site advanced settings log vpn packet handling errors none ...

Страница 1324: ... 1324 set vpn site to site Description Configure advanced settings for VPN site to site Syntax set vpn site to site advanced settings keep ikesa keys keep ikesa keys Parameters Parameter Description n a Example set vpn site to site advanced settings keep ikesa keys do not keep ...

Страница 1325: ...pn site to site Description Configure advanced settings for VPN site to site Syntax set vpn site to site advanced settings permanent tunnel up track permanent tunnel up track Parameters Parameter Description n a Example set vpn site to site advanced settings permanent tunnel up track none ...

Страница 1326: ...pn site to site Description Configure advanced settings for VPN site to site Syntax set vpn site to site advanced settings tunnel test from internal tunnel test from internal Parameters Parameter Description n a Example set vpn site to site advanced settings tunnel test from internal true ...

Страница 1327: ...1327 set vpn site to site Description Configure advanced settings for VPN site to site Syntax set vpn site to site advanced settings vpn tunnel sharing vpn tunnel sharing Parameters Parameter Description n a Example set vpn site to site advanced settings vpn tunnel sharing hosts ...

Страница 1328: ...ion Configure advanced settings for VPN site to site Syntax set vpn site to site advanced settings vpn configuration and key exchange errors vpn configuration and key exchange errors Parameters Parameter Description n a Example set vpn site to site advanced settings vpn configuration and key exchange errors none ...

Страница 1329: ...1329 set vpn site to site Description Configure advanced settings for VPN site to site Syntax set vpn site to site advanced settings reply from same ip reply from same ip Parameters Parameter Description n a Example set vpn site to site advanced settings reply from same ip true ...

Страница 1330: ...0 set vpn site to site Description Configure advanced settings for VPN site to site Syntax set vpn site to site advanced settings no local dns encrypt no local dns encrypt Parameters Parameter Description n a Example set vpn site to site advanced settings no local dns encrypt true ...

Страница 1331: ...vpn site to site Description Configure advanced settings for VPN site to site Syntax set vpn site to site advanced settings is admin access agnostic is admin access agnostic Parameters Parameter Description n a Example set vpn site to site advanced settings is admin access agnostic true ...

Страница 1332: ...et vpn site to site Description Configure advanced settings for VPN site to site Syntax set vpn site to site advanced settings period before crl valid period before crl valid Parameters Parameter Description n a Example set vpn site to site advanced settings period before crl valid 5 ...

Страница 1333: ...e to site Description Configure advanced settings for VPN site to site Syntax set vpn site to site advanced settings maximum concurrent vpn tunnels maximum concurrent vpn tunnels Parameters Parameter Description n a Example set vpn site to site advanced settings maximum concurrent vpn tunnels 5 ...

Страница 1334: ...e Guide 1334 set vpn site to site Description Configure advanced settings for VPN site to site Syntax set vpn site to site advanced settings limit open sas limit open sas Parameters Parameter Description n a Example set vpn site to site advanced settings limit open sas 5 ...

Страница 1335: ...site to site Description Configure advanced settings for VPN site to site Syntax set vpn site to site advanced settings permanent tunnel down track permanent tunnel down track Parameters Parameter Description n a Example set vpn site to site advanced settings permanent tunnel down track none ...

Страница 1336: ... set vpn site to site Description Configure advanced settings for VPN site to site Syntax set vpn site to site advanced settings enable link selection enable link selection Parameters Parameter Description n a Example set vpn site to site advanced settings enable link selection true ...

Страница 1337: ...scription Configure advanced settings for VPN site to site Syntax set vpn site to site advanced settings check validity of ipsec reply packets check validity of ipsec reply packets Parameters Parameter Description n a Example set vpn site to site advanced settings check validity of ipsec reply packets true ...

Страница 1338: ...site Description Configure advanced settings for VPN site to site Syntax set vpn site to site advanced settings ike dos protection unknown sites ike dos protection unknown sites Parameters Parameter Description n a Example set vpn site to site advanced settings ike dos protection unknown sites none ...

Страница 1339: ...to site Description Configure advanced settings for VPN site to site Syntax set vpn site to site advanced settings ike dos protection known sites ike dos protection known sites Parameters Parameter Description n a Example set vpn site to site advanced settings ike dos protection known sites none ...

Страница 1340: ...e Description Configure advanced settings for VPN site to site Syntax set vpn site to site advanced settings maximum concurrent ike negotiations maximum concurrent ike negotiations Parameters Parameter Description n a Example set vpn site to site advanced settings maximum concurrent ike negotiations 20 ...

Страница 1341: ... set vpn site to site Description Configure advanced settings for VPN site to site Syntax set vpn site to site advanced settings log vpn outgoing link log vpn outgoing link Parameters Parameter Description n a Example set vpn site to site advanced settings log vpn outgoing link none ...

Страница 1342: ...o site Description Configure advanced settings for VPN site to site Syntax set vpn site to site advanced settings delete ike sas from a dead peer delete ike sas from a dead peer Parameters Parameter Description n a Example set vpn site to site advanced settings delete ike sas from a dead peer true ...

Страница 1343: ...to site Description Configure advanced settings for VPN site to site Syntax set vpn site to site advanced settings timeout for an rdp packet reply timeout for an rdp packet reply Parameters Parameter Description n a Example set vpn site to site advanced settings timeout for an rdp packet reply 15 ...

Страница 1344: ...te to site Description Configure advanced settings for VPN site to site Syntax set vpn site to site advanced settings perform ike using cluster ip perform ike using cluster ip Parameters Parameter Description n a Example set vpn site to site advanced settings perform ike using cluster ip true ...

Страница 1345: ...e to site Description Configure advanced settings for VPN site to site Syntax set vpn site to site advanced settings reply from incoming interface reply from incoming interface Parameters Parameter Description n a Example set vpn site to site advanced settings reply from incoming interface true ...

Страница 1346: ...site Description Configure advanced settings for VPN site to site Syntax set vpn site to site advanced settings ike use largest possible subnets ike use largest possible subnets Parameters Parameter Description n a Example set vpn site to site advanced settings ike use largest possible subnets true ...

Страница 1347: ...to site Description Configure advanced settings for VPN site to site Syntax set vpn site to site advanced settings copy diff serv to ipsec packet copy diff serv to ipsec packet Parameters Parameter Description n a Example set vpn site to site advanced settings copy diff serv to ipsec packet true ...

Страница 1348: ...shows vpn site to site SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1348 shows vpn site to site Shows configuration of site to site VPN ...

Страница 1349: ... 1500 Appliance Series R80 20 05 CLI Reference Guide 1349 show vpn site to site Description Shows configuration of site to site VPN Syntax show vpn site to site Parameters Parameter Description n a Example show vpn site to site ...

Страница 1350: ...es R80 20 05 CLI Reference Guide 1350 shows vpn site to site Description Shows advanced settings of site to site VPN Syntax show vpn site to site advanced settings Parameters Parameter Description n a Example show vpn site to site advanced settings ...

Страница 1351: ...set vpn site to site enc dom manual SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1351 set vpn site to site enc dom manual Configures manually the local encryption domain for site to site VPN ...

Страница 1352: ...2 set vpn site to site enc dom manual Description Adds a network object to the local encryption domain for site to site VPN Syntax set vpn site to site enc dom manual add name name Parameters Parameter Description name Network Object name Example set vpn site to site enc dom manual add name TEXT ...

Страница 1353: ...ite to site enc dom manual Description Removes all network objects from the local encryption domain for site to site VPN Syntax set vpn site to site enc dom manual remove all name name Parameters Parameter Description name Network Object name Example set vpn site to site enc dom manual remove all name TEXT ...

Страница 1354: ... vpn site to site enc dom manual Description Removes a network object from the local encryption domain for site to site VPN Syntax set vpn site to site enc dom manual remove name name Parameters Parameter Description name Network Object name Example set vpn site to site enc dom manual remove name TEXT ...

Страница 1355: ...vpn tunnel SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1355 vpn tunnel ...

Страница 1356: ...eference Guide 1356 show vpn tunnel Description Shows all IKE Internet Key Exchange and IPSec Internet Protocol Security SAs Security Associations for the VPN tunnel Syntax show vpn tunnel info Parameters Parameter Description n a Example show vpn tunnel info ...

Страница 1357: ... SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1357 show vpn tunnels Description Shows all Virtual Tunnel Interfaces VTIs Syntax show vpn tunnels Parameters Parameter Description n a Example show vpn tunnels ...

Страница 1358: ...wlan SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1358 wlan ...

Страница 1359: ... delete wlan Description Delete an existing wireless Virtual Access Point VAP by SSID Syntax delete wlan vap vap Parameters Parameter Description vap The name of the Virtual Access Point Type A string that contains A Z 0 9 _ and characters Example delete wlan vap My_Network ...

Страница 1360: ...set wlan SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1360 set wlan Configures a virtual access point VAP wireless network in appliance models that contain wireless options ...

Страница 1361: ... 05 CLI Reference Guide 1361 set wlan Description Turn on off the first wireless network VAP that was created Syntax set wlan on off Parameters Parameter Description mode The mode of the Virtual Access Point Options on off Example set wlan on ...

Страница 1362: ...set wlan Description Configures the SSID of the first wireless network that was created Syntax set wlan ssid ssid Parameters Parameter Description ssid Wireless network name SSID Type A string that contains A Z 0 9 _ and space characters Example set wlan ssid My wireless ...

Страница 1363: ... Guide 1363 set wlan Description Configures the first wireless network that was created Syntax set wlan security type security type Parameters Parameter Description security type Security Type Options none WEP WPA2 WPA WPA2 Example set wlan security type none ...

Страница 1364: ...rence Guide 1364 set wlan Description Configures the first wireless network that was created Syntax set wlan wpa auth type password password hotspot hotspot Parameters Parameter Description n a Example set wlan wpa auth type password gTd 3 gha_ hotspot on ...

Страница 1365: ...ss network that was created Syntax set wlan wpa auth type radius hotspot hotspot Parameters Parameter Description hotspot The Hotspot of the Virtual Access Point Options on off wpa auth type Wireless protected access authentication Type Press TAB to see available options Example set wlan wpa auth type radius hotspot on ...

Страница 1366: ...cription Configures the first wireless network that was created Syntax set wlan wpa encryption type wpa encryption type Parameters Parameter Description wpa encryption type Wireless protected access encryption type Options Auto CCMP AES TKIP Example set wlan wpa encryption type Auto ...

Страница 1367: ...ription Configures the first wireless network that was created Syntax set wlan assignment assignment Parameters Parameter Description assignment The network assigned to the virtual access point Type A string that contains A Z 0 9 _ and characters Example set wlan assignment My_Network ...

Страница 1368: ... Disable an existing wireless network VAP Syntax set wlan vap vap enable disable Parameters Parameter Description mode The mode of the Virtual Access Point Options on off vap The name of the Virtual Access Point Type A string that contains A Z 0 9 _ and characters Example set wlan vap My_Network on ...

Страница 1369: ...ng wireless network VAP Syntax set wlan vap vap ssid ssid Parameters Parameter Description ssid Wireless network name SSID Type A string that contains A Z 0 9 _ and space characters vap The name of the Virtual Access Point Type A string that contains A Z 0 9 _ and characters Example set wlan vap My_Network ssid My wireless ...

Страница 1370: ...ng wireless network VAP Syntax set wlan vap vap security type security type Parameters Parameter Description security type Security Type Options none WEP WPA2 WPA WPA2 vap The name of the Virtual Access Point Type A string that contains A Z 0 9 _ and characters Example set wlan vap My_Network security type none ...

Страница 1371: ... existing wireless network VAP Syntax set wlan vap vap wpa auth type password password hotspot hotspot Parameters Parameter Description vap The name of the Virtual Access Point Type A string that contains A Z 0 9 _ and characters Example set wlan vap My_Network wpa auth type password gTd 3 gha_ hotspot on ...

Страница 1372: ...e radius hotspot hotspot Parameters Parameter Description hotspot The Hotspot of the Virtual Access Point Options on off vap The name of the Virtual Access Point Type A string that contains A Z 0 9 _ and characters wpa auth type Wireless protected access authentication Type Press TAB to see available options Example set wlan vap My_Network wpa auth type radius hotspot on ...

Страница 1373: ...Syntax set wlan vap vap wpa encryption type wpa encryption type Parameters Parameter Description vap The name of the Virtual Access Point Type A string that contains A Z 0 9 _ and characters wpa encryption type Wireless protected access encryption type Options Auto CCMP AES TKIP Example set wlan vap My_Network wpa encryption type Auto ...

Страница 1374: ...yntax set wlan vap vap assignment assignment Parameters Parameter Description assignment The network assigned to the virtual access point Type A string that contains A Z 0 9 _ and characters vap The name of the Virtual Access Point Type A string that contains A Z 0 9 _ and characters Example set wlan vap My_Network assignment My_Network ...

Страница 1375: ...VAP Syntax set wlan vap vap advanced settings hide ssid hide ssid station to station station to station wds wds Parameters Parameter Description vap The name of the Virtual Access Point Type A string that contains A Z 0 9 _ and characters Example set wlan vap My_Network advanced settings hide ssid on station to station allow wds on ...

Страница 1376: ...able protection of 802 11 management frames refers to the main wireless access point Syntax set wlan main wireless name advanced settings protected mgmt frames on off Parameters Parameter Description main wireless name Name of the main wireless access point Type Press TAB to see available options on off on Enabled off Disabled Example set wlan NANCY wireless advanced settings protected mgmt frames...

Страница 1377: ...show wlan SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1377 show wlan Shows configuration for wireless networks relevant to hardware models with wireless ...

Страница 1378: ...ow wlan Description Shows configuration for a virtual access point VAP or wireless network Syntax show wlan vap vap Parameters Parameter Description vap The name of the Virtual Access Point Type A string that contains A Z 0 9 _ and characters Example show wlan vap My_Network ...

Страница 1379: ...wlan SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1379 show wlan Description Shows configuration of the wireless radio Syntax text show wlan Parameters Parameter Description n a Example show wlan ...

Страница 1380: ...wlan radio SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1380 wlan radio ...

Страница 1381: ...set wlan radio SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1381 set wlan radio Configures the radio settings of wireless antennas in appliance models that contain wireless options ...

Страница 1382: ...untry operation mode operation mode channel channel channel width channel width Parameters Parameter Description channel Channel Options channel channel width Channel width Options auto 20 40 80 country Country Options country operation mode Operation mode Options 11b 11g 11bg 11n 11ng 11ac 11nac Example set wlan radio country albania operation mode 11b channel auto channel width auto ...

Страница 1383: ...t wlan radio band band country country operation mode operation mode channel channel channel width channel width Parameters Parameter Description band type Options 5GHz 2 4GHz channel Channel Options channel channel width Channel width Options auto 20 40 80 country Country Options country operation mode Operation mode Options 11b 11g 11bg 11n 11ng 11ac 11nac Example set wlan radio band 5GHz countr...

Страница 1384: ...e Series R80 20 05 CLI Reference Guide 1384 set wlan radio Description Enable Disable the wireless radio Syntax set wlan radio off on Parameters Parameter Description mode Wireless radio mode Options off on Example set wlan radio off ...

Страница 1385: ...able Disable the wireless radio per band in wireless models that contain a concurrent dual band option using two radio antennas Syntax set wlan radio band band off on Parameters Parameter Description band type Options 5GHz 2 4GHz mode Wireless radio mode Options off on Example set wlan radio band 5GHz off ...

Страница 1386: ...ures advanced radio settings for the wireless radio Syntax set wlan radio advanced settings transmitter power transmitter power guard interval guard interval antenna antenna Parameters Parameter Description n a Example set wlan radio advanced settings transmitter power minimum guard interval short antenna auto ...

Страница 1387: ...s models that contain a concurrent dual band option using two radio antennas Syntax set wlan radio band band advanced settings transmitter power transmitter power guard interval guard interval antenna antenna Parameters Parameter Description band type Options 5GHz 2 4GHz Example set wlan radio band 5GHz advanced settings transmitter power minimum guard interval short antenna auto ...

Страница 1388: ...o SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1388 show wlan radio Description Shows configuration of the wireless radio Syntax show wlan radio Parameters Parameter Description n a Example show wlan radio ...

Страница 1389: ...B 1500 Appliance Series R80 20 05 CLI Reference Guide 1389 show wlan statistics Description Shows statistics of the wireless radio Syntax show wlan statistics Parameters Parameter Description n a Example show wlan statistics ...

Страница 1390: ...wlan vaps SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1390 wlan vaps ...

Страница 1391: ...s were dual antennas are available during configuration of a wireless network the specific band for the network must be selected 2 4Ghz 5Ghz Syntax add wlan vap ssid ssid band band Parameters Parameter Description band Wireless radio transmitter Options 5GHz 2 4GHz ssid Wireless network name SSID Type A string that contains A Z 0 9 _ and space characters Example add wlan vap ssid My wireless band ...

Страница 1392: ...00 Appliance Series R80 20 05 CLI Reference Guide 1392 delete wlan vaps Description Delete all existing wireless Virtual Access Points VAP Syntax delete wlan vaps Parameters Parameter Description n a Example delete wlan vaps ...

Страница 1393: ...frames Description Enable or disable protection of 802 11 management frames Syntax set wlan vap wireless name advanced settings protected mgmt frames on off Parameters Parameter Description wireless name Name of the wireless network Type Press TAB to see available options on off on Enabled off Disabled Example set wlan vap cp7f7e5168 advanced settings protected mgmt frames off ...

Страница 1394: ... as wireless password Syntax set wlan vap vap wpa auth type password set as mac with prefix prefix Parameters Parameter Description vap Name of the VAP that is being edited prefix The authentication type is password set as mac with prefix Example set wlan vap Guest1 wpa auth type password set as mac with prefix aaa ...

Страница 1395: ...CLI Reference Guide 1395 show wlan vap wireless Description Show wlan vap wireless networks for which 802 11w is enabled Syntax show wlan vap wireless name Parameters Parameter Description wireless name Name of the wireless network Example show wlan vap MyWiFi ...

Страница 1396: ...500 Appliance Series R80 20 05 CLI Reference Guide 1396 show wlan vaps Description Shows all Virtual Access points VAPs or wireless network Syntax show wlan vaps Parameters Parameter Description n a Example show wlan vaps ...

Страница 1397: ... Appliance Series R80 20 05 CLI Reference Guide 1397 show wlan vaps statistics Description Shows statistics per Virtual Access Point Syntax show wlan vaps statistics Parameters Parameter Description n a Example show wlan vaps statistics ...

Страница 1398: ...zero touch SMB 1500 Appliance Series R80 20 05 CLI Reference Guide 1398 zero touch ...

Страница 1399: ...service Default zerotouch checkpoint com Type URL or IP address mode When the mode is set to on the appliance will constantly try to fetch configuration from the Zero Touch server if the First Time Configuration Wizard is not started Options on off Default on verify certificate When verify certificate is set to on the appliance will verify the SSL certificate of the Zero Touch server You are advis...

Страница 1400: ...00 Appliance Series R80 20 05 CLI Reference Guide 1400 show zero touch Description Show the parameters configured for the Zero Touch service Syntax show zero touch Parameters Parameter Description n a Example show zero touch ...

Страница 1401: ...e gateway will connect to the Zero Touch server and display the received configuration without enforcing it There is an option to store the configuration in the storage zt_ cfg clish file Syntax test zero touch request save config as file Parameters Optional Parameter Description save configuration as file Save received configuration to the storage zt_cfg clish file Example test zero touch request...

Отзывы: