2.1.4. The CLI
address book, starting with the interface IP:
gw-world:/> set Address IP4Address if2_ip Address=10.8.1.34
The network IP address for the interface must also be set to the appropriate value:
gw-world:/> set Address IP4Address if2_net Address=10.8.1.0/24
In this example, local IP addresses are used for illustration but these could be public IP addresses
instead.
Next, create a remote HTTP management access object, in this example called HTTP_if2:
gw-world:/> add RemoteManagement RemoteMgmtHTTP HTTP_if2
If we now activate and commit the new configuration, remote management access via the IP address
10.8.1.34 is now possible using a web browser. If SSH management access is required then a
RemoteMgmtSSH object should be added.
The assumption made with the above commands is that an all-nets route exists to the ISP's gateway.
In other words, Internet access has been enabled for the NetDefend Firewall.
Managing Management Sessions with sessionmanager
The CLI provides a command called sessionmanager for managing management sessions
themselves. The command be used to manage all types of management sessions, including:
•
Secure Shell (SSH) CLI sessions.
•
Any CLI session through the serial console interface.
•
Secure Copy (SCP) sessions.
•
Web Interface sessions connected by HTTP or HTTPS.
The command without any options gives a summary of currently open sessions:
gw-world:/> sessionmanager
Session Manager status
----------------------
Active connections
Maximum allowed connections :
Local idle session timeout
NetCon idle session timeout :
To see a list of all sessions use the -list option. Below is some typical output showing the local
console session:
gw-world:/> sessionmanager -list
User
-------- ---------------- ---------
local
If the user has full administrator privileges, they can forcibly terminate another management session
Interface=if2 Network=all-nets
LocalUserDatabase=AdminUsers
AccessLevel=Admin HTTP=Yes
Database
(none)
Chapter 2. Management and Maintenance
:
3
64
:
900
600
IP
Type
------- -------
0.0.0.0
local
42
Mode
Access
--------
console
admin