Check Point SMB 1500 Series Reference Manual
  1. Manuals
  2. Brands
  3. Check Point Manuals
  4. Firewall
  5. SMB 1500 Series
  6. Reference manual

Check Point SMB 1500 Series Reference Manual

Hide thumbs
1
2
3
Table Of Contents
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
Table of Contents

Advertisement

Quick Links

30 March 2020
SMB 1500 APPLIANCE
SERIES
R80.20.05
CLI Reference Guide

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the SMB 1500 Series and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Check Point SMB 1500 Series

Summary of Contents for Check Point SMB 1500 Series

  • Page 1 30 March 2020 SMB 1500 APPLIANCE SERIES R80.20.05 CLI Reference Guide...
  • Page 2 Check Point. While every precaution has been taken in the preparation of this book, Check Point assumes no responsibility for errors or omissions. This publication and features described herein are subject to change without notice.
  • Page 3 Open the latest version of this document in a Web browser document in PDF format Download the latest version of this Feedback Check Point is engaged in a continuous effort to improve its documentation. Please help us by sending your comments Revision History Date Description 30 March 2020...

  • Page 4: Table Of Contents

    Table of Contents Table of Contents Introduction Using Command Line Reference CLI Syntax Running Gaia Clish Commands from Expert Mode Supported Linux Commands access-rule type outgoing add access-rule type outgoing delete access-rule type outgoing set access-rule type outgoing show access-rule type outgoing access-rule type incoming-internal-and-vpn add access-rule type incoming-internal-and-vpn delete access-rule type incoming-internal-and-vpn...
  • Page 5 Table of Contents set address-range show address-range show address-ranges admin-access add admin access set admin-access show admin-access admin-access-ip-addresses show admin-access-ip-addresses delete admin-access-ip-address-all admin-access-ipv4-address add admin-access-ipv4-address add admin-access-ipv4-address add admin-access-ipv4-address delete admin-access-ipv4-address show admin-access-ipv4-addresses delete admin-access-ipv4-address-all administrator add administrator delete administrator set administrator set administrator set administrator...
  • Page 6 Table of Contents administrators roles-settings set administrators roles-settings show administrators roles-settings administrator session-settings set administrator session-settings show administrator session-settings show adsl statistics aggressive-aging set aggressive-aging set aggressive-aging set aggressive-aging show aggressive-aging show aggressive-aging show aggressive-aging antispam set antispam set antispam set antispam set antispam set antispam...
  • Page 7 Table of Contents delete antispam allowed-sender delete antispam allowed-sender delete antispam allowed-sender show antispam allowed-senders antispam blocked-sender add antispam blocked-sender add antispam blocked-sender add antispam blocked-sender delete antispam blocked-sender delete antispam blocked-sender delete antispam blocked-sender delete antispam blocked-sender show antispam blocked-senders application add application add application...
  • Page 8 Table of Contents show application show application show applications application-control set application-control show application-control show application-control other-undesired-applications application-control-engine-settings set application-control-engine-settings set application-control-engine-settings set application-control-engine-settings set application-control-engine-settings set application-control-engine-settings set application-control-engine-settings set application-control-engine-settings set application-control-engine-settings show application-control-engine-settings application-group add application-group delete application-group delete application-group delete application-group set application-group...
  • Page 9 Table of Contents show application-group show application-groups antispoofing set antispoofing show antispoofing backup settings show backup settings blade-update-schedule set blade-update-schedule set blade-update-schedule set blade-update-schedule set blade-update-schedule show blade-update-schedule show blade-update-schedule show blade-update-schedule bookmark add bookmark delete bookmark delete bookmark delete bookmark set bookmark show bookmark show bookmarks...
  • Page 10 Table of Contents show clock cloud-deployment set cloud-deployment show cloud-deployment cloud-notifications set cloud-notification show cloud-notifications send cloud-report cloud-services reconnect cloud-services set cloud-services set cloud-services set cloud-services show cloud-services show cloud-services connection-details cloud-services-firmware-upgrade set cloud-services-firmware-upgrade set cloud-services-firmware-upgrade set cloud-services-firmware-upgrade set cloud-services-firmware-upgrade show cloud-services-firmware-upgrade show cloud-services-firmware-upgrade show cloud-services-firmware-upgrade...
  • Page 11 Table of Contents cpstop cpwd_admin date set date set date set date set date set date show date show date show date show date show date restore default-settings dhcp-relay set dhcp-relay show dhcp-relay show dhcp servers dhcp server interface delete dhcp server interface set dhcp server interface set dhcp server interface set dhcp server interface...
  • Page 12 Table of Contents set dhcp server interface set dhcp server interface set dhcp server interface set dhcp server interface set dhcp server interface set dhcp server interface set dhcp server interface set dhcp server interface set dhcp server interface set dhcp server interface show dhcp server interface show dhcp server interface show dhcp server interface...
  • Page 13 Table of Contents show dsl statistics dynamic-dns set dynamic-dns set dynamic-dns set dynamic-dns show dynamic-dns show dynamic-dns show dynamic-dns dynamic objects exit set expert password fetch certificate fetch policy fw commands fw policy set fw policy set fw policy set fw policy set fw policy show fw policy show fw policy...
  • Page 14 Table of Contents delete group set group set group set group set group set group show group show groups host add host delete host set host show host show hosts hotspot set hotspot set hotspot set hotspot set hotspot set hotspot set hotspot show hotspot show hotspot...
  • Page 15 Table of Contents add interface add interface-alias delete interface set interface set interface set interface set interface set interface set interface set interface set interface set interface set interface set interface show interface show interfaces show interfaces all interface-alias add interface-alias delete interface-alias set interface-alias interface-bond...
  • Page 16 Table of Contents show internal-certificates ips engine-settings set ips engine-settings set ips engine-settings set ips engine-settings set ips engine-settings show ips engine-settings show ips engine-settings show ips engine-settings interface-loopback add interface-loopback delete interface-loopback internet add internet-connection interface cellular set internet set internet-connection {VALUE} type cellular show internet internet-connection...
  • Page 17 Table of Contents set internet-connection set internet-connection set internet-connection set internet-connection set internet-connection set internet-connection set internet-connection set internet-connection set internet-connection set internet-connection set internet-connection set internet-connection show internet-connection show internet-connection show internet-connection show internet-connections show internet-connections table internet-connection-bond delete internet-connection-bond set internet-connection-bond set internet-connection-bond set internet-connection-bond...
  • Page 18 Table of Contents set ipv6-state show ipv6-state license fetch license show license local-group add local-group delete local-group delete local-group delete local-group set local-group set local-group set local-group set local-group show local-group show local-groups set local-group users set local-group users set local-group users local-user add local-user delete local-user...
  • Page 19 Table of Contents show logs log-servers-configuration set log-servers-configuration show log-servers-configuration maas connect maas set maas show maas mac-filtering-list add mac-filtering-list delete mac-filtering-list show mac-filtering-list mac-filtering-settings set mac-filtering settings set mac-filtering-settings set mac-filtering settings set mac-filtering settings show mac-filtering-settings show mac-filtering-settings show mac-filtering-settings set mobile-settings set mobile-settings...
  • Page 20 Table of Contents show mobile-push-notification monitor-mode-network add monitor-mode-network delete monitor-mode-network set monitor-mode-network show monitor-mode-networks monitor-mode-configuration set monitor-mode-configuration show monitor-mode-configuration message set message show message show message show memory usage set nat set nat set nat set nat set nat set nat set nat set nat set nat...
  • Page 21 Table of Contents add nat-rule delete nat-rule set nat-rule show nat-rule show nat-rules show nat-manual-rules nat-rule position delete nat-rule position set nat-rule position netflow collector add netflow collector delete netflow collector set netflow collector show netflow collector show netflow collectors network add network delete network...
  • Page 22 Table of Contents set ntp show ntp show ntp active ntp server set ntp server set ntp server set ntp server show ntp servers periodic backup set periodic-backup show periodic-backup set property privacy settings set privacy-settings show privacy-settings proxy delete proxy set proxy set proxy set proxy...
  • Page 23 Table of Contents set qos delay-sensitive-service show qos delay-sensitive-services qos guarantee-bandwidth-selected-services set qos guarantee-bandwidth-selected-services set qos guarantee-bandwidth-selected-services set qos guarantee-bandwidth-selected-services show qos guarantee-bandwidth-selected-services qos-rule add qos-rule delete qos-rule delete qos-rule delete qos-rule set qos-rule set qos-rule set qos-rule show qos-rule show qos-rule show qos-rule show qos-rules...
  • Page 24 Table of Contents show remote-access users radius-auth reboot restore settings show restore settings log show revert log revert to factory defaults revert to saved image report-settings set report-settings set report-settings set report-settings show report-settings show rule hits show saved image update security-blades security-management connect security-management...
  • Page 25 Table of Contents delete server show server show servers service-details set device-details show device-details service-group add service-group delete service-group set service-group set service-group set service-group set service-group set service-group show service-group show service-groups service-icmp add service-icmp delete service-icmp set service-icmp show service-icmp add service-protocol service-protocol...
  • Page 26 Table of Contents show service-system-default Any_TCP set service-system-default Any_UDP show service-system-default Any_UDP set service-system-default CIFS show service-system-default CIFS set service-system-default Citrix show service-system-default Citrix set service-system-default Citrix firewall-settings show service-system-default Citrix firewall-settings set service-system-default DHCP show service-system-default DHCP set service-system-default DNS_TCP show service-system-default DNS_TCP set service-system-default DNS_UDP show service-system-default DNS_UDP...
  • Page 27 Table of Contents set service-system-default IIOP show service-system-default IIOP set service-system-default IMAP show service-system-default IMAP set service-system-default LDAP show service-system-default LDAP set service-system-default MGCP show service-system-default MGCP set service-system-default NetBIOSDatagram show service-system-default NetBIOSDatagram set service-system-default NetBIOSName show service-system-default NetBIOSName set service-system-default NetShow show service-system-default NetShow set service-system-default NNTP show service-system-default NNTP...
  • Page 28 Table of Contents show service-system-default SIP_TCP set service-system-default SIP_UDP show service-system-default SIP_UDP set service-system-default SMTP show service-system-default SMTP set service-system-default SNMP show service-system-default SNMP set service-system-default SNMP firewall-settings show service-system-default SNMP firewall-settings set service-system-default SQLNet show service-system-default SQLNet set service-system-default SSH show service-system-default SSH set service-system-default SSH ips-settings show service-system-default SSH ips-settings...
  • Page 29 Table of Contents set sic_init snmp add snmp add snmp add snmp delete snmp delete snmp delete snmp delete snmp set snmp set snmp set snmp set snmp set snmp set snmp show snmp show snmp show snmp show snmp show snmp show snmp show snmp-general-all...
  • Page 30 Table of Contents delete snmp user set snmp user show snmp user show snmp users delete snmp users show software version ssl-inspection advanced-settings set ssl-inspection advanced-settings show ssl-inspection advanced-settings ssl-inspection exception add ssl-inspection exception delete ssl-inspection exception delete ssl-inspection exception 1000 delete ssl-inspection exception set ssl-inspection exception...
  • Page 31 Table of Contents set streaming-engine-settings 1023 show streaming-engine-settings 1024 show streaming-engine-settings 1025 1026 show streaming-engine-settings 1027 switch 1028 add switch 1029 delete switch 1030 set switch 1031 set switch 1032 set switch 1033 show switch 1034 show switch 1035 show switch 1036 show switches syslog-server...
  • Page 32 Table of Contents threat-prevention anti-bot 1056 set threat-prevention anti-bot engine 1057 show threat-prevention anti-bot engine 1058 1059 set threat-prevention anti-bot policy 1060 set threat-prevention anti-bot policy 1061 set threat-prevention anti-bot policy 1062 show threat-prevention anti-bot policy 1063 show threat-prevention anti-bot policy 1064 show threat-prevention anti-bot policy 1065...
  • Page 33 Table of Contents show threat-prevention anti-virus user-check ask 1090 set threat-prevention anti-virus user-check block 1091 show threat-prevention anti-virus user-check block 1092 1093 threat-prevention exception 1094 add threat-prevention exception 1096 delete threat-prevention exception 1097 set threat-prevention exception 1099 show threat-prevention exception 1100 delete threat-prevention exceptions 1101...
  • Page 34 Table of Contents show threat-prevention ips protection-action-override 1128 threat-prevention-profile 1129 set threat-prevention policy 1129 1130 threat-prevention policy 1131 set threat-prevention policy 1132 show threat-prevention policy 1133 threat-prevention threat-emulation additional-remote-emulator 1134 add threat-prevention threat-emulation additional-remote-emulator 1135 delete threat-prevention threat-emulation additional-remote-emulator 1136 delete threat-prevention threat-emulation additional-remote-emulator 1137 delete threat-prevention threat-emulation additional-remote-emulator...
  • Page 35 Table of Contents show threat-prevention whitelist mails 1161 add threat-prevention whitelist type-file 1162 delete threat-prevention whitelist type-file 1163 1164 delete threat-prevention whitelist type-file 1165 delete threat-prevention whitelist type-file 1166 add threat-prevention whitelist type-url 1167 delete threat-prevention whitelist type-url 1168 delete threat-prevention whitelist type-url 1169 delete threat-prevention whitelist type-url 1170...
  • Page 36 Table of Contents set used-ad-group 1194 set used-ad-group 1195 user-awareness 1196 1197 set user-awareness 1198 set user-awareness 1199 set user-awareness 1200 set user-awareness 1201 set user-awareness browser-based-authentication 1202 set user-awareness browser-based-authentication 1204 set user-awareness browser-based-authentication 1205 set user-awareness browser-based-authentication 1206 set user-awareness browser-based-authentication 1207 show user-awareness...
  • Page 37 Table of Contents set vpn 1232 set vpn 1233 set vpn 1234 1235 set vpn 1236 set vpn 1237 set vpn 1238 set vpn 1239 set vpn 1240 set vpn 1241 set vpn 1242 set vpn 1243 set vpn 1244 set vpn 1245 set vpn...
  • Page 38 Table of Contents set vpn remote-access 1265 set vpn remote-access 1266 set vpn remote-access 1267 1268 set vpn remote-access 1269 set vpn remote-access 1270 set vpn remote-access 1271 set vpn remote-access 1272 set vpn remote-access 1273 set vpn remote-access 1274 set vpn remote-access 1275 set vpn remote-access...
  • Page 39 Table of Contents add vpn site 1299 delete vpn site 1306 delete vpn site 1307 1308 delete vpn site 1309 show vpn sites 1310 vpn site-to-site 1311 set vpn site-to-site 1312 set vpn site-to-site 1314 set vpn site-to-site 1315 set vpn site-to-site 1316 set vpn site-to-site 1317...
  • Page 40 Table of Contents set vpn site-to-site 1339 set vpn site-to-site 1340 set vpn site-to-site 1341 1342 set vpn site-to-site 1343 set vpn site-to-site 1344 set vpn site-to-site 1345 set vpn site-to-site 1346 set vpn site-to-site 1347 set vpn site-to-site 1348 shows vpn site-to-site 1349 show vpn site-to-site...
  • Page 41 Table of Contents set wlan 1372 set wlan 1373 set wlan 1374 1375 set wlan 1376 set wlan wireless advanced-settings protected-mgmt-frames 1377 show wlan 1378 show wlan 1379 show wlan 1380 wlan radio 1381 set wlan radio 1382 set wlan radio 1383 set wlan radio 1384...

  • Page 42: Introduction

    Introduction Introduction This guide contains all relevant CLI commands for the Small and Medium Business (SMB) 1500 appliance models: 1530 1550 1570 1590 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   42...

  • Page 43: Using Command Line Reference

    SFTP that is commonly used by winSCP is not supported. For more information, see sk52763 CLISH Auto-completion All CLISH commands support auto-completion. Standard Check Point and native Linux commands can be used from the CLISH shell but do not support auto-completion. These are examples of the different commands: CLISH - fetch,set , show Standard Check Point - cphaprob,..., fw, vpn...

  • Page 44: Cli Syntax

    CLI Syntax CLI Syntax The CLI commands are formatted according to these syntax rules. Notation Description Text without brackets Items you must type as shown <Text inside angle brackets> Placeholder for which you must supply a value [Text inside square brackets] Optional items Vertical pipe (|) Separator for mutually exclusive items;...

  • Page 45: Running Gaia Clish Commands From Expert Mode

    Running Gaia Clish Commands from Expert Mode Running Gaia Clish Commands from Expert Mode You can run Gaia Clish commands from Expert mode. Syntax clish [ -A -i { -c Cmd | -f File -v} -h -C ] Parameters Parameter Description Single command to execute -c Cmd...

  • Page 46: Supported Linux Commands

    Supported Linux Commands Supported Linux Commands These standard Linux commands are also supported by the Check Point Small and Medium Business Appliance CLI. netstat nslookup ping resize sleep tcpdump traceroute uptime SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   46...

  • Page 47: Access-Rule Type Outgoing

    access-rule type outgoing access-rule type outgoing Relevant commands for outgoing access rule SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   47...

  • Page 48: Add Access-Rule Type Outgoing

    add access-rule type outgoing add access-rule type outgoing Description Adds a new firewall access rule to the outgoing (clear) traffic Rule Base. Syntax add access-rule type outgoing [ action <action> ] [ log <log> ] [ source <source> ] [ source-negate <source-negate>] [ destination <destination>...
  • Page 49 add access-rule type outgoing Parameter Description hours-range- If true, time is configured enabled Type: Boolean (true/false) hours-range-from Time in the format HH:MM Type: A time format hh:mm hours-range-to Time in the format HH:MM Type: A time format hh:mm limit Applications traffic upload limit (in kbps) Type: A number with no fractional part (integer) limit-application- If true, download is limited...
  • Page 50 add access-rule type outgoing Example add access-rule type outgoing action block log none source TEXT source- negate true destination TEXT destination-negate true service TEXT service-negate true disabled true comment "This is a comment." hours- range-enabled true hours-range-from 23:20 hours-range-to 23:20 position 2 name word application-name hasOne application-negate true limit- application-download true limit 200 limit-application-upload true limit SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   50...

  • Page 51: Delete Access-Rule Type Outgoing

    delete access-rule type outgoing delete access-rule type outgoing Description Deletes an existing firewall access rule to the outgoing (clear) traffic Rule Base by rule position or rule name. Syntax delete access-rule type outgoing position <position> delete access-rule type outgoing name <name> Parameters Parameter Description...

  • Page 52: Set Access-Rule Type Outgoing

    set access-rule type outgoing set access-rule type outgoing Description Configures an existing firewall access rule to the outgoing (clear) traffic Rule Base by position or name. Syntax set access-rule type outgoing position <position> [ action <action> ] [ log <log>] [ source <source> ] [ source-negate <source-negate> ] [ destination <destination>...
  • Page 53 set access-rule type outgoing Parameter Description application- If true, the rule accepts or blocks all applications but the selected application negate Type: Boolean (true/false) comment Description of the rule Type: A string that contains less than 257 characters, of this set: 0-9, a-z or , . - : () destination Network object that is the target of the connection destination-...
  • Page 54 set access-rule type outgoing Parameter Description position-above The order of the rule in comparison to other manual rules Type: Decimal number position-below The order of the rule in comparison to other manual rules Type: Decimal number service The network service object that the rule should match to service-negate If true, the service is everything except what is defined in the service field Type: Boolean (true/false)

  • Page 55: Show Access-Rule Type Outgoing

    show access-rule type outgoing show access-rule type outgoing Description Shows a firewall access rule in the outgoing (clear) traffic Rule Base according to name or position. Syntax show access-rule type outgoing name <name> show access-rule type outgoing position <position> Parameters Parameter Description name...

  • Page 56: Access-Rule Type Incoming-Internal-And-Vpn

    access-rule type incoming-internal-and-vpn access-rule type incoming-internal- and-vpn Commands relevant for firewall access rule to the incoming/internal/VPN traffic Rule Base. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   56...

  • Page 57: Add Access-Rule Type Incoming-Internal-And-Vpn

    add access-rule type incoming-internal-and-vpn add access-rule type incoming-internal-and-vpn Description Adds a new firewall access rule to the incoming/internal/VPN traffic Rule Base. Syntax add access-rule type incoming-internal-and-vpn [ action <action> ] [ log <log> ] [ source <source> ] [ source-negate <source-negate> ] [ destination <destination>...
  • Page 58 add access-rule type incoming-internal-and-vpn Parameter Description Defines which logging method to use: None - do not log, Log - Create log, Alert - log with alert, Account - account rule Options: none, log, alert, account name name Type: A string of alphanumeric characters without space between them position The order of the rule in comparison to other manual rules Type: Decimal number...

  • Page 59: Delete Access-Rule Type Incoming-Internal-And-Vpn

    delete access-rule type incoming-internal-and-vpn delete access-rule type incoming-internal-and- Description Deletes an existing firewall access rule to the incoming/internal/VPN traffic Rule Base by rule name or rule position. Syntax delete access-rule type incoming-internal-and-vpn name <name> delete access-rule type incoming-internal-and-vpn position <position> Parameters Parameter Description...

  • Page 60: Set Access-Rule Type Incoming-Internal-And-Vpn

    set access-rule type incoming-internal-and-vpn set access-rule type incoming-internal-and-vpn Description Configures an existing firewall access rule to the incoming/internal/VPN traffic Rule Base by position or name. Syntax set access-rule type incoming-internal-and-vpn position <position> [ action <action>] [ log <log> ] [ source <source> ] [ source-negate <source-negate>...
  • Page 61 set access-rule type incoming-internal-and-vpn Parameter Description hours-range- If true, time is configured enabled Type: Boolean (true/false) hours-range- Time in the format HH:MM from Type: A time format hh:mm hour-range-to Time in the format HH:MM Type: A time format hh:mm Defines which logging method to use: None - do not log, Log - Create log, Alert - log with alert, Account - account rule Options: none, log, alert, account name...
  • Page 62 set access-rule type incoming-internal-and-vpn set access-rule type incoming-internal-and-vpn name word action block log none source TEXT source-negate true destination TEXT destination- negate true service TEXT service-negate true disabled true comment "This is a comment." hours-range-enabled true hours-range-from 23:20 hours-range-to 23:20 position 2 name word vpn true SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   62...

  • Page 63: Show Access-Rule Type Incoming-Internal-And-Vpn

    show access-rule type incoming-internal-and-vpn show access-rule type incoming-internal-and- Description Shows a firewall access rule in the incoming/internal/VPN traffic Rule Base according to position or name.. Syntax show access-rule type incoming-internal-and-vpn position <position> show access-rule type incoming-internal-and-vpn name <name> Parameters Parameter Description position The order of a manual rule in comparison to other manual rules...

  • Page 64: Additional-Hw-Settings

    additional-hw-settings additional-hw-settings Relevant commands for additional hardware settings. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   64...

  • Page 65: Set Additional-Hw-Settings

    set additional-hw-settings set additional-hw-settings Description Configures various hardware settings. Syntax set additional-hw-settings [ reset-timeout <reset-timeout> ] Parameters Parameter Description reset- Indicates the amount of time (in seconds) that you need to press and hold the factory timeout defaults button on the back panel to restore to the factory defaults image Type: A number with no fractional part (integer) Example set additional-hw-settings reset-timeout 15...

  • Page 66: Show Additional-Hw-Settings

    show additional-hw-settings show additional-hw-settings Description Shows advanced hardware related setings. Syntax show additional-hw-settings Parameters Parameter Description Example show additional-hw-settings SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   66...

  • Page 67: Additional-Management-Settings

    additional-management-settings additional-management-settings Commands relevant for additional management settings. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   67...

  • Page 68: Set Additional-Management-Settings

    set additional-management-settings set additional-management-settings Description Configure additional management settings. Syntax set additional-management-settings advanced-settings install-temporary- policy-to-storage <advanced-settings install-temporary-policy-to- storage> Parameters Parameter Description advanced-settings Indicates whether the temporary policy installation files will be saved to the storage partition install-temporary- policy- Type: Boolean (true/false) to-storage Example set additional-management-settings advanced-settings install-temporary-...

  • Page 69: Show Additional-Management-Settings

    show additional-management-settings show additional-management-settings Description Show the additional management settings that were configured. Syntax show additional-management-settings Parameters Parameter Description Example show additional-management-settings SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   69...

  • Page 70: Ad-Server

    ad-server ad-server Relevant commands for ad server SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   70...

  • Page 71: Add Ad-Server

    add ad-server add ad-server Description Adds a new Active Directory server object. Syntax add ad-server domain <domain> ipv4-address <ipv4-address> username <username> password <password> user-dn <user-dn> use-branch-path { true branch-path <branch-path> | false } When you fill the branch-path field, you can add multiple branches by chaining them into a single string with a semi-colon separator between them: branch1path;branch2path;branch3path Parameters Parameter...

  • Page 72: Delete Ad-Server

    delete ad-server delete ad-server Description Deletes an existing Active Directory server object. Syntax delete ad-server <domain> Parameters Parameter Description domain Domain name Type: Host name Example delete ad-server myHost.com SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   72...

  • Page 73: Set Ad-Server

    set ad-server set ad-server Description Configures an existing Active Directory server object. Syntax set ad-server <domain> [ ipv4-address <ipv4-address> ] [ username <username> ] [ password <password> ] [ user-dn <user-dn> ] [ use-branch-path { true [ branch-path <branch-path> ] | false } ] When you fill the branch-path field, you can add multiple branches by chaining them into a single string with a semi-colon separator between them: branch1path;branch2path;branch3path Parameters...

  • Page 74: Show Ad-Server

    show ad-server show ad-server Description Shows settings of a configured Active Directory server object. Syntax show ad-server <domain> Parameters Parameter Description domain Domain name Type: Host name Example show ad-server myHost.com SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   74...

  • Page 75: Show Ad-Servers

    show ad-servers show ad-servers Description Shows settings of all configured AD server objects. Syntax show ad-servers Parameters Parameter Description Example show ad-servers SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   75...

  • Page 76: Address-Range

    address-range address-range Relevant commands for address range. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   76...

  • Page 77: Add Address-Range

    add address-range add address-range Description Adds a new IP address range object. Syntax add address-range name <name> start-ipv4 <start-ipv4> end-ipv4 <end- ipv4> [ dhcp-exclude-ip-addr <dhcp-exclude-ip-addr> ] Parameters Parameter Description dhcp-exclude-ip-addr Indicates if the object's IP address(es) is excluded from internal DHCP daemon Options: on, off end-ipv4 The end of the IP range...

  • Page 78: Delete Address-Range

    delete address-range delete address-range Description Deletes an existing address range object. Syntax delete address-range <name> Parameters Parameter Description name Network Object name Type: String Example delete address-range TEXT SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   78...

  • Page 79: Set Address-Range

    set address-range set address-range Description Configures an existing IP address range object. Syntax set address-range <name> [ name <name> ] [ start-ipv4 <start-ipv4> ] [ end-ipv4 <end-ipv4> ] [ dhcp-exclude-ip-addr <dhcp-exclude-ip-addr> ] Parameters Parameter Description dhcp-exclude-ip-addr Indicates if the object's IP address(es) is excluded from internal DHCP daemon Options: on, off end-ipv4 The end of the IP range...

  • Page 80: Show Address-Range

    show address-range show address-range Description Shows settings of a configured IP address range object. Syntax show address-range <name> Parameters Parameter Description name Network Object name Type: String Example show address-range TEXT SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   80...

  • Page 81: Show Address-Ranges

    show address-ranges show address-ranges Description Shows settings of all configured IP address range objects. Syntax show address-ranges Parameters Parameter Description Example show address-ranges SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   81...

  • Page 82: Admin-Access

    admin-access admin-access Relevant commands for admin access. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   82...

  • Page 83: Add Admin Access

    add admin access add admin access Description Adds a specific IPv4 address or a network IPv4 address from which the administrator can remotely access the appliance. Syntax add admin-access-ipv4-address {single-ipv4-address|network-ipv4-address} <ip_addr> {subnet-mask <netmask>|mask-length <mask_length>} Parameters Parameter Description IPv4 address ip_addr mask_length Interface mask length, a value between 1 - 32 Interface IPv4 address subnet mask...

  • Page 84: Set Admin-Access

    set admin-access set admin-access Description Configures various parameters for administrator access to the device via web/SSH. Syntax set admin-access [ interfaces { Wireless access <access> | VPN access <access> | LAN access <access> | any access { allow | block } | WAN access <access>...

  • Page 85: Show Admin-Access

    show admin-access show admin-access Description Shows settings of administrator access configuration. Syntax show admin-access Parameters Parameter Description Example show admin-access SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   85...

  • Page 86: Admin-Access-Ip-Addresses

    admin-access-ip-addresses admin-access-ip-addresses Relevant commands for admin access IP addresses. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   86...

  • Page 87: Show Admin-Access-Ip-Addresses

    show admin-access-ip-addresses show admin-access-ip-addresses Description Show all the configured IP addresses that are permitted for administrator access to the appliance. Syntax show admin-access-ip-addresses Parameters Parameter Description Example show admin-access-ip-addresses SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   87...

  • Page 88: Delete Admin-Access-Ip-Address-All

    delete admin-access-ip-address-all delete admin-access-ip-address-all Description Delete all the reserved IP addresses for administrator access. Syntax delete admin-access-ip-address-all Parameters Parameter Description Example delete admin-access-ip-address-all SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   88...

  • Page 89: Admin-Access-Ipv4-Address

    admin-access-ipv4-address admin-access-ipv4-address Relevant commands for admin access IPv4 addresses. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   89...

  • Page 90: Add Admin-Access-Ipv4-Address

    add admin-access-ipv4-address add admin-access-ipv4-address Adds a specific IPv4 address or an IPv4 address network and mask from which the administrator can remotely access the appliance according to configuration. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   90...

  • Page 91: Add Admin-Access-Ipv4-Address

    add admin-access-ipv4-address add admin-access-ipv4-address Description Adds a specific IPv4 address from which the administrator can remotely access the appliance according to configuration. Syntax add admin-access-ipv4-address single-ipv4-address <single-ipv4-address> Parameters Parameter Description single-ipv4-address IP address Type: IP address Example add admin-access-ipv4-address single-ipv4-address 192.168.1.1 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   91...

  • Page 92: Add Admin-Access-Ipv4-Address

    add admin-access-ipv4-address add admin-access-ipv4-address Description Adds an IPv4 address network and mask from which the administrator can remotely access the appliance according to configuration. Syntax add admin-access-ipv4-address network-ipv4-address <network-ipv4- address>{ subnet-mask <subnet-mask> | [ mask-length <mask-length> ] } Parameters Parameter Description mask-length Subnet mask length...

  • Page 93: Delete Admin-Access-Ipv4-Address

    delete admin-access-ipv4-address delete admin-access-ipv4-address Description Deletes a specific IPv4 address or an IPv4 network and subnet from which the administrator can remotely access the appliance according to configuration. Syntax delete admin-access-ipv4-address <ipv4-address> Parameters Parameter Description ipv4-address IP address Type: IP address Example delete admin-access-ipv4-address 192.168.1.1 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   93...

  • Page 94: Show Admin-Access-Ipv4-Addresses

    show admin-access-ipv4-addresses show admin-access-ipv4-addresses Description Shows allowed IP addresses for admin access. Syntax show admin-access-ipv4-addresses Parameters Parameter Description Example show admin-access-ipv4-addresses SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   94...

  • Page 95: Delete Admin-Access-Ipv4-Address-All

    delete admin-access-ipv4-address-all delete admin-access-ipv4-address-all Description Deletes all configured IPv4 addresses from which the administrator can remotely access the appliance according to configuration. Syntax delete admin-access-ipv4-address-all Parameters Parameter Description Example delete admin-access-ipv4-address-all SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   95...

  • Page 96: Administrator

    administrator administrator Relevant commands for admininstrators. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   96...

  • Page 97: Add Administrator

    add administrator add administrator Description Adds a new user who can access the administration web portal and SSH. Syntax add administrator username <username> [ password-hash <password-hash> ] permission <permission> Parameters Parameter Description password-hash Virtual field used for calculating a hashed password Type: An encrypted password permission The administrator role and permissions...

  • Page 98: Delete Administrator

    delete administrator delete administrator Description Deletes an existing defined administrator. The system will not allow deletion of the last administrator. Syntax delete administrator username <username> Parameters Parameter Description username Indicates the administrator user name Type: A string that contains [A-Z], [0-9], and '_' characters Example delete administrator username admin SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   98...

  • Page 99: Set Administrator

    set administrator set administrator Configures an existing user with administrator privileges. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   99...

  • Page 100: Set Administrator

    set administrator set administrator Description Configures a new password for an existing administrator. You will be prompted to add a new password following this command (this command cannot be used in a script). Syntax set administrator username <username> password Parameters Parameter Description username...

  • Page 101: Set Administrator

    set administrator set administrator Description Configures an existing administrator's permission level and password (by hash). Syntax set administrator username <username> permission <permission> [ password-hash <password-hash> ] Parameters Parameter Description password-hash Virtual field used for calculating a hashed password Type: An encrypted password permission The administrator role and permissions Options: read-write, readonly, networking...

  • Page 102: Set Administrators

    set administrators set administrators Configure users with administrator privileges through a RADIUS server. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   102...

  • Page 103: Set Administrators

    set administrators set administrators Description Configures users with administrator privileges through a RADIUS server. Syntax set administrators radius-auth { true [ use-radius-groups { true radius-groups <radius-groups> | false } ] [ permission <permission> ] | false Parameters Parameter Description permission Administrators role Options: read-write, readonly, networking radius-auth...

  • Page 104: Show Administrator

    show administrator show administrator Description Shows settings of an existing user with administrator privileges. Syntax show administrator username <username> Parameters Parameter Description username Indicates the administrator user name Type: A string that contains [A-Z], [0-9], and '_' characters Example show administrator username admin SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   104...

  • Page 105: Show Administrators

    show administrators show administrators Shows settings of all users with administrator privileges. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   105...

  • Page 106: Show Administrators

    show administrators show administrators Description Shows settings of all users with administrator privileges. Syntax show administrators Parameters Parameter Description Example show administrators SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   106...

  • Page 107: Show Administrators

    show administrators show administrators Description Shows advanced settings of all users with administrator privileges. Syntax show administrators advanced-settings Parameters Parameter Description Example show administrators advanced-settings SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   107...

  • Page 108: Administrators Radius-Auth

    administrators radius-auth administrators radius-auth Relevant commands for administrator radius authentication. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   108...

  • Page 109: Set Administrators Radius-Auth

    set administrators radius-auth set administrators radius-auth Description Configure the administrator role on the RADIUS. Syntax set administrators radius-auth <enable/disable> use-radius-roles <true|false> Parameters Parameter Description Example set administrators radius-auth enable use-radius-roles true SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   109...

  • Page 110: Set Administrators Radius-Auth (Legacy Mode)

    set administrators radius-auth (legacy mode) set administrators radius-auth (legacy mode) Description Use the default role for all RADIUS users.text. Syntax set administrators radius-auth <enable/disable> use-radius-roles false permission <readonly/read-write/networking> [use-radius-groups <group_ name>] Parameters Parameter Description admin role Read Only Read-Write Networking group_name The name of the radius group Example...

  • Page 111: Show Administrators Radius-Auth

    show administrators radius-auth show administrators radius-auth Description Shows RADIUS related settings for users with administrator privileges. Syntax show administrators radius-auth Parameters Parameter Description Example show administrators radius-auth SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   111...

  • Page 112: Administrators Roles-Settings

    Customize administrators roles permissions roles Type: Boolean (true/false) roles-conf The configuration of administrator roles in base64 format. To get the right configuration, contact Check Point Support. Type: base64 Example set administrators roles-settings customize-roles true roles-conf base64 show administrators roles-settings Description Show settings for administrator roles.
  • Page 113 show administrators radius-auth Parameters Parameter Description Example show administrators roles-settings SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   113...

  • Page 114: Administrator Session-Settings

    administrator session-settings administrator session-settings Relevant commands for administrator session settings. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   114...

  • Page 115: Set Administrator Session-Settings

    set administrator session-settings set administrator session-settings Description Configures session settings for administrators. The settings are global for all administrators. Syntax set administrator session-settings [ lockout-enable <lockout-enable> ] [ max-lockout-attempts <max-lockout-attempts> ] [ lock-period <lock- period> ] [ inactivity-timeout <inactivity-timeout> ] [ password- complexity-level <password-complexity-level>...

  • Page 116: Show Administrator Session-Settings

    show administrator session-settings show administrator session-settings Description Shows session settings for users with administrator privileges. Syntax show administrator session-settings Parameters Parameter Description Example show administrator session-settings SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   116...

  • Page 117: Show Adsl Statistics

    show adsl statistics show adsl statistics Description Shows statistics regarding the DSL internet connection (applicable on appliance models with DSL). Syntax show adsl statistics Parameters Parameter Description Example show adsl statistics SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   117...

  • Page 118: Aggressive-Aging

    aggressive-aging aggressive-aging Relevant commands for aggressive aging. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   118...

  • Page 119: Set Aggressive-Aging

    set aggressive-aging set aggressive-aging Configures aggressive aging feature's behavior. Aggressive Aging is designed to optimize how the device is dealing with a large connection number by aggressively reducing the timeout of existing connections when necessary. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   119...

  • Page 120: Set Aggressive-Aging

    set aggressive-aging set aggressive-aging Description Configures aggressive aging default reduced timeouts. Syntax set aggressive-aging [ icmp-timeout <icmp-timeout> ] [ icmp-timeout- enable <icmp-timeout-enable> ] [ other-timeout <other-timeout> ] [ other-timeout-enable <other-timeout-enable> ] [ pending-timeout <pending-timeout> ] [ pending-timeout-enable <pending-timeout-enable> ] [ tcp-end-timeout <tcp-end-timeout> ] [ tcp-end-timeout-enable <tcp- end-timeout-enable>...
  • Page 121 set aggressive-aging Parameter Description other-timeout Other IP protocols reduced timeout Type: A number with no fractional part (integer) other-timeout-enable Enable reduced timeout for non TCP/UDP/ICMP connections Type: Boolean (true/false) pending-timeout Pending Data connections reduced timeout Type: A number with no fractional part (integer) pending-timeout- enable Enable reduced timeout for non TCP/UDP/ICMP connections Type: Boolean (true/false)
  • Page 122 set aggressive-aging Example set aggressive-aging icmp-timeout 30 icmp-timeout-enable true other- timeout 30 other-timeout-enable true pending-timeout 30 pending- timeout-enable true tcp-end-timeout 3600 tcp-end-timeout-enable true tcp-start-timeout 3600 tcp-start-timeout-enable true tcp-timeout 3600 tcp-timeout-enable true udp-timeout 3600 udp-timeout-enable true general true log log connt-limit-high-watermark-pct 80 connt-mem-high- watermark-pct 80 memory-conn-status both SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   122...

  • Page 123: Set Aggressive-Aging

    set aggressive-aging set aggressive-aging Description Configures aggressive aging advanced settings. Syntax set aggressive-aging advanced-settings connections [ other-timeout- enable <other-timeout-enable> ] [ connt-limit-high-watermark-pct <connt-limit-high-watermark-pct> ] [ tcp-start-timeout-enable <tcp- start-timeout-enable> ] [ icmp-timeout-enable <icmp-timeout-enable> ] [ general <general> ] [ tcp-timeout-enable <tcp-timeout-enable> ] [ tcp- timeout <tcp-timeout>...

  • Page 124: Show Aggressive-Aging

    show aggressive-aging show aggressive-aging Shows aggressive aging settings. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   124...

  • Page 125: Show Aggressive-Aging

    show aggressive-aging show aggressive-aging Description Shows aggressive aging settings. Syntax show aggressive-aging Parameters Parameter Description Example show aggressive-aging SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   125...

  • Page 126: Show Aggressive-Aging

    show aggressive-aging show aggressive-aging Description Shows aggressive aging advanced settings. Syntax show aggressive-aging advanced-settings Parameters Parameter Description Example show aggressive-aging advanced-settings SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   126...

  • Page 127: Antispam

    antispam antispam Relevant commands for Anti-Spam Software Blade and settings. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   127...

  • Page 128: Set Antispam

    set antispam set antispam Configures policy for Anti-Spam blade. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   128...

  • Page 129: Set Antispam

    set antispam set antispam Description Configures the policy for Anti-Spam blade. Syntax set antispam [ mode <mode> ] [ detection-method <detection-method> ] [ log <log> ] [ action-spam-email-content <action-spam-email-content> ] [ flag-subject-stamp <flag-subject-stamp> ] [ detect-mode <detect-mode> ] [ specify-suspected-spam-settings { true [ suspected-spam-log <suspected-spam-log>...
  • Page 130 set antispam Parameter Description mode Anti-Spam blade mode: on, off Options: on, off specify-suspected- spam- Handle suspected spam emails differently from spam emails settings Type: Boolean (true/false) suspected-spam-log Tracking options for suspected spam emails: log, alert or none Options: none, log, alert Example set antispam mode on detection-method email-content log none action- spam-email-content block flag-subject-stamp several words detect-mode...

  • Page 131: Set Antispam

    set antispam set antispam Description Configures advanced setting for the Anti-Spam blade. Syntax set antispam advanced-settings ip-rep-fail-open <ip-rep-fail-open> Parameters Parameter Description Example set antispam advanced-settings ip-rep-fail-open true SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   131...

  • Page 132: Set Antispam

    set antispam set antispam Description Configures advanced setting for the Anti-Spam blade. Syntax set antispam advanced-settings email-size-scan <email-size-scan> Parameters Parameter Description Example set antispam advanced-settings email-size-scan 1024 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   132...

  • Page 133: Set Antispam

    set antispam set antispam Description Configures advanced setting for the Anti-Spam blade. Syntax set antispam advanced-settings scan-outgoing <scan-outgoing> Parameters Parameter Description Example set antispam advanced-settings scan-outgoing true SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   133...

  • Page 134: Set Antispam

    set antispam set antispam Description Configures advanced setting for the Anti-Spam blade. Syntax set antispam advanced-settings spam-engine-timeout <spam-engine- timeout> Parameters Parameter Description Example set antispam advanced-settings spam-engine-timeout 15 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   134...

  • Page 135: Set Antispam

    set antispam set antispam Description Configures advanced setting for the Anti-Spam blade. Syntax set antispam advanced-settings allow-mail-track <allow-mail-track> Parameters Parameter Description Example set antispam advanced-settings allow-mail-track none SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   135...

  • Page 136: Set Antispam

    set antispam set antispam Description Configures advanced setting for the Anti-Spam blade. Syntax set antispam advanced-settings transparent-proxy <transparent-proxy> Parameters Parameter Description Example set antispam advanced-settings transparent-proxy true SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   136...

  • Page 137: Set Antispam

    set antispam set antispam Description Configures advanced setting for the Anti-Spam blade. Syntax set antispam advanced-settings ip-rep-timeout <ip-rep-timeout> Parameters Parameter Description Example set antispam advanced-settings ip-rep-timeout 15 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   137...

  • Page 138: Set Antispam

    set antispam set antispam Description Configures advanced setting for the Anti-Spam blade. Syntax set antispam advanced-settings spam-engine-all-mail-track <spam-engine-all-mail-track> Parameters Parameter Description Example set antispam advanced-settings spam-engine-all-mail-track none SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   138...

  • Page 139: Show Antispam

    show antispam show antispam Shows the configured policy for the Anti-Spam blade. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   139...

  • Page 140: Show Antispam

    show antispam show antispam Description Shows the configured policy for the Anti-Spam blade. Syntax show antispam Parameters Parameter Description Example show antispam SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   140...

  • Page 141: Show Antispam

    show antispam show antispam Description Shows the advanced settings in the configured policy for the Anti-Spam blade. Syntax show antispam advanced-settings Parameters Parameter Description Example show antispam advanced-settings SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   141...

  • Page 142: Antispam Allowed-Sender

    antispam allowed-sender antispam allowed-sender SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   142...

  • Page 143: Add Antispam Allowed-Sender

    add antispam allowed-sender add antispam allowed-sender Adds a new Anti-Spam "allow" exception. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   143...

  • Page 144: Add Antispam Allowed-Sender

    add antispam allowed-sender add antispam allowed-sender Description Adds a new Anti-Spam "allow" exception for a specific IP address. Syntax add antispam allowed-sender ipv4-addr <ipv4-addr> Parameters Parameter Description ipv4-addr Anti-Spam allowed IP address Type: IP address Example add antispam allowed-sender ipv4-addr 192.168.1.1 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   144...

  • Page 145: Add Antispam Allowed-Sender

    add antispam allowed-sender add antispam allowed-sender Description Adds a new Anti-Spam "allow" exception for a sender email or domain. Syntax add antispam allowed-sender sender-or-domain <sender-or-domain> Parameters Parameter Description sender-or-domain Anti-Spam allowed domain or sender Type: A domain or email address Example add antispam allowed-sender sender-or-domain myEmail@mail.com SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   145...

  • Page 146: Delete Antispam Allowed-Sender

    delete antispam allowed-sender delete antispam allowed-sender Deletes an existing Anti-Spam "allow" exception. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   146...

  • Page 147: Delete Antispam Allowed-Sender

    delete antispam allowed-sender delete antispam allowed-sender Description Deletes all existing Anti-Spam "allow" exceptions. Syntax delete antispam allowed-sender all Parameters Parameter Description Example delete antispam allowed-sender all SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   147...

  • Page 148: Delete Antispam Allowed-Sender

    delete antispam allowed-sender delete antispam allowed-sender Description Deletes an existing Anti-Spam "allow" exception for sender's email or domain. Syntax delete antispam allowed-sender sender-or-domain <sender-or-domain> Parameters Parameter Description sender-or-domain Anti-Spam allowed domain or sender Type: A domain name or email address Example delete antispam allowed-sender sender-or-domain myEmail@mail.com SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   148...

  • Page 149: Delete Antispam Allowed-Sender

    delete antispam allowed-sender delete antispam allowed-sender Description Deletes an existing Anti-Spam "allow" exception for a specific IPv4 address. Syntax delete antispam allowed-sender ipv4-addr <ipv4-addr> Parameters Parameter Description ipv4-addr Anti-Spam allowed IP address Type: IP address Example delete antispam allowed-sender ipv4-addr 192.168.1.1 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   149...

  • Page 150: Show Antispam Allowed-Senders

    show antispam allowed-senders show antispam allowed-senders Description Shows the "allowed" exceptions for the Anti-Spam blade. Syntax show antispam allowed-senders Parameters Parameter Description Example show antispam allowed-senders SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   150...

  • Page 151: Antispam Blocked-Sender

    antispam blocked-sender antispam blocked-sender SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   151...

  • Page 152: Add Antispam Blocked-Sender

    add antispam blocked-sender add antispam blocked-sender Adds a new Anti-Spam "block" exception. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   152...

  • Page 153: Add Antispam Blocked-Sender

    add antispam blocked-sender add antispam blocked-sender Description Adds a new Anti-Spam "block" exception for a specific IP address. Syntax add antispam blocked-sender ipv4-addr <ipv4-addr> Parameters Parameter Description ipv4-addr Anti-Spam blocked IP address Type: IP address Example add antispam blocked-sender ipv4-addr 192.168.1.1 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   153...

  • Page 154: Add Antispam Blocked-Sender

    add antispam blocked-sender add antispam blocked-sender Description Adds a new Anti-Spam "block" exception for a sender email or domain. Syntax add antispam blocked-sender sender-or-domain <sender-or-domain> Parameters Parameter Description sender-or-domain Anti-Spam blocked domain or sender Type: A domain name or email address Example add antispam blocked-sender sender-or-domain myEmail@mail.com SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   154...

  • Page 155: Delete Antispam Blocked-Sender

    delete antispam blocked-sender delete antispam blocked-sender Deletes an existing Anti-Spam "block" exception. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   155...

  • Page 156: Delete Antispam Blocked-Sender

    delete antispam blocked-sender delete antispam blocked-sender Description Deletes all existing Anti-Spam "block" exceptions. Syntax delete antispam blocked-sender all Parameters Parameter Description Example delete antispam blocked-sender all SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   156...

  • Page 157: Delete Antispam Blocked-Sender

    delete antispam blocked-sender delete antispam blocked-sender Description Deletes an existing Anti-Spam "block" exception for sender's email or domain. Syntax delete antispam blocked-sender sender-or-domain <sender-or-domain> Parameters Parameter Description sender-or-domain Anti-Spam blocked domain or sender Type: A domain name or email address Example delete antispam blocked-sender sender-or-domain myEmail@mail.com SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   157...

  • Page 158: Delete Antispam Blocked-Sender

    delete antispam blocked-sender delete antispam blocked-sender Description Deletes an existing Anti-Spam "block" exception for a specific IPv4 address. Syntax delete antispam blocked-sender ipv4-addr <ipv4-addr> Parameters Parameter Description ipv4-addr Anti-Spam blocked IP address Type: IP address Example delete antispam blocked-sender ipv4-addr 192.168.1.1 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   158...

  • Page 159: Show Antispam Blocked-Senders

    show antispam blocked-senders show antispam blocked-senders Description Shows the "blocked" exceptions for the Anti-Spam blade. Syntax show antispam blocked-senders Parameters Parameter Description Example show antispam blocked-senders SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   159...

  • Page 160: Application

    application application Relevant commands for application. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   160...

  • Page 161: Add Application

    add application add application Adds a new custom application object (string or regular expression signature over URL). SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   161...

  • Page 162: Add Application

    add application add application Description Adds a new custom application object (string or regular expression signature over URL). Syntax add application application-name <application-name> category <category> [ regex-url <regex-url> ] application-url <application-url> Parameters Parameter Description application-name Application name Type: URL application-url Contains the URLs related to this application category The primary category for the application (the category which is the most relevant)

  • Page 163: Add Application

    add application add application Description Simplified method for adding a new custom application object (string over URL) Syntax <application-url> add application-url Parameters Parameter Description application-url Application URL Example add application-url http://somehost.example.com SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   163...

  • Page 164: Delete Application

    delete application delete application Deletes an existing custom application object (string or regular expression signature over URL). SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   164...

  • Page 165: Delete Application

    delete application delete application Description Deletes an existing custom application object by application ID. Syntax delete application application-id <application-id> Parameters Parameter Description application-id The ID of the application Type: A number with no fractional part (integer) Example delete application application-id 1000000 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   165...

  • Page 166: Delete Application

    delete application delete application Description Deletes an existing custom application object by application name. Syntax delete application application-name <application-name> Parameters Parameter Description application-name Application name Type: URL Example delete application application-name http://somehost.example.com SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   166...

  • Page 167: Find Application

    find application find application Description Find an application by name (or partial string) to view further details regarding it. Syntax find application <application-name> Parameters Parameter Description application-name Application or group name Type: String Example find application TEXT SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   167...

  • Page 168: Set Application

    set application set application Configures an existing custom application object. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   168...

  • Page 169: Set Application

    set application set application Description Adds a URL to an existing custom application object by name. Syntax set application application-name <application-name> add url <url> Parameters Parameter Description application-name Application name Type: URL Application URL Example set application application-name http://somehost.example.com add url http://somehost.example.com SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   169...

  • Page 170: Set Application

    set application set application Description Removes a URL from an existing custom application object by name. Syntax set application application-name <application-name>remove url <url> Parameters Parameter Description application-name Application name Type: URL Application URL Example set application application-name http://somehost.example.com remove url http://somehost.example.com SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   170...

  • Page 171: Set Application

    set application set application Description Adds a URL to an existing custom application object by ID. Syntax set application application-id <application-id> add url <url> Parameters Parameter Description application-id The ID of the application Type: A number with no fractional part (integer) Application URL Example set application application-id 12345678 add url...

  • Page 172: Set Application

    set application set application Description Removes a URL from an existing custom application object by ID. Syntax set application application-id <application-id> remove url <url> Parameters Parameter Description application-id The ID of the application Type: A number with no fractional part (integer) Application URL Example set application application-id 12345678 remove url...

  • Page 173: Set Application

    set application set application Description Adds a category to an existing custom application object by name. Syntax set application application-name <application-name> add category <category> Parameters Parameter Description application-name Application name Type: URL category Category name Example set application application-name http://somehost.example.com add category TEXT SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   173...

  • Page 174: Set Application

    set application set application Description Removes a category from an existing custom application object by name. Syntax set application application-name <application-name> remove category <category> Parameters Parameter Description application-name Application name Type: URL category Category name Example set application application-name http://somehost.example.com remove category TEXT SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   174...

  • Page 175: Set Application

    set application set application Description Adds a category to an existing custom application object by ID. Syntax set application application-id <application-id> add category <category> Parameters Parameter Description application-id The ID of the application Type: A number with no fractional part (integer) category Category name Example...

  • Page 176: Set Application

    set application set application Description Removes a category from an existing custom application object by ID. Syntax set application application-id <application-id> remove category <category> Parameters Parameter Description application-id The ID of the application Type: A number with no fractional part (integer) category Category name Example...

  • Page 177: Set Application

    set application set application Description Configures an existing custom application by ID. Syntax set application application-id <application-id> [ category <category> ] [ regex-url <regex-url> ] Parameters Parameter Description application-id The ID of the application Type: A number with no fractional part (integer) category The primary category for the application (the category which is the most relevant) regex-url...

  • Page 178: Set Application

    set application set application Description Configures an existing custom application by name. Syntax set application application-name <application-name> [ category <category> ] [ regex-url <regex-url>] Parameters Parameter Description application-name Application name Type: URL category The primary category for the application (the category which is the most relevant) regex-url Indicates if regular expressions are used instead of partial strings Type: Boolean (true/false)

  • Page 179: Show Application

    show application show application Shows details for a specific application in the Application Control database. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   179...

  • Page 180: Show Application

    show application show application Description Shows details for a specific application in the Application Control database by application name. Syntax show application application-name <application-name> Parameters Parameter Description application-name Application or group name Type: String Example show application application-name TEXT SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   180...

  • Page 181: Show Application

    show application show application Description Shows details for a specific application in the Application Control database by application ID. Syntax show application application-id <application-id> Parameters Parameter Description application-id The ID of the application or the group Type: A number with no fractional part (integer) Example show application application-id 12345678 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   181...

  • Page 182: Show Applications

    show applications show applications Description Shows details of all applications. Syntax show applications Parameters Parameter Description Example show applications SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   182...

  • Page 183: Application-Control

    application-control application-control SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   183...

  • Page 184: Set Application-Control

    set application-control set application-control Description Configures the default policy for the Application Control and URL filtering blades. Syntax set application-control [ mode <mode>] [ url-flitering-only <url- flitering-only>] [ block-security-categories <block-security- categories>] [ block-inappropriate-content <block-inappropriate- content> ] [ block-other-undesired-applications <block-other-undesired- applications> ] [ block-file-sharing-applications <block-file-sharing- applications>...
  • Page 185 set application-control Parameter Description mode Applications & URLs mode - true for on, false for off Type: Boolean (true/false) set-limit The limit, in kbps, for downloading Type: A number with no fractional part (integer) url-flitering-only Indicates if enable URL Filtering and detection only mode is enabled Type: Boolean (true/false) Example set application-control mode true url-flitering-only true block-...

  • Page 186: Show Application-Control

    show application-control show application-control Description Shows the configured policy for the Application Control blade Syntax show application-control Parameters Parameter Description Example show application-control SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   186...

  • Page 187: Show Application-Control Other-Undesired-Applications

    show application-control other-undesired-applications show application-control other-undesired- applications Description Shows the content of the custom "Other Undesired Applications" group. This group can be chosen to be blocked by default by the Application Control policy. Syntax show application-control other-undesired-applications Parameters Parameter Description Example show application-control other-undesired-applications SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   187...

  • Page 188: Application-Control-Engine-Settings

    application-control-engine-settings application-control-engine-settings SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   188...

  • Page 189: Set Application-Control-Engine-Settings

    set application-control-engine-settings set application-control-engine-settings Configures Application Control blade's advanced engine settings. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   189...

  • Page 190: Set Application-Control-Engine-Settings

    set application-control-engine-settings set application-control-engine-settings Description Configures Application Control blade's advanced engine settings. Syntax set application-control-engine-settings advanced-settings fail-mode <fail-mode> Parameters Parameter Description Example set application-control-engine-settings advanced-settings fail-mode allow-all-requests SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   190...

  • Page 191: Set Application-Control-Engine-Settings

    set application-control-engine-settings set application-control-engine-settings Description Configures Application Control blade's advanced engine settings. Syntax set application-control-engine-settings advanced-settings block- requests-when-web-service-unavailable <block-requests-when-web-service- unavailable> Parameters Parameter Description Example set application-control-engine-settings advanced-settings block- requests-when-web-service-unavailable true SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   191...

  • Page 192: Set Application-Control-Engine-Settings

    set application-control-engine-settings set application-control-engine-settings Description Configures Application Control blade's advanced engine settings. Syntax set application-control-engine-settings advanced-settings enforce-safe- search <enforce-safe-search> Parameters Parameter Description Example set application-control-engine-settings advanced-settings enforce-safe- search true SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   192...

  • Page 193: Set Application-Control-Engine-Settings

    set application-control-engine-settings set application-control-engine-settings Description Configures Application Control blade's advanced engine settings. Syntax set application-control-engine-settings advanced-settings web-site- categorization-mode <web-site-categorization-mode> Parameters Parameter Description Example set application-control-engine-settings advanced-settings web-site- categorization-mode background SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   193...

  • Page 194: Set Application-Control-Engine-Settings

    set application-control-engine-settings set application-control-engine-settings Description Configures Application Control blade's advanced engine settings. Syntax set application-control-engine-settings advanced-settings track-browse- time <track-browse-time> Parameters Parameter Description Example set application-control-engine-settings advanced-settings track-browse- time true SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   194...

  • Page 195: Set Application-Control-Engine-Settings

    set application-control-engine-settings set application-control-engine-settings Description Configures Application Control blade's advanced engine settings. Syntax set application-control-engine-settings advanced-settings http- referrer-identification <http-referrer-identification> Parameters Parameter Description Example set application-control-engine-settings advanced-settings http- referrer-identification true SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   195...

  • Page 196: Set Application-Control-Engine-Settings

    set application-control-engine-settings set application-control-engine-settings Description Configures Application Control blade's advanced engine settings. Syntax set application-control-engine-settings advanced-settings categorize- cached-and-translated-pages <categorize-cached-and-translated-pages> Parameters Parameter Description Example set application-control-engine-settings advanced-settings categorize- cached-and-translated-pages true SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   196...

  • Page 197: Show Application-Control-Engine-Settings

    show application-control-engine-settings show application-control-engine-settings Description Shows advanced settings of the Application Control blade. Syntax show application-control-engine-settings advanced-settings Parameters Parameter Description Example show application-control-engine-settings advanced-settings SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   197...

  • Page 198: Application-Group

    application-group application-group SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   198...

  • Page 199: Add Application-Group

    add application-group add application-group Description Adds a new group object for applications. Syntax add application-group name <name> Parameters Parameter Description name Application group name Type: A string that begins with a letter and contain up to 32 alphanumeric (0-9, a-z, _ - . &) characters without spaces Example add application-group name users...

  • Page 200: Delete Application-Group

    delete application-group delete application-group Deletes an existing group object of applications. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   200...

  • Page 201: Delete Application-Group

    delete application-group delete application-group Description Deletes an existing group object of applications by group object name. Syntax delete application-group name <name> Parameters Parameter Description name Application group name Type: A string that begins with a letter and contain up to 32 alphanumeric (0-9, a-z, _ - . &) characters without spaces Example delete application-group name users...

  • Page 202: Delete Application-Group

    delete application-group delete application-group Description Deletes an existing group object of applications by group object ID. Syntax delete application-group application-group-id <application-group-id> Parameters Parameter Description application-group-id The ID of the application group Type: A number with no fractional part (integer) Example delete application-group application-group-id 12345678 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   202...

  • Page 203: Set Application-Group

    set application-group set application-group Configures an existing application group object. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   203...

  • Page 204: Set Application-Group

    set application-group set application-group Description Adds an application to an existing application group object by application's name. Syntax set application-group name <name> add application-name <application- name> Parameters Parameter Description application- Application or group name name name Application group name Type: A string that begins with a letter and contain up to 32 alphanumeric (0-9, a-z, _ - . &) characters without spaces Example set application-group name users add application-name hasMany...

  • Page 205: Set Application-Group

    set application-group set application-group Description Removes an application from an existing application group object by application's name. Syntax set application-group name <name> remove application-name <application- name> Parameters Parameter Description application- Application or group name name name Application group name Type: A string that begins with a letter and contain up to 32 alphanumeric (0-9, a-z, _ - . &) characters without spaces Example set application-group name users remove application-name hasMany...

  • Page 206: Set Application-Group

    set application-group set application-group Description Adds an application to an existing application group object by application's ID. Syntax set application-group name <name> add application-id <application-id> Parameters Parameter Description application- The ID of the application or the group name Application group name Type: A string that begins with a letter and contain up to 32 alphanumeric (0-9, a-z, _ - .

  • Page 207: Set Application-Group

    set application-group set application-group Description Removes an application from an existing application group object by application's ID. Syntax set application-group name <name> remove application-id <application- id> Parameters Parameter Description application- The ID of the application or the group name Application group name Type: A string that begins with a letter and contain up to 32 alphanumeric (0-9, a-z, _ - .

  • Page 208: Set Application-Group

    set application-group set application-group Description Adds an application to an existing application group object by application's name using group object's ID. Syntax set application-group application-group-id <application-group-id> add application-name <application-name> Parameters Parameter Description application-group-id The ID of the application group Type: A number with no fractional part (integer) application-name Application or group name Example...

  • Page 209: Set Application-Group

    set application-group set application-group Description Removes an application from an existing application group object by application's name using group object's ID. Syntax set application-group application-group-id <application-group-id> remove application-name <application-name> Parameters Parameter Description application-group-id The ID of the application group Type: A number with no fractional part (integer) application-name Application or group name Example...

  • Page 210: Set Application-Group

    set application-group set application-group Description Adds an application to an existing application group object by application's ID using group object's ID. Syntax set application-group application-group-id <application-group-id> add application-id <application-id> Parameters Parameter Description application-group-id The ID of the application group Type: A number with no fractional part (integer) application-id The ID of the application or the group Example...

  • Page 211: Set Application-Group

    set application-group set application-group Description Removes an application from an existing application group object by application's ID using group object's Syntax set application-group application-group-id <application-group-id> remove application-id <application-id> Parameters Parameter Description application-group-id The ID of the application group Type: A number with no fractional part (integer) application-id The ID of the application or the group Example...

  • Page 212: Show Application-Group

    show application-group show application-group shows the configuration of the Application group objects. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   212...

  • Page 213: Show Application-Group

    show application-group show application-group Description Shows the configuration of a specific application group object by ID. Syntax show application-group application-group-id <application-group-id> Parameters Parameter Description application-group-id The ID of the application group Type: A number with no fractional part (integer) Example show application-group application-group-id 12345678 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   213...

  • Page 214: Show Application-Group

    show application-group show application-group Description Shows the configuration of a specific application group object by name. Syntax show application-group name <name> Parameters Parameter Description name Application group name Type: A string that begins with a letter and contain up to 32 alphanumeric (0-9, a-z, _ - . &) characters without spaces Example show application-group name users...

  • Page 215: Show Application-Groups

    show application-groups show application-groups Description Shows the configuration of all specific application group objects. Syntax show application-groups Parameters Parameter Description Example show application-groups SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   215...

  • Page 216: Antispoofing

    antispoofing antispoofing SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   216...

  • Page 217: Set Antispoofing

    set antispoofing set antispoofing Description Configures the activation of the IP address Anti-Spoofing feature. Syntax set antispoofing advanced-settings global-activation <global- activation> Parameters Parameter Description Example set antispoofing advanced-settings global-activation true SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   217...

  • Page 218: Show Antispoofing

    show antispoofing show antispoofing Description Shows the configuration for IP addresses Anti-Spoofing functionality. Syntax show antispoofing advanced-settings Parameters Parameter Description Example show antispoofing advanced-settings SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   218...

  • Page 219: Backup Settings

    backup settings backup settings Description Creates a backup file that contains the current settings for the appliance and saves them to a file. The file is saved to either a USB device or TFTP server. You can use these options when the backup file is created: Specific file name (The default file name contains the current image and a date and time stamp) Password encryption Backup policies...

  • Page 220: Show Backup Settings

    show backup settings show backup settings Description Shows previous backup information of the appliance's settings. show backup-settings-log shows the log file of previous backup settings operations. Syntax show backup-settings-{log|info {from tftp server <server> filename <file>|from usb filename <file>}} Parameters Parameter Description IP address or host name of the TFTP server server...

  • Page 221: Blade-Update-Schedule

    blade-update-schedule blade-update-schedule SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   221...

  • Page 222: Set Blade-Update-Schedule

    set blade-update-schedule set blade-update-schedule Configures schedule for Software Blade updates. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   222...

  • Page 223: Set Blade-Update-Schedule

    set blade-update-schedule set blade-update-schedule Description Configures schedule forSoftware Blades updates. Syntax set blade-update-schedule [ schedule-ips <schedule-ips> ] [ schedule- anti-bot <schedule-anti-bot> ] [ schedule-anti-virus <schedule-anti- virus> ] [ schedule-appi <schedule-appi> ] [ recurrence { daily time <time>| weekly day-of-week <day-of-week>time <time>...
  • Page 224 set blade-update-schedule Parameter Description time The hour of the update (Format: HH:MM in 24 hour clock) Type: A time format hh:mm Example set blade-update-schedule schedule-ips true schedule-anti-bot true schedule-anti-virus true schedule-appi true recurrence daily time 23:20 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   224...

  • Page 225: Set Blade-Update-Schedule

    set blade-update-schedule set blade-update-schedule Description Configures advanced settings for Software Blade updates. Syntax set blade-update-schedule advanced-settings max-num-of-retries <max- num-of-retries> Parameters Parameter Description Example set blade-update-schedule advanced-settings max-num-of-retries 10 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   225...

  • Page 226: Set Blade-Update-Schedule

    set blade-update-schedule set blade-update-schedule Description Configures advanced settings for Software Blade updates. Syntax set blade-update-schedule advanced-settings timeout-until-retry <timeout-until-retry> Parameters Parameter Description Example set blade-update-schedule advanced-settings timeout-until-retry 10 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   226...

  • Page 227: Show Blade-Update-Schedule

    show blade-update-schedule show blade-update-schedule Shows the configuration of Software Blade updates schedule. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   227...

  • Page 228: Show Blade-Update-Schedule

    show blade-update-schedule show blade-update-schedule Description Shows the configuration of Software Blade updates schedule Syntax show blade-update-schedule Parameters Parameter Description Example show blade-update-schedule SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   228...

  • Page 229: Show Blade-Update-Schedule

    show blade-update-schedule show blade-update-schedule Description Shows advanced settings of Software Blade updates schedule. Syntax show blade-update-schedule advanced-settings Parameters Parameter Description Example show blade-update-schedule advanced-settings SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   229...

  • Page 230: Bookmark

    bookmark bookmark SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   230...

  • Page 231: Add Bookmark

    add bookmark add bookmark Description Adds a new bookmark link that will appear for VPN remote access users in the SNX VPN remote access landing page. Syntax add bookmark label <label> url <url> [ tooltip <tooltip> ] [ type <type> ] [ is-global <is-global> ] [ user-name <user-name> ] [ password <password>...
  • Page 232 add bookmark Example add bookmark label myLabel url http://www.checkpoint.com/ tooltip "This is a comment." type link is-global true user-name admin password a(&7Ba screen-width 1920 screen-height 1080 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   232...

  • Page 233: Delete Bookmark

    delete bookmark delete bookmark Deletes an existing bookmark link that appears in the SNX VPN remote access landing page. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   233...

  • Page 234: Delete Bookmark

    delete bookmark delete bookmark Description Deletes an existing bookmark link by label. Syntax delete bookmark label <label> Parameters Parameter Description label Text for the bookmark in the SSL Network Extender portal Type: A string that contains less than 257 characters, of this set: 0-9, a-z or , . - : () @ Example delete bookmark label myLabel SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   234...

  • Page 235: Delete Bookmark

    delete bookmark delete bookmark Description Deletes all existing bookmark links. Syntax delete bookmark all Parameters Parameter Description Example delete bookmark all SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   235...

  • Page 236: Set Bookmark

    set bookmark set bookmark Description Configures an existing bookmark shown to users in the SNX landing page. Syntax set bookmark [ label <label> ] [ new-label <new-label> ] [ url <url> ] [ tooltip <tooltip> ] [ type <type> ] [ is-global <is-global> ] [ user- name <user-name>...
  • Page 237 set bookmark Parameter Description user-name The user name for remote desktop connection Type: A string that contains (0-9, a-z, - . @) up to 64 characters without spaces Example set bookmark label myLabel new-label myNewLabel url http://www.checkpoint.com/ tooltip myToolTip type link is-global true user-name admin password a(&7Ba screen-width 1920 screen-height 1080 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   237...

  • Page 238: Show Bookmark

    show bookmark show bookmark Description Shows the configuration of a bookmark defined to be shown to users when connecting to the SNX portal using remote access VPN. Syntax show bookmark label <label> Parameters Parameter Description label Text for the bookmark in the SSL Network Extender portal Type: A string that contains less than 257 characters, of this set: 0-9, a-z or , .

  • Page 239: Show Bookmarks

    show bookmarks show bookmarks Description Shows all bookmarks defined to be shown to users when connecting to the SNX portal using remote access VPN. Syntax show bookmarks Parameters Parameter Description Example show bookmarks SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   239...

  • Page 240: Bridge

    bridge bridge SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   240...

  • Page 241: Add Bridge

    add bridge add bridge Description Adds a new bridge. Syntax add bridge [ name <name> ] Parameters Parameter Description name Bridge name Type: A bridge name should be br0-9 Example add bridge name br7 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   241...

  • Page 242: Delete Bridge

    delete bridge delete bridge Description Deletes an existing bridge. Syntax delete bridge <name> Parameters Parameter Description name Bridge name Type: A bridge name should be br0-9 Example delete brdige br7 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   242...

  • Page 243: Set Bridge

    set bridge set bridge Configures an existing bridge interface. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   243...

  • Page 244: Set Bridge

    set bridge set bridge Description Configures an existing bridge interface. Syntax set bridge <name> stp <stp> Parameters Parameter Description name Bridge name Type: A bridge name should be br0-9 Spanning Tree Protocol mode Options: on, off Example set bridge br7 stp on SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   244...

  • Page 245: Set Bridge

    set bridge set bridge Description Adds an existing network/interface to an existing bridge. Syntax set bridge <name> add member <member> Parameters Parameter Description member Network name name Bridge name Type: A bridge name should be br0-9 Example set bridge br7 add member My_Network SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   245...

  • Page 246: Set Bridge

    set bridge set bridge Description Removes an existing network/interface from an existing bridge. Syntax set bridge <name> remove member <member> Parameters Parameter Description member Network name name Bridge name Type: A bridge name should be br0-9 Example set bridge br7 remove member My_Network SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   246...

  • Page 247: Show Bridge

    show bridge show bridge Description Shows configuration and statistics of a defined bridge. Syntax show bridge <name> Parameters Parameter Description name Bridge name Type: A bridge name should be br0-9 Example show bridge br7 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   247...

  • Page 248: Show Bridges

    show bridges show bridges Description Shows details of all defined bridges. Syntax show bridges Parameters Parameter Description Example show bridges SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   248...

  • Page 249: Show Cellular-Modem-Status

    show bridges show cellular-modem-status Description Show the status of the cellular (LTE) modem.. Syntax show cellular-modem-status Parameters Parameter Description Example show cellular-modem-status SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   249...

  • Page 250: Show Clock

    show clock show clock Description Shows current system date and time. Syntax show clock Parameters Parameter Description Example show clock Output Success shows date and time. Failure shows an appropriate error message. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   250...

  • Page 251: Cloud-Deployment

    cloud-deployment cloud-deployment SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   251...

  • Page 252: Set Cloud-Deployment

    set cloud-deployment set cloud-deployment Description Configures different settings for zero-touch deployment. Command is relevant to preset files. Syntax set cloud-deployment [ cloud-url <cloud-url> ] [ gateway-name <gateway- name> ] [ template <template> ] [ container <container> ] Parameters Parameter Description cloud-url The DNS or IP address through which the device will connect to the cloud service Type: URL...

  • Page 253: Show Cloud-Deployment

    show cloud-deployment show cloud-deployment Description Shows the configuration of cloud management connection. Syntax show cloud-deployment Parameters Parameter Description Example show cloud-deployment SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   253...

  • Page 254: Cloud-Notifications

    cloud-notifications cloud-notifications These commands are relevant for Cloud notifications SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   254...

  • Page 255: Set Cloud-Notification

    set cloud-notification set cloud-notification Description Turn on/off a specific notification type. Syntax set cloud-notification <notification-type> mode <mode> Parameters Parameter Description notification-type Describes the notification type including: license-expired license-about-to-expire license-activated infected-device malicious-file-blocked malicious-file-downloaded firmware-upgrade-available new-device system-up unexpected-reboot primary-internet-up secondary-internet-up malicious-mail-blocked malicious-mail-received reconnected-device mode Enable sending the chosen cloud notification type.

  • Page 256: Show Cloud-Notifications

    show cloud-notifications show cloud-notifications Description Show mode for all types of notifications Syntax show cloud-notifications Parameters Parameter Description Example show cloud-notifications SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   256...

  • Page 257: Send Cloud-Report

    send cloud-report send cloud-report Description Force sending a report to Cloud Services. Syntax send cloud-report type <type> Parameters Parameter Description type The report type Options: top-last-hour, top-last-day, top-last-week, top-last-month, 3d Example send cloud-report type top-last-hour SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   257...

  • Page 258: Cloud-Services

    cloud-services cloud-services SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   258...

  • Page 259: Reconnect Cloud-Services

    reconnect cloud-services reconnect cloud-services Description Force a manual reconnection to Cloud Services. Syntax reconnect cloud-services Parameters Parameter Description Example reconnect cloud-services SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   259...

  • Page 260: Set Cloud-Services

    set cloud-services set cloud-services Configures settings for cloud/SMP management connection. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   260...

  • Page 261: Set Cloud-Services

    set cloud-services set cloud-services Description Configures settings for cloud/SMP management connection. Syntax set cloud-services [ { [ activation-key <activation-key> ] | [ [ service-center <service-center> ] [ gateway-id <gateway-id> ] [ registration-key <registration-key> ] ] } ] [ confirm-untrusted- certificate <confirm-untrusted-certificate> ] [ mode <mode> ] Parameters Parameter Description...

  • Page 262: Set Cloud-Services

    set cloud-services set cloud-services Description Configures advanced settings for cloud/SMP management connection. Syntax set cloud-services advanced-settings cloud-management-configuration [ smp-login <smp-login> ] [ show-mgmt-server-details-on-login <show-mgmt- server-details-on-login> ] Parameters Parameter Description Example set cloud-services advanced-settings cloud-management-configuration smp-login true show-mgmt-server-details-on-login true SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   262...

  • Page 263: Show Cloud-Services

    show cloud-services show cloud-services Description Shows advanced settings of cloud management connection. Syntax show cloud-services advanced-settings Parameters Parameter Description Example show cloud-services advanced-settings SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   263...

  • Page 264: Show Cloud-Services Connection-Details

    show cloud-services connection-details show cloud-services connection-details Description Shows connection details for cloud management connection. Syntax show cloud-services connection-details Parameters Parameter Description Example show cloud-services connection-details SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   264...

  • Page 265: Cloud-Services-Firmware-Upgrade

    cloud-services-firmware-upgrade cloud-services-firmware-upgrade SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   265...

  • Page 266: Set Cloud-Services-Firmware-Upgrade

    set cloud-services-firmware-upgrade set cloud-services-firmware-upgrade Configure settings for the "firmware upgrade" Cloud Services. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   266...

  • Page 267: Set Cloud-Services-Firmware-Upgrade

    set cloud-services-firmware-upgrade set cloud-services-firmware-upgrade Description Configures settings for the "firmware upgrade" Cloud Services. Syntax set cloud-services-firmware-upgrade [ activate <activate> ] frequency { immediately-when-available | daily time <time> | monthly day-of-month <day-of-month> time <time> | weekly day-of-week <day-of-week> time <time> } Parameters Parameter Description...

  • Page 268: Set Cloud-Services-Firmware-Upgrade

    set cloud-services-firmware-upgrade set cloud-services-firmware-upgrade Description Configures advanced settings for the "firmware upgrade" Cloud Services. Syntax set cloud-services-firmware-upgrade advanced-settings max-num-of- retries <max-num-of-retries> Parameters Parameter Description Example set cloud-services-firmware-upgrade advanced-settings max-num-of- retries 15 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   268...

  • Page 269: Set Cloud-Services-Firmware-Upgrade

    set cloud-services-firmware-upgrade set cloud-services-firmware-upgrade Description Configures advanced settings for the "firmware upgrade" Cloud Services. Syntax set cloud-services-firmware-upgrade advanced-settings timeout-until- retry <timeout-until-retry> Parameters Parameter Description Example set cloud-services-firmware-upgrade advanced-settings timeout-until- retry 15 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   269...

  • Page 270: Show Cloud-Services-Firmware-Upgrade

    show cloud-services-firmware-upgrade show cloud-services-firmware-upgrade Shows configuration of the "Firmware Upgrade" Cloud Services. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   270...

  • Page 271: Show Cloud-Services-Firmware-Upgrade

    show cloud-services-firmware-upgrade show cloud-services-firmware-upgrade Description Shows configuration of the "Firmware Upgrade" Cloud Services. Syntax show cloud-services-firmware-upgrade Parameters Parameter Description Example show cloud-services-firmware-upgrade SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   271...

  • Page 272: Show Cloud-Services-Firmware-Upgrade

    show cloud-services-firmware-upgrade show cloud-services-firmware-upgrade Description Shows advanced settings of the "Firmware Upgrade" Cloud Services. Syntax show cloud-services-firmware-upgrade advanced-settings Parameters Parameter Description Example show cloud-services-firmware-upgrade advanced-settings SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   272...

  • Page 273: Show Cloud-Service Managed-Blades

    show cloud-service managed-blades show cloud-service managed- blades Description Shows the currently managed blades by the cloud management. Syntax show cloud-services managed-blades Parameters Parameter Description Example show cloud-services managed-blades SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   273...

  • Page 274: Show Cloud-Services Managed-Services

    show cloud-services managed-services show cloud-services managed- services Description Shows the currently managed services by the cloud management. Syntax show cloud-services managed-services Parameters Parameter Description Example show cloud-services managed-services SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   274...

  • Page 275: Fetch Cloud-Services Policy

    fetch cloud-services policy fetch cloud-services policy Description Fetch configuration now from your Cloud Services Security Management Server. Syntax fetch cloud-services policy Parameters Parameter Description Example fetch cloud-services policy SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   275...

  • Page 276: Show Cloud-Services Status

    show cloud-services status show cloud-services status Description Shows the current status of the cloud management connection. Syntax show cloud-services status Parameters Parameter Description Example show cloud-services status SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   276...

  • Page 277: Show Commands

    show commands show commands Description Shows all available CLI commands. Syntax show commands Parameters Parameter Description Example show commands SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   277...

  • Page 278: Cphaprob

    cphaprob cphaprob Description Defines and manages the critical cluster member properties of the appliance. When a critical process fails, the appliance is considered to have failed. Syntax cphaprob [-i[a]] [-d <device>] [-s {ok|init|problem}] [-f <file>] [-p] [register|unregister|report|list|state|if] Parameters Parameter Description <appliance>...
  • Page 279 cphaprob Parameter Description list Displays that state of: -i - Internal (as well as external) devices, such as interface check and High Availability initialization. -e - External devices, such as devices registered by the user or outside the kernel. For example, fwd, sync, filter.
  • Page 280 cphaprob Examples cphaprob -d <device> -t <timeout(sec)> -s <ok|init|problem> [-p] register cphaprob -f <file> register cphaprob -d <device> [-p] unregister cphaprob -a unregister cphaprob -d <device> -s <ok|init|problem> report cphaprob [-i[a]] [-e] list cphaprob state cphaprob [-a] if SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   280...

  • Page 281: Cphastop

    cphastop cphastop Description Disables High Availability on the appliance. Running cphastop on an appliance that is a cluster member stops the appliance from passing traffic. State synchronization also stops. Syntax cphastop Parameters Parameter Description Return Value 0 on success, 1 on failure Example cphastop Output...

  • Page 282: Cpinfo

    Description Creates a Check Point Support Information (CPinfo) file on a machine at the time of execution. The files is saved to a USB drive or TFTP server. The CPinfo output file enables Check Point's support engineers to analyze setups from a remote location.

  • Page 283: Cpstart

    Start all Check Point processes and applications running on a machine. Description Starts firewall services. Syntax cpstart Parameters Parameter Description Return Value 0 on success, 1 on failure Example cpstart Output Success shows Starting CP products..Failure shows an appropriate error message.

  • Page 284: Cpstat

    Description Shows Check Point statistics for applications. Syntax cpstat [-p <port>] [-s <SICname>] [-f <flavor>] [-o <polling>] [-c <count>] [-e <period>] [-x] [-j] [-d] application_flag <flag> Parameters Parameter Description -p <port> Port number of the server. The default is the standard server port (18192).
  • Page 285 cpstat Parameter Description <flag> One of these applications is displayed: One of the following: fw - Firewall component of the Security Gateway vpn - VPN component of the Security Gateway fg - QoS (formerly FloodGate-1) ha - ClusterXL (High Availability) os - OS Status mg - for the Security Management Server persistency - for historical status values...
  • Page 286 cpstat os - "default", "ifconfig", "routing", "memory", "old_memory", "cpu", "disk", "perf", "multi_cpu", "multi_ disk", "all", "average_cpu", "average_memory", "statistics" mg - "default" persistency - "product", "Tableconfig", "SourceConfig" polsrv - "default", "all" uas - "default" svr - "default" cpsemd - "default" cpsead - "default" asm - "default", "WS"...

  • Page 287: Cpstop

    Description Stops firewall services and terminates all Check Point processes and applications running on the appliance. Syntax cpstop Parameters Parameter Description Return Value 0 on success, 1 on failure Example cpstop Output Success shows Uninstalling Security Policy..Failure shows an appropriate error message.
  • Page 288 cpwd_admin cpwd_admin Description The cpwd_admin utility can be used to verify if a process is running and to stop and start a process if necessary. Syntax cpwd_admin {del <name>|detach <name>|list|kill|exist|start_monitor|stop_ monitor| monitor_list} Parameters Parameter Description Deletes process Detaches process detach Print status of processes list Stops cpWatchDog...

  • Page 289: Date

    date date SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   289...

  • Page 290: Set Date

    set date set date Configures the device's date and time. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   290...

  • Page 291: Set Date

    set date set date Description Manually configure the device's date. Syntax set date <date> Parameters Parameter Description date Date in the format YYYY-MM-DD Type: A date format yyyy-mm-dd Example set date 2000-01-01 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   291...

  • Page 292: Set Date

    set date set date Description Manually configure the device's time. Syntax set time <time> Parameters Parameter Description time Time in the format HH:MM Type: A time format hh:mm Example set time 23:20 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   292...

  • Page 293: Set Date

    set date set date Description Manually configure the device's time zone. Syntax set timezone <timezone> Parameters Parameter Description timezone Timezone location Example set timezone GMT-11:00(Midway-Island) SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   293...

  • Page 294: Set Date

    set date set date Description Configures if the daylight savings will be changed automatically. Syntax set timezone-dst automatic <timezone-dst automatic> Parameters Parameter Description timezone-dst automatic Automatic adjustment clock for daylight saving changes flag Options: on, off Example set timezone-dst automatic on SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   294...

  • Page 295: Show Date

    show date show date Shows date and time. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   295...

  • Page 296: Show Date

    show date show date Description Shows current date of the appliance. Syntax show date Parameters Parameter Description Example show date SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   296...

  • Page 297: Show Date

    show date show date Description Shows current time of the appliance. Syntax show time Parameters Parameter Description Example show time SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   297...

  • Page 298: Show Date

    show date show date Description Shows current time zone of the appliance. Syntax show timezone Parameters Parameter Description Example show timezone SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   298...

  • Page 299: Show Date

    show date show date Description Shows current daylight savings configuration of the appliance. Syntax show timezone-dst Parameters Parameter Description Example show timezone-dst SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   299...

  • Page 300: Restore Default-Settings

    restore default-settings restore default-settings Description Restores the default settings of the appliance without affecting the software image. All the custom user settings for the appliance are deleted. Syntax restore default-settings [preserve-sic {yes|no}|preserve-license {yes|no}|force {yes|no}] Parameters Parameter Description Select whether to preserve your current SIC settings. preserve-sic Select whether to preserve your current license.

  • Page 301: Dhcp-Relay

    dhcp-relay dhcp-relay SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   301...

  • Page 302: Set Dhcp-Relay

    set dhcp-relay set dhcp-relay Description Configures advanced settings for DHCP Relay functionality. Syntax set dhcp-relay advanced-settings use-internal-ip-addrs-as-source <use- internal-ip-addrs-as-source> Parameters Parameter Description Example set dhcp-relay advanced-settings use-internal-ip-addrs-as-source true SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   302...

  • Page 303: Show Dhcp-Relay

    show dhcp-relay show dhcp-relay Description Shows advanced settings for DHCP relay. Syntax show dhcp-relay advanced-settings Parameters Parameter Description Example show dhcp-relay advanced-settings SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   303...

  • Page 304: Show Dhcp Servers

    show dhcp servers show dhcp servers Description Shows configuration for all DHCP servers. Syntax show dhcp servers Parameters Parameter Description Example show dhcp servers SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   304...

  • Page 305: Dhcp Server Interface

    dhcp server interface dhcp server interface SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   305...

  • Page 306: Delete Dhcp Server Interface

    delete dhcp server interface delete dhcp server interface Description Deletes the configured exclude range from the DHCP server settings of a specific network/interface. Syntax delete dhcp server interface <name> exclude-range Parameters Parameter Description name Network name Type: A string that contains [A-Z], [0-9], '_', '.', '-' and '/' characters Example delete dhcp server interface My_Network exclude-range SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   306...

  • Page 307: Set Dhcp Server Interface

    set dhcp server interface set dhcp server interface Configures DHCP server settings. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   307...

  • Page 308: Set Dhcp Server Interface

    set dhcp server interface set dhcp server interface Description Configures a custom DHCP option. Syntax set dhcp server interface <cliName> custom-option name <custom-option name> type <type> tag <tag> data <data> Parameters Parameter Description cliName cliName Type: virtual custom-option Set the name of the object name Type: A string that contains alphanumeric characters or hyphen data...

  • Page 309: Set Dhcp Server Interface

    set dhcp server interface set dhcp server interface Description Configures if a DHCP server is active or not on an existing network/interface. Syntax set dhcp server interface <name> { disable | enable } Parameters Parameter Description dhcp Use DHCP Server with a specified IP address range Options: off, on, relay name Network name...

  • Page 310: Set Dhcp Server Interface

    set dhcp server interface set dhcp server interface Description Configures DHCP relay functionality on an existing network/interface. Syntax set dhcp server interface <name> relay relay-to <relay relay-to> { [ secondary <secondary> ] | [ relay-secondary <relay-secondary> ] } Parameters Parameter Description name Network name...

  • Page 311: Set Dhcp Server Interface

    set dhcp server interface set dhcp server interface Description Configures an IP address pool for a DHCP server on an existing network/interface. Syntax set dhcp server interface <name> include-ip-pool <include-ip-pool> Parameters Parameter Description include-ip-pool DHCP range Type: A range of IP addresses name Network name Type: A string that contains [A-Z], [0-9], '_', '.', '-' and '/' characters...

  • Page 312: Set Dhcp Server Interface

    set dhcp server interface set dhcp server interface Description Configures the default gateway provided by a DHCP server on an existing network/interface. Syntax set dhcp server interface <name> default-gateway <default-gateway> Parameters Parameter Description default-gateway A virtual field calculated by the values of the fields: dhcpGwMode & dhcpGw name Network name Type: A string that contains [A-Z], [0-9], '_', '.', '-' and '/' characters...

  • Page 313: Set Dhcp Server Interface

    set dhcp server interface set dhcp server interface Description Configures the WINS mode provided by a DHCP server on an existing network/interface. Syntax set dhcp server interface <name> wins-mode <wins-mode> Parameters Parameter Description name Network name Type: A string that contains [A-Z], [0-9], '_', '.', '-' and '/' characters wins-mode Configure the WINS Server Example...

  • Page 314: Set Dhcp Server Interface

    set dhcp server interface set dhcp server interface Description Configures the WINS servers IP addresses provided by a DHCP server on an existing network/interface. Syntax set dhcp server interface <name> wins primary <wins primary> [ secondary <secondary> ] Parameters Parameter Description name Network name...

  • Page 315: Set Dhcp Server Interface

    set dhcp server interface set dhcp server interface Description Configures the lease time used by a DHCP server on an existing network/interface. Syntax set dhcp server interface <name> lease-time <lease-time> Parameters Parameter Description lease-time Configure the timeout in hours for a single device to retain a dynamically acquired IP address name Network name...

  • Page 316: Set Dhcp Server Interface

    set dhcp server interface set dhcp server interface Description Configures the domain used by a DHCP server on an existing network/interface. Syntax set dhcp server interface <name> domain <domain> Parameters Parameter Description domain The domain name of the DHCP name Network name Type: A string that contains [A-Z], [0-9], '_', '.', '-' and '/' characters Example...

  • Page 317: Set Dhcp Server Interface

    set dhcp server interface set dhcp server interface Description Configures the NTP servers used by a DHCP server on an existing network/interface. Syntax set dhcp server interface <name> ntp <ntp> [ secondary <secondary> ] Parameters Parameter Description name Network name Type: A string that contains [A-Z], [0-9], '_', '.', '-' and '/' characters Configure the first NTP (Network Time Protocol) server to be distributed to DHCP client secondary...

  • Page 318: Set Dhcp Server Interface

    set dhcp server interface set dhcp server interface Description Configures the TFTP server used by a DHCP server on an existing network/interface. Syntax set dhcp server interface <name> tftp <tftp> Parameters Parameter Description name Network name Type: A string that contains [A-Z], [0-9], '_', '.', '-' and '/' characters tftp Configure TFTP server to be distributed to DHCP client Example...

  • Page 319: Set Dhcp Server Interface

    set dhcp server interface set dhcp server interface Description Configures the TFTP bootfile used by a DHCP server on an existing network/interface. Syntax set dhcp server interface <name> file <file> Parameters Parameter Description file Configure TFTP bootfile to be distributed to DHCP client name Network name Type: A string that contains [A-Z], [0-9], '_', '.', '-' and '/' characters...

  • Page 320: Set Dhcp Server Interface

    set dhcp server interface set dhcp server interface Description Configures the Call Manager servers used by a DHCP server on an existing network/interface. Syntax set dhcp server interface <name> callmgr <callmgr> [ secondary <secondary> ] Parameters Parameter Description callmgr Configure the first Call manager server to be distributed to DHCP client name Network name Type: A string that contains [A-Z], [0-9], '_', '.', '-' and '/' characters...

  • Page 321: Set Dhcp Server Interface

    set dhcp server interface set dhcp server interface Description Configures the X-Windows display manager server used by a DHCP server on an existing network/interface. Syntax set dhcp server interface <name> xwin-display-mgr <xwin-display-mgr> Parameters Parameter Description name Network name Type: A string that contains [A-Z], [0-9], '_', '.', '-' and '/' characters xwin-display-mgr Configure X-Windows display manager to be distributed to DHCP client Example...

  • Page 322: Set Dhcp Server Interface

    set dhcp server interface set dhcp server interface Description Configures the Avaya Manager server used by a DHCP server on an existing network/interface. Syntax set dhcp server interface <name>avaya-voip <avaya-voip> Parameters Parameter Description avaya-voip Configure Avaya IP phone to be distributed to DHCP client name Network name Type: A string that contains [A-Z], [0-9], '_', '.', '-' and '/' characters...

  • Page 323: Set Dhcp Server Interface

    set dhcp server interface set dhcp server interface Description Configures the Nortel Manager server used by a DHCP server on an existing network/interface. Syntax set dhcp server interface <name> nortel-voip <nortel-voip> Parameters Parameter Description name Network name Type: A string that contains [A-Z], [0-9], '_', '.', '-' and '/' characters nortel-voip Configure Nortel IP phone to be distributed to DHCP client Example...

  • Page 324: Set Dhcp Server Interface

    set dhcp server interface set dhcp server interface Description Configures the Thomson Manager server used by a DHCP server on an existing network/interface. Syntax set dhcp server interface <name> thomson-voip <thomson-voip> Parameters Parameter Description name Network name Type: A string that contains [A-Z], [0-9], '_', '.', '-' and '/' characters thomson-voip Configure Thomson IP phone to be distributed to DHCP client Example...

  • Page 325: Set Dhcp Server Interface

    set dhcp server interface set dhcp server interface Description Configures the DNS servers provided by a DHCP server on an existing network/interface. In automatic mode the device will provide its own IP address when configured as DNS proxy, and the DNS servers it is configured with otherwise.

  • Page 326: Set Dhcp Server Interface

    set dhcp server interface set dhcp server interface Description Configures the primary DNS server provided by a DHCP server on an existing network/interface in manual mode. Syntax set dhcp server interface <name> dns primary <dns primary> Parameters Parameter Description dns primary Configure the IP address for the first DNS server name Network name...

  • Page 327: Set Dhcp Server Interface

    set dhcp server interface set dhcp server interface Description Configures the secondary DNS server provided by a DHCP server on an existing network/interface in manual mode. Syntax set dhcp server interface <name> dns secondary <dns secondary> Parameters Parameter Description dns secondary Configure the IP address for the second DNS server name Network name...

  • Page 328: Set Dhcp Server Interface

    set dhcp server interface set dhcp server interface Description Configures the tertiary DNS server provided by a DHCP server on an existing network/interface in manual mode. Syntax set dhcp server interface <name> dns tertiary <dns tertiary> Parameters Parameter Description dns tertiary Configure the IP address for the third DNS server name Network name...

  • Page 329: Set Dhcp Server Interface

    set dhcp server interface set dhcp server interface Description Removes a custom DHCP option from a DHCP server on an existing network/interface. Syntax set dhcp server interface <name> remove custom-option <custom-option> Parameters Parameter Description custom-option Set the name of the object name Network name Type: A string that contains [A-Z], [0-9], '_', '.', '-' and '/' characters...

  • Page 330: Show Dhcp Server Interface

    show dhcp server interface show dhcp server interface Shows configuration of DHCP servers. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   330...

  • Page 331: Show Dhcp Server Interface

    show dhcp server interface show dhcp server interface Description Shows the configuration of a DHCP server configured on a specific interface/network. Syntax show dhcp server interface <name> Parameters Parameter Description name Network name Type: A string that contains [A-Z], [0-9], '_', '.', '-' and '/' characters Example show dhcp server interface My_Network SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   331...

  • Page 332: Show Dhcp Server Interface

    show dhcp server interface show dhcp server interface Description Shows the IP address pool of a DHCP server configured on a specific interface/network. Syntax show dhcp server interface <name> ip-pool Parameters Parameter Description name Network name Type: A string that contains [A-Z], [0-9], '_', '.', '-' and '/' characters Example show dhcp server interface My_Network ip-pool SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   332...

  • Page 333: Show Diag

    show diag show diag Description Shows information about your appliance, such as the current firmware version and additional details. Syntax show diag Parameters Parameter Description Example show diag Output Current system information. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   333...

  • Page 334: Show Disk Usage

    show disk usage show disk usage Description Shows the file system space used and space available. Syntax show disk-usage [-h|-m|-k] Parameters Parameter Description Human readable (e.g. 1K 243M 2G) 1024*1024 blocks 1024 blocks Example show disk-usage -h Output Current file system space used and space available. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   334...

  • Page 335: Dns

    SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   335...

  • Page 336: Delete Dns

    delete dns delete dns Deletes configured DNS settings. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   336...

  • Page 337: Delete Dns

    delete dns delete dns Description Deletes configured primary DNS. Syntax delete dns [ primary ipv4-address ] Parameters Parameter Description Example delete dns primary ipv4-address SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   337...

  • Page 338: Delete Dns

    delete dns delete dns Description Deletes configured secondary DNS. Syntax delete dns [ secondary ipv4-address ] Parameters Parameter Description Example delete dns secondary ipv4-address SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   338...

  • Page 339: Delete Dns

    delete dns delete dns Description Deletes configured tertiary DNS. Syntax delete dns [ tertiary ipv4-address ] Parameters Parameter Description Example delete dns tertiary ipv4-address SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   339...

  • Page 340: Delete Dns

    delete dns delete dns Description Deletes configured domain name of the appliance. Syntax delete domainname Parameters Parameter Description Example delete domainname SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   340...

  • Page 341: Set Dns

    set dns set dns Configures the DNS and domain settings for the device. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   341...

  • Page 342: Set Dns

    set dns set dns Description Configures the DNS settings for the device. Syntax set dns [ primary ipv4-address <primary ipv4-address> ] [ secondary ipv4-address <secondary ipv4-address> ] [ tertiary ipv4-address <tertiary ipv4-address> ] Parameters Parameter Description primary ipv4-address First global DNS IP address Type: IP address secondary ipv4- address Second global DNS IP address...

  • Page 343: Set Dns

    set dns set dns Description Configures the DNS mode for the device. It can either use manually configured DNS servers or use the DNS servers provided to him by the active internet connection from his ISP. Syntax set dns mode <mode> Parameters Parameter Description...

  • Page 344: Set Dns

    set dns set dns Description Configures the DNS proxy mode. DNS proxy allows treating the configured network objects as a hosts list which the device can translate from hostname to IP address for local networks. Syntax set dns proxy { on [ resolving <resolving> ] | off } Parameters Parameter Description...

  • Page 345: Set Dns

    set dns set dns Description Configures the domain settings for the device. Syntax set domainname <domainname> Parameters Parameter Description domainname Identification string that defines a realm of administrative autonomy, authority, or control in the Internet Type: A FQDN Example set domainname somehost.example.com SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   345...

  • Page 346: Show Dns

    show dns show dns Shows configuration for DNS and domain name. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   346...

  • Page 347: Show Dns

    show dns show dns Description Shows configuration for DNS. Syntax show dns Parameters Parameter Description Example show dns SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   347...

  • Page 348: Show Dns

    show dns show dns Description Shows configuration for domain name. Syntax show domainname Parameters Parameter Description Example show domainname SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   348...

  • Page 349: Dsl

    SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   349...

  • Page 350: Set Dsl Advanced-Settings Global-Settings

    set dsl advanced-settings global-settings set dsl advanced-settings global-settings Description Set DSL configuration parameters. Syntax set dsl advanced-settings global-settings [ ginp <ginp> ] [ sra <sra> ] Parameters Parameter Description ginp Enhanced Impulse Noise Protection Enables Seamless Rate Adaption Example set dsl advanced-settings global-settings ginp downstream-and-upstream sra true SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   350...

  • Page 351: Set Dsl Advanced-Settings Standards

    set dsl advanced-settings standards set dsl advanced-settings standards Description Set DSL standard related configuration parameters. Syntax set dsl advanced-settings standards [ vdsl2 <true|false> ] [ dmt < true|false > ] [ adsl-lite < true|false > ] [ adsl2 < true|false > ] [ adsl2plus <...
  • Page 352 set dsl advanced-settings standards Parameter Description vdsl-17a Supports VDSL Profile 17a. vdsl-us0 Enables usage of first upstream band in VDSL2. Example set dsl advanced-settings standards adsl2plus false SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   352...

  • Page 353: Show Dsl Advanced-Setting

    show dsl advanced-setting show dsl advanced-setting Description Show all DSL advanced settings parameters. Syntax show dsl advanced-settings Parameters Parameter Description Example show dsl advanced-settings Sample Output adsl2plus: true vdsl-8d: true vdsl-8c: true vdsl-8b: true annex-m: false t1413: true vdsl-17a: true adsl-lite: true vdsl2: true annex-l: false...

  • Page 354: Show Dsl Statistics

    show dsl statistics show dsl statistics Description Show DSL statistics. Syntax show dsl statistics Parameters Parameter Description tpstc Indicates the TPS-TC layer. Possible values: ATM, PTM. mode Indicates the negotiated DSL mode. Example for a value: VDSL Annex B. status Indicates the status of DSL connection synchronization.
  • Page 355 show dsl statistics Parameter Description hec-up Indicates the number of HEC errors counted by the peer DSLAM/MSAG. hec-down Indicates the number of HEC errors counted by the appliance. total-cells- Indicates the number of 53 bytes (cells in the case of ATM) that were transmitted by the appliance.
  • Page 356 show dsl statistics Sample Output snr-down: 8.7 configured-ginp: Off/Off power-up: 7.6 rs-corrected-down: 421298 rs-corrected-up: 208 configured-sra: Off rs-up: 1610329207 configured-trellis: On total-cells-down: 2609810117 snr-up: 15.4 tpstc: PTM bitrate-up: 5024 vectoring: 5 (DSLAM is not a vectored DSLAM) vendor: IFTN:0xb206 status: Showtime rs-down: 2127995393 mode: VDSL2 Annex B hec-up: 0...

  • Page 357: Dynamic-Dns

    dynamic-dns dynamic-dns SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   357...

  • Page 358: Set Dynamic-Dns

    set dynamic-dns set dynamic-dns Configures a persistent domain name for the device. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   358...

  • Page 359: Set Dynamic-Dns

    set dynamic-dns set dynamic-dns Description Configures a persistent domain name for the device. Syntax set dynamic-dns { is_active } provider <provider> password <password> user <user> <domain> domain Parameters Parameter Description domain The domain name (sometimes called host name) within your account that the device will Type: A FQDN is-active Is the DDNS service active...

  • Page 360: Set Dynamic-Dns

    set dynamic-dns set dynamic-dns Description Configure advanced settings for the DDNS service. Syntax set dynamic-dns advanced-settings iterations <iterations> Parameters Parameter Description Example set dynamic-dns advanced-settings iterations 15 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   360...

  • Page 361: Show Dynamic-Dns

    show dynamic-dns show dynamic-dns Shows configuration for DDNS service. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   361...

  • Page 362: Show Dynamic-Dns

    show dynamic-dns show dynamic-dns Description Shows configuration for DDNS service. Syntax show dynamic-dns Parameters Parameter Description Example show dynamic-dns SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   362...

  • Page 363: Show Dynamic-Dns

    show dynamic-dns show dynamic-dns Description Shows advanced settings for DDNS service. Syntax show dynamic-dns advanced-settings Parameters Parameter Description Example show dynamic-dns advanced-settings SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   363...

  • Page 364: Dynamic Objects

    dynamic objects dynamic objects Manages dynamic objects on the appliance. The dynamic_objects command specifies an IP address to which the dynamic object is resolved. First, define the dynamic object in the SmartDashboard. Then create the same object with the CLI (-n argument).
  • Page 365 dynamic objects Output Success shows Operation completed successfully . Failure shows an appropriate error message. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   365...

  • Page 366: Exit

    exit exit Description Exits from the shell. Syntax exit Parameters Parameter Description Example exit SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   366...

  • Page 367: Set Expert Password

    Output Success shows OK . Failure shows an appropriate error message. Comments To generate a password-hash, you can use this command on any Check Point SMB Appliance gateway (as an expert user). cryptpw -a md5 <password string> SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   367...

  • Page 368: Fetch Certificate

    fetch certificate fetch certificate Description Establishes a SIC connection with the Security Management Server and fetches the certificate. You fetch the certificate from a specific appliance with the gateway-name parameter. Syntax fetch certificate mgmt-ipv4-address <ip_addr> [gateway-name <gw_name>] Parameters Parameter Description ip_addr Management IPv4 address Appliance/Module name...

  • Page 369: Fetch Policy

    fetch policy fetch policy Description Fetches a policy from the Security Management Server with IPv4 address <ip_addr> or from the local gateway. Syntax fetch policy {local|mgmt-ipv4-address <ip_addr>} Parameters Parameter Description ip_addr IPv4 address of the Security Management Server. Return Value 0 on success, 1 on failure Example fetch policy mgmt-ipv4-address 192.168.1.100...

  • Page 370: Fw Commands

    The fw commands are used for working with various aspects of the firewall. All fw commands are executed Command Line Interface on the Check Point Security Gateway. For more about the fw commands, see the (CLI) Reference Guide fw commands can be found by typing fw [TAB] at a command line. For some of the CLI commands, you can enter the -h parameter to display all the relevant arguments and parameters.
  • Page 371 fw commands Display version fw ver [-k] SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   371...

  • Page 372: Fw Policy

    fw policy fw policy SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   372...

  • Page 373: Set Fw Policy

    set fw policy set fw policy Configures the default policy for the Firewall blade SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   373...

  • Page 374: Set Fw Policy

    set fw policy set fw policy Description Configures the default policy for the Firewall blade. Syntax set fw policy [ mode <mode> ] [ track-allowed-traffic <track-allowed- traffic> ] [ track-blocked-traffic <track-blocked-traffic> ] Parameters Parameter Description mode Current mode for firewall policy track-allowed-traffic Indicates if accepted connections are logged Options: none, log...

  • Page 375: Set Fw Policy

    set fw policy set fw policy Description Configures advanced settings for the default policy of the Firewall blade. Syntax set fw policy advanced-settings blocked-packets-action <blocked- packets-action> Parameters Parameter Description Example set fw policy advanced-settings blocked-packets-action auto SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   375...

  • Page 376: Set Fw Policy

    set fw policy set fw policy Description Configures advanced settings for the default policy of the Firewall blade. Syntax set fw policy advanced-settings log-implied-rules <log-implied-rules> Parameters Parameter Description Example set fw policy advanced-settings log-implied-rules true SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   376...

  • Page 377: Show Fw Policy

    show fw policy show fw policy Shows the configured policy for the Firewall blade. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   377...

  • Page 378: Show Fw Policy

    show fw policy show fw policy Description Shows the configured policy for the Firewall blade. Syntax show fw policy Parameters Parameter Description Example show fw policy SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   378...

  • Page 379: Show Fw Policy

    show fw policy show fw policy Description Shows advanced settings for the Firewall blade. Syntax show fw policy advanced-settings Parameters Parameter Description Example show fw policy advanced-settings SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   379...

  • Page 380: Show Fw Policy

    show fw policy show fw policy Description Shows the configuration for customizable messages shown to users upon actions. Syntax show fw policy user-check { block | ask | accept } Parameters Parameter Description user-check Activity message type Type: Press TAB to see available options Example show fw policy user-check block SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   380...

  • Page 381: Set Fw Policy User-Check Accept

    set fw policy user-check accept set fw policy user-check accept Description Configures a customizable "accept" message shown to users upon match on browser based traffic. Syntax set fw policy user-check accept [ body <body> ] [ fallback-action <fallback-action> ] [ frequency <frequency> ] [ subject <subject> ] [ title <title>...

  • Page 382: Set Fw Policy User-Check Ask

    set fw policy user-check ask set fw policy user-check ask Description Configures a customizable "ask" message shown to users upon match on browser based traffic. Syntax set fw policy user-check ask [ body <body> ] [ confirm-text <confirm- text> ] [ fallback-action <fallback-action> ] [ frequency <frequency> ] [ subject <subject>...
  • Page 383 set fw policy user-check ask Example set fw policy user-check ask body My Network confirm-text My Network fallback-action block frequency day subject My Network title My Network reason-displayed true SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   383...

  • Page 384: Set Fw Policy User-Check Block

    set fw policy user-check block set fw policy user-check block Description Configures a customizable "block" message shown to users upon match on browser based traffic. Syntax set fw policy user-check block [ body <body> ] [ redirect-url <redirect-url> ] [ subject <subject> ] [ title <title> ] [ redirect-to-url <redirect-to- url>] Parameters Parameter...

  • Page 385: Set Fw Policy User-Check Block-Device

    set fw policy user-check block-device set fw policy user-check block- device Description User Check is a customizable message shown to users upon match, and allows to 'ask' the user for the desired action. In this case, to block a particular device. Syntax set fw policy user-check block-device [ body <body>...

  • Page 386: Set Fw Policy User-Check Block-Infected-Device

    set fw policy user-check block-infected-device set fw policy user-check block- infected-device Description User Check is a customizable message shown to users upon match, and allows to 'ask' the user for the desired action. In this case, to block an infected device. Syntax set fw policy user-check block-infected-device [ body <body>...

  • Page 387: Global-Radius-Conf

    global-radius-conf global-radius-conf SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   387...

  • Page 388: Set Global-Radius-Conf

    set global-radius-conf set global-radius-conf Description Configure the NAS IP\IPv6 address for RADIUS server authentication. NAS IP\IPv6 address indicates the identifying IP Address of the NAS which is requesting authentication of the user, and should be unique to the NAS within the scope of the RADIUS server. Syntax set global-radius-conf [ nas-ip-address <nas-ip-address>...

  • Page 389: Show Global-Radius-Conf

    show global-radius-conf show global-radius-conf Description Configure the NAS IP\IPv6 address for RADIUS server authentication. Syntax show global-radius-conf Parameters Parameter Description Example show global-radius-conf SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   389...

  • Page 390: Group

    group group SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   390...

  • Page 391: Add Group

    add group add group Description Adds a new group of network objects. Syntax add group name <name> [ comments <comments> ] [ member <member> ] Parameters Parameter Description comments Comments and explanation about the Network Object group Type: A string that contains less than 257 characters, of this set: 0-9, a-z or , . - : () @ member An association field to the contained network objects name...

  • Page 392: Delete Group

    delete group delete group Description Deletes an existing group object of network objects. Syntax delete group <name> Parameters Parameter Description name Network Object group name Type: A string that begins with a letter and contain up to 32 alphanumeric (0-9, a-z, _ - .) characters without spaces Example delete group myObject_17...

  • Page 393: Set Group

    set group set group Configures an existing network objects group. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   393...

  • Page 394: Set Group

    set group set group Description Configures an existing network objects group. Syntax set group <name> [ new-name <new-name> ] [ comments <comments> ] Parameters Parameter Description comments Comments and explanation about the Network Object group Type: A string that contains less than 257 characters, of this set: 0-9, a-z or , . - : () @ name Network Object group name Type: A string that begins with a letter and contain up to 32 alphanumeric (0-9, a-z, _ - .)

  • Page 395: Set Group

    set group set group Description Removes all members from an existing network objects group. Syntax set group <name> remove-all members Parameters Parameter Description name Network Object group name Type: A string that begins with a letter and contain up to 32 alphanumeric (0-9, a-z, _ - .) characters without spaces Example set group myObject_17 remove-all members...

  • Page 396: Set Group

    set group set group Description Adds an existing network object to an existing network objects group. Syntax set group <name> add member <member> Parameters Parameter Description member Network Object name name Network Object group name Type: A string that begins with a letter and contain up to 32 alphanumeric (0-9, a-z, _ - .) characters without spaces Example set group myObject_17 add member TEXT...

  • Page 397: Set Group

    set group set group Description Removes an existing network object from an existing network objects group. Syntax set group <name> remove member <member> Parameters Parameter Description member Network Object name name Network Object group name Type: A string that begins with a letter and contain up to 32 alphanumeric (0-9, a-z, _ - .) characters without spaces Example set group myObject_17 remove member TEXT...

  • Page 398: Show Group

    show group show group Description Shows the contents of a network object group. Syntax show group <name> Parameters Parameter Description name Network Object group name Type: A string that begins with a letter and contain up to 32 alphanumeric (0-9, a-z, _ - .) characters without spaces Example show group myObject_17...

  • Page 399: Show Groups

    show groups show groups Description Shows the contents of all network object groups. Syntax show groups Parameters Parameter Description Example show groups SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   399...

  • Page 400: Host

    host host SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   400...

  • Page 401: Add Host

    add host add host Description Adds a new network host object that can be used for resolving when the device acts as a DNS proxy, and also DHCP settings for this object (exclude/reserve IP address). Syntax add host name <name> [ dhcp-exclude-ip-addr { on [ dhcp-reserve-ip- addr-to-mac { on [ mac-addr <mac-addr>...
  • Page 402 add host Example add host name TEXT dhcp-exclude-ip-addr on dhcp-reserve-ip-addr-to-mac on mac-addr 00:1C:7F:21:05:BE reserve-mac-address 00:1C:7F:21:05:BE mac-reserved-in-dhcp on mac-addr 00:1C:7F:21:05:BE reserve-mac-address 00:1C:7F:21:05:BE dns-resolving true ipv4-address 192.168.1.1 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   402...

  • Page 403: Delete Host

    delete host delete host Description Deletes an existing network host object. Syntax delete host <name> Parameters Parameter Description name Network Object name Type: String Example delete host TEXT SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   403...

  • Page 404: Set Host

    set host set host Description Configures an existing network object/host. Syntax set host <name> [ name <name> ] [ dhcp-exclude-ip-addr { on [ dhcp- reserve-ip-addr-to-mac { on [ mac-addr <mac-addr> ] [ reserve-mac- address <reserve-mac-address> ] | off } ] [ mac-reserved-in-dhcp { on [ mac-addr <mac-addr>...
  • Page 405 set host Example set host TEXT name TEXT dhcp-exclude-ip-addr on dhcp-reserve-ip-addr- to-mac on mac-addr 00:1C:7F:21:05:BE reserve-mac-address 00:1C:7F:21:05:BE mac-reserved-in-dhcp on mac-addr 00:1C:7F:21:05:BE reserve-mac-address 00:1C:7F:21:05:BE exclude-from-dhcp on dhcp- reserve-ip-addr-to-mac on mac-addr 00:1C:7F:21:05:BE reserve-mac- address 00:1C:7F:21:05:BE mac-reserved-in-dhcp on mac-addr 00:1C:7F:21:05:BE reserve-mac-address 00:1C:7F:21:05:BE dns-resolving true ipv4-address 192.168.1.1 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   405...

  • Page 406: Show Host

    show host show host Description Shows the configuration of an existing network object. Syntax show host <name> Parameters Parameter Description name Network Object name Type: String Example show host TEXT SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   406...

  • Page 407: Show Hosts

    show hosts show hosts Description Shows the configuration of all existing network objects. Syntax show hosts Parameters Parameter Description Example show hosts SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   407...

  • Page 408: Hotspot

    hotspot hotspot SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   408...

  • Page 409: Set Hotspot

    set hotspot set hotspot Configures hotspot settings. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   409...

  • Page 410: Set Hotspot

    set hotspot set hotspot Description Configures hotspot settings. Syntax set hotspot [ require-auth <require-auth> ] [ auth-mode <auth-mode> ] [ allowed-group <allowed-group> ] [ timeout <timeout> ] [ portal-title <portal-title> ] [ portal-msg <portal-msg> ] [ show-terms-of-use <show- terms-of-use> ] [ terms-of-use <terms-of-use> ] [ redirect-after-auth <redirect-after-auth>...
  • Page 411 set hotspot Parameter Description terms-of- Indicates the When users will click the terms and conditions text shown in the hotspot portal Type: A string that contains only printable characters timeout Time, in minutes, untill the hotspot session expires Type: A number with no fractional part (integer) Example set hotspot require-auth true auth-mode allow-all allowed-group word timeout 15 portal-title My Network portal-msg My Network show-terms-of-...

  • Page 412: Set Hotspot

    set hotspot set hotspot Description Adds an existing network object as an exception for hotspot portal. Syntax set hotspot add exception <exception> Parameters Parameter Description exception Network object name Example set hotspot add exception TEXT SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   412...

  • Page 413: Set Hotspot

    set hotspot set hotspot Description Removes an existing network object from being an exception to hotspot portal. Syntax set hotspot remove exception <exception> Parameters Parameter Description exception Network object name Example set hotspot remove exception TEXT SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   413...

  • Page 414: Set Hotspot

    set hotspot set hotspot Description Configures advanced hotspot settings. Syntax set hotspot advanced-settings activation <activation> Parameters Parameter Description Example set hotspot advanced-settings activation on SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   414...

  • Page 415: Set Hotspot

    set hotspot set hotspot Description Configures advanced hotspot settings. Syntax set hotspot advanced-settings prevent-simultaneous-login <prevent- simultaneous-login> Parameters Parameter Description Example set hotspot advanced-settings prevent-simultaneous-login true SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   415...

  • Page 416: Show Hotspot

    show hotspot show hotspot Shows hotspot configuration. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   416...

  • Page 417: Show Hotspot

    show hotspot show hotspot Description Shows hotspot configuration. Syntax show hotspot Parameters Parameter Description Example show hotspot SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   417...

  • Page 418: Show Hotspot

    show hotspot show hotspot Description Shows hotspot advanced settings configuration. Syntax Shows hotspot advanced-settings Parameters Parameter Description Example Shows hotspot advanced-settings SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   418...

  • Page 419: Https-Categorization

    https-categorization https-categorization SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   419...

  • Page 420: Set Https-Categorization

    set https-categorization set https-categorization Configures HTTPS categorization settings (categorization does not require a full SSL inspection mechanism). SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   420...

  • Page 421: Set Https-Categorization

    set https-categorization set https-categorization Description Configures advanced HTTPS categorization settings. Syntax set https-categorization advanced-settings validate-cert-expiration <validate-cert-expiration> Parameters Parameter Description Example set https-categorization advanced-settings validate-cert-expiration true SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   421...

  • Page 422: Set Https-Categorization

    set https-categorization set https-categorization Description Configures advanced HTTPS categorization settings. Syntax set https-categorization advanced-settings validate-unreachable-crl <validate-unreachable-crl> Parameters Parameter Description Example set https-categorization advanced-settings validate-unreachable-crl true SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   422...

  • Page 423: Set Https-Categorization

    set https-categorization set https-categorization Description Configures advanced HTTPS categorization settings. Syntax set https-categorization advanced-settings validate-crl <validate-crl> Parameters Parameter Description Example set https-categorization advanced-settings validate-crl true SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   423...

  • Page 424: Show Https-Categorization

    show https-categorization show https-categorization Description Shows configuration for HTTPS categorization feature. Syntax show https-categorization advanced-settings Parameters Parameter Description Example show https-categorization advanced-settings SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   424...

  • Page 425: Interface

    interface interface SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   425...

  • Page 426: Add Interface

    add interface add interface Adds a new virtual interface. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   426...

  • Page 427: Add Interface

    add interface add interface Description Adds a new 802.1q tag-based VLAN over an existing physical interface. Syntax add interface <assignment> vlan <vlan> Parameters Parameter Description assignment The switch or bridge which the object belongs to Type: A string that contains [A-Z], [0-9], '_', '.', '-' and '/' characters vlan Enter a number that is the virtual identifier Type: A number with no fractional part (integer)

  • Page 428: Add Interface

    add interface add interface Description Adds a new numbered/unnumbered Virtual Tunnel Interface (VTI) to be used for Route-based VPN purposes. Syntax add vpn tunnel <vpn tunnel> type { unnumbered peer <peer> internet- connection <internet-connection> | numbered local <local> remote <remote> peer <peer> } Parameters Parameter Description...

  • Page 429: Add Interface-Alias

    add interface add interface-alias Description Associate more than one IP address to a network interface. Syntax add interface-alias alias-physical-port <alias-physical-port> [ ipv4-address <ipv4-address> ] [ {mask-length <mask-length. | subnet-mask <subnet-mask> } ] Parameters Parameter Description alias-physical-port The physical port used by the alias network. Separate networks only Type: A string that contains [A-Z], [0-9], ’_’, ’.’, ’-’...

  • Page 430: Delete Interface

    delete interface delete interface Description Deletes an existing virtual interface. Syntax delete interface <name> Parameters Parameter Description name Network name Type: A string that contains [A-Z], [0-9], '_', '.', '-' and '/' characters Example delete interface My_Network SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   430...

  • Page 431: Set Interface

    set interface set interface Configures local networks/interfaces. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   431...

  • Page 432: Set Interface

    set interface set interface Description Configures local networks/interfaces. Syntax set interface <name> ipv4-address <ipv4-address> { subnet-mask <subnet- mask> default-gw <default-gw> [ dns-primary <dns-primary> [ dns- secondary <dns-secondary> [ dns-tertiary <dns-tertiary> ] ] ] | mask- length <mask-length> default-gw <default-gw> [ dns-primary <dns- primary>...
  • Page 433 set interface Example set interface My_Network ipv4-address 192.168.1.100 subnet-mask 255.255.255.0 default-gw 192.168.1.1 dns-primary 192.168.1.1 dns- secondary 192.168.1.2 dns-tertiary 192.168.1.3 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   433...

  • Page 434: Set Interface

    set interface set interface Description Configures IP address for local networks/interfaces. Syntax set interface <name> ipv4-address <ipv4-address>{ mask-length <mask- length> | subnet-mask <subnet-mask> } Parameters Parameter Description ipv4-address Enter the IP address of the interface Type: IP address mask-length Represents the network's mask length Type: A string that contains numbers only name Network name...

  • Page 435: Set Interface

    set interface set interface Description Configures a physical interface to be unassigned from existing networks. Syntax set interface <name> unassigned Parameters Parameter Description name Network name Type: A string that contains [A-Z], [0-9], '_', '.', '-' and '/' characters Example set interface LAN2 unassigned SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   435...

  • Page 436: Set Interface

    set interface set interface Description Configures monitor mode on an existing local network/interface. Syntax set interface <name> monitor-mode Parameters Parameter Description name Network name Type: A string that contains [A-Z], [0-9], '_', '.', '-' and '/' characters Example set interface My_Network monitor-mode SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   436...

  • Page 437: Set Interface

    set interface set interface Description Configures advanced settings on an existing local network/interface. Syntax set interface <name>[ mac-address-override <mac-address-override> ] [ exclude-from-dns-proxy <exclude-from-dns-proxy> ] Parameters Parameter Description exclude-from-dns- proxy Exclude from DNS proxy Options: on, off mac-address-override Override default MAC address Type: MAC address name Network name...

  • Page 438: Set Interface

    set interface set interface Description Configures networking settings on an existing local network/interface. Syntax set interface <name> [ auto-negotiation <auto-negotiation> ] [ mtu <mtu> ] [ link-speed <link-speed>] Parameters Parameter Description auto-negotiation Enable this option in order to manually configure the link speed of the interface. Options: on, off link-speed Configure the link speed of the interface manually...

  • Page 439: Set Interface

    set interface set interface Description Enable/disable an existing local network/interface. Syntax set interface <name> state <state> Parameters Parameter Description name Network name Type: A string that contains [A-Z], [0-9], '_', '.', '-' and '/' characters state The mode of the network - enabled or disabled Options: on, off Example set interface My_Network state on...

  • Page 440: Set Interface

    set interface set interface Description Configures a description for an existing local network/interface. Syntax set interface <name> [ description <description> ] Parameters Parameter Description description Description Type: A string that contains less than 257 characters, of this set: 0-9, a-z or , . - : () @ name Network name Type: A string that contains [A-Z], [0-9], '_', '.', '-' and '/' characters...

  • Page 441: Set Interface

    set interface set interface Description Configures automatic access policy for an existing local network/interface. This feature is relevant when the device is locally managed. Syntax set interface <name> [ lan-access <lan-access> ] [ lan-access-track <lan-access-track> Parameters Parameter Description lan-access Local networks will be accessible from this network once this option is enabled Options: block, accept lan-access-track Traffic from this network to local networks will be logged once this option is enabled...

  • Page 442: Set Interface

    set interface set interface Description Configure hotspot functionality for an existing local network/interface. Syntax set interface <name> hotspot <hotspot> Parameters Parameter Description hotspot Redirect users to the Hotspot portal before allowing access from this interface Options: on, off name Network name Type: A string that contains [A-Z], [0-9], '_', '.', '-' and '/' characters Example set interface My_Network hotspot on...

  • Page 443: Show Interface

    show interface show interface Description Shows configuration and details of local networks. Syntax show interface <name> [ all ] Parameters Parameter Description name Network name Type: A string that contains [A-Z], [0-9], '_', '.', '-' and '/' characters Example show interface My_Network all SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   443...

  • Page 444: Show Interfaces

    show interfaces show interfaces Description Shows the list of defined local networks. Syntax show interfaces Parameters Parameter Description Example show interfaces SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   444...

  • Page 445: Show Interfaces All

    show interfaces all show interfaces all Description Shows details of all defined local networks. Syntax show interfaces all Parameters Parameter Description Example show interfaces all SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   445...

  • Page 446: Interface-Alias

    interface-alias interface-alias add interface-alias Description Associate more than one IP address to a network interface. Syntax add interface-alias alias-physical-port <alias-physical-port> [ ipv4-address <ipv4-address> ] [ {mask-length <mask-length. | subnet-mask <subnet-mask> } ] Parameters Parameter Description alias-physical-port The physical port used by the alias network. Separate networks only Type: A string that contains [A-Z], [0-9], ’_’, ’.’, ’-’...

  • Page 447: Delete Interface-Alias

    delete interface-alias delete interface-alias Description Delete one of multiple IP addresses associated to a network interface. Syntax delete interface-alias <name> Parameters Parameter Description name Network name Type: A string that contains [A-Z], [0-9], ’_’, ’.’, ’-’ and ’/’ characters Example delete interface-alias My_Network SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   447...

  • Page 448: Set Interface-Alias

    set interface-alias set interface-alias Description Configure the settings for an alias IP. Syntax set interface-alias <name> [ ipv4-address <ipv4-address> ] [ { mask-length <mask-length> | subnet-mask <subnet-mask> } ] [ state <state> ] Parameters Parameter Description ipv4 address Enter the IP address of the interface Type: IP address mask-length Represents the network’s mask length Type: A string that contains numbers only name...

  • Page 449: Interface-Bond

    interface-bond interface-bond add interface-bond Description Create a link aggregation (bond) between two or more interfaces (LAN). Syntax add interface-bond slave-port-1 <slave-port-1> slave-port-2 <slave-port-2> [ bond-mode { xor [ bond-hash-policy <bond-hash-policy> ] [ bond-mii-interval <bond-mii-interval> ] | round-robin [ bond-mii-interval <bond-mii-interval> ] | master bond-master <bond-master>...

  • Page 450: Delete Interface-Bond

    delete interface-bond delete interface-bond Delete this text and replace it with your own content. Description Delete a link aggregation (bond) between two or more interfaces. Syntax delete interface <name> Parameters Parameter Description name Network name Type: A string that contains [A-Z], [0-9], ’_’, ’.’, ’-’ and ’/’ characters Example delete interface My_Network SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   450...

  • Page 451: Set Interface-Bond

    set interface-bond set interface-bond Description Configure the settings for an interface bond. Syntax set interface-bond <name> [ bond-mode <bond-mode> ] [ bond-master <bond-master> ] [ bond-mii-interval <bond-mii-interval> ] [ bond-hash-policy <bond-hash- policy> ] Parameters Parameter Description bond-hash-policy The bond hash policy Options: layer2, layer2_3, layer3_4 bond-master The bond Master port...

  • Page 452: Set Interface-Bond

    set interface-bond set interface-bond Description Configure the settings for an internet bond (LAN). Syntax set interface-bond <name> add-member <add-member> Parameters Parameter Description add-member bondPort1 Type: A string that contains [A-Z], [0-9], ’_’, ’.’, ’-’ and ’/’ characters name Network name Type: A string that contains [A-Z], [0-9], ’_’, ’.’, ’-’...

  • Page 453: Set Interface-Bond

    set interface-bond set interface-bond Description Configure the settings for an interface bond (LAN). Syntax set interface-bond <name> remove-member <remove-member> Parameters Parameter Description name Network name Type: A string that contains [A-Z], [0-9], ’_’, ’.’, ’-’ and ’/’ characters remove-member bondPort1 Type: A string that contains [A-Z], [0-9], ’_’, ’.’, ’-’...

  • Page 454: Show Interface-Bond

    show interface-bond show interface-bond Description Show the name of the interface in the bond (LAN). Syntax show interface-bond <name> Parameters Parameter Description name Network name Type: A string that contains [A-Z], [0-9], ’_’, ’.’, ’-’ and ’/’ characters Example show interface-bond <name> SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   454...

  • Page 455: Show Interfaces-Bond

    show interfaces-bond show interfaces-bond Description Show the interfaces in the bond (LAN). Syntax show interfaces-bond Parameters Parameter Description Example show interfaces-bond SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   455...

  • Page 456: Internal-Certificates-Conf

    show interfaces-bond internal-certificates-conf Configure settings for internal certificates. add internal-certificate Description Add an internal certificate. Syntax add internal-certificate certificate-name <certificate-name> p12-password <p12- password> url <url> [ less secure <less-secure> ] Parameters Parameter Description certificate- Informal representation for the Certificate Type: String name Less- Allow connections to SSL sites without certificates.

  • Page 457: Show Internal-Certificate

    show interfaces-bond Syntax delete internal-certificate name <name> Parameters Parameter Description name Name of the internal certificate Type: String Example delete internal-certificate name TEXT show internal-certificate Description Show an internal certificate. Syntax show internal-certificate name <name> Parameters Parameter Description name Name of the internal certificate Type: String Example show internal-certificate name TEXT...
  • Page 458 show interfaces-bond Syntax show internal-certificates Parameters Parameter Description Example show internal-certificates SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   458...

  • Page 459: Ips Engine-Settings

    ips engine-settings ips engine-settings SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   459...

  • Page 460: Set Ips Engine-Settings

    set ips engine-settings set ips engine-settings SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   460...

  • Page 461: Set Ips Engine-Settings

    set ips engine-settings set ips engine-settings Description Configures advanced IPS engine settings. This command configures if and when IPS will deactivate upon high resource consumption of the device. Syntax set ips engine-settings [ protection-scope <protection-scope> ] [ bypass-under-load { true [ bypass-track <bypass-track>] [ gateway-load- thresholds [ cpu-usage-low-watermark <cpu-usage-low-watermark>] [ cpu- usage-high-watermark <cpu-usage-high-watermark>...

  • Page 462: Set Ips Engine-Settings

    set ips engine-settings set ips engine-settings Description Configures advanced IPS engine settings. This command configures a legacy error page shown in some legacy IPS HTTP protections. Syntax set ips engine-settings advanced-settings AboutConfigIPSErrorPageConfig [ status-code-desc <status-code-desc> ] [ show-error-code <show-error- code> ] [ logo-url <logo-url> ] [ send-detailed-status-code <send- detailed-status-code>...

  • Page 463: Set Ips Engine-Settings

    set ips engine-settings set ips engine-settings Description Configures advanced IPS engine settings. This command configures a legacy error page shown in some legacy IPS HTTP protections. Syntax set ips engine-settings advanced-settings AboutConfigIPSErrorPage [ send-error-code <send-error-code>] [ error-page-for-supported-web- protections <error-page-for-supported-web-protections> ] [ url <url> ] Parameters Parameter Description...

  • Page 464: Show Ips Engine-Settings

    show ips engine-settings show ips engine-settings Shows engine settings for the IPS blade. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   464...

  • Page 465: Show Ips Engine-Settings

    show ips engine-settings show ips engine-settings Description Shows engine settings for the IPS blade. Syntax show ips engine-settings Parameters Parameter Description Example show ips engine-settings SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   465...

  • Page 466: Show Ips Engine-Settings

    show ips engine-settings show ips engine-settings Description Shows advanced engine settings for the IPS blade. Syntax show ips engine-settings advanced-settings Parameters Parameter Description Example show ips engine-settings advanced-settings SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   466...

  • Page 467: Interface-Loopback

    interface-loopback interface-loopback SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   467...

  • Page 468: Add Interface-Loopback

    add interface-loopback add interface-loopback Description Adds a new loopback interface (A fixed interface in the system that is commonly used for dynamic routing purposes). Syntax add interface-loopback ipv4-address <ipv4-address> { mask-length <mask- length> | subnet-mask <subnet-mask> } Parameters Parameter Description ipv4-address Enter the IP address of the interface Type: IP address...

  • Page 469: Delete Interface-Loopback

    delete interface-loopback delete interface-loopback Description Deletes an existing configured loopback interface. Syntax delete interface-loopback <name> Parameters Parameter Description name Network name Type: A string that contains [A-Z], [0-9], '_', '.', '-' and '/' characters Example delete interface-loopback My_Network SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   469...

  • Page 470: Internet

    internet internet add internet-connection interface cellular Description Add a new cellular (LTE) internet connection. Syntax add internet-connection interface cellular [apn {VALUE}] [pin {VALUE}] [apn-sim2 {VALUE}] [pin-sim2 {VALUE}] [primary-sim {sim1 | sim2}] [disable-sim {sim1 | sim2 | none}] [name {VALUE}] Parameters Parameter Description APN (Access Point Name) of SIM 1(optional).

  • Page 471: Set Internet

    set internet set internet Description Configures advanced settings for internet connectivity. Syntax set internet advanced-settings reset-sierra-usb-on-lsi-event <reset- sierra-usb-on-lsi-event> Parameters Parameter Description Example set internet advanced-settings reset-sierra-usb-on-lsi-event true set internet-connection {VALUE} type cellular Description Set the values for the cellular (LTE) connection. Syntax set internet-connection {VALUE} type cellular [apn {VALUE}] [pin {VALUE}] [apn- sim2 {VALUE}] [pin-sim2 {VALUE}] [primary-sim {sim1 | sim2}] [disable-sim {sim1...
  • Page 472 set internet Parameter Description disable-sim Allows disabling of one of the SIM cards. name The name of the internet connection. Example set internet-connection Internet1 type cellular apn sim1apn.com pin 1111 apn- sim2 sim2apn.com pin-sim2 2222 disable-sim none primary-sim sim1 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   472...

  • Page 473: Show Internet

    show internet show internet Description Shows advanced settings for configured internet Syntax show internet advanced-settings Parameters Parameter Description Example show internet advanced-settings SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   473...

  • Page 474: Internet-Connection

    internet-connection internet-connection SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   474...

  • Page 475: Add Internet-Connection

    add internet-connection add internet-connection Adds a new internet connection. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   475...

  • Page 476: Add Internet-Connection (Physical Interface)

    add internet-connection (physical interface) add internet-connection (physical interface) Description Adds a new internet connection using an existing physical interface (multiple internet connection can engage in High Availability/Load Sharing). Syntax for DHCP add internet-connection name <name> interface WAN type dhcp Parameters Parameter Description conn-test-timeout...
  • Page 477 add internet-connection (physical interface) Parameters Parameter Description conn-test-timeout Connection test timeout Type: A number with no fractional part (integer) interface Interface name Type: Press TAB to see available options default-gw WAN default gateway (in the advanced section of PPTP and l2TP) Type: IP address dns-primary First DNS server IP address...
  • Page 478 add internet-connection (physical interface) add internet-connection name <name> interface WAN type l2tp server <server> password <password> username <username> { local-ipv4-address <local-ipv4-address> wan-ipv4-address <wan-ipv4-address> wan-mask- length <wan-mask-length> add internet-connection name <name>interface WAN type l2tp server <server> password <password> username <username> { local-ipv4-address <local-ipv4-address>...
  • Page 479 add internet-connection (physical interface) Parameter Description username User name for PPP connection settings Type: A string that contains all printable characters but a single or double quote- like <username> <ISP> characters. Usually vlan-id VLAN ID Type: A number with no fractional part (integer) wan-ipv4- Wan IP address wrapper address...
  • Page 480 add internet-connection (physical interface) Parameter Description password Password for PPP connection settings Type: internetPassword password- The hash of the user password hash Type: passwordHash type Connection type Type: Press TAB to see available options username User name for PPP connection settings Type: A string that contains all printable characters but a single or double quote- like <username>...

  • Page 481: Adsl

    add internet-connection (physical interface) Parameter Description Unnumbered PPPoE lets you manage a range of IP addresses and dial only once unnumbered- Type: Boolean (true/false) pppoe local-ipv4- Local tunnel IP address or Auto for automatic address Type: An IP address, or 'auto' name Connection name Type: A string that contains [A-Z], [0-9], '-', '@', '.', '_' and space characters...
  • Page 482 add internet-connection (physical interface) Parameters Parameter Description conn-test-timeout Connection test timeout Type: A number with no fractional part (integer) encapsulation Encapsulation type for the ADSL connection Options: llc, vcmux interface Interface name Type: Press TAB to see available options name Connection name Type: A string that contains [A-Z], [0-9], '-', '@', '.', '_' and space characters standard...
  • Page 483 add internet-connection (physical interface) Parameter Description encapsulation Encapsulation type for the ADSL connection Options: llc, vcmux interface Interface name Type: Press TAB to see available options Unnumbered PPPoE lets you manage a range of IP addresses and dial only once unnumbered- Type: Boolean (true/false) pppoe...
  • Page 484 add internet-connection (physical interface) add internet-connection name <name> interface ADSLtype pppoe username <username> password <password> { encapsulation <encapsulation> is- unnumbered-pppoe <is-unnumbered-pppoe> local-ipv4-address <local-ipv4- address> vci <vci> vpi <vpi>} { encapsulation <encapsulation> vci <vci> vpi <vpi>} { conn-test-timeout <conn-test-timeout> standard <standard>} Parameters Parameter Description...

  • Page 485: Dsl

    add internet-connection (physical interface) Parameter Description VPI value for the ADSL connection Type: A number between 0 and 255 Syntax for IPoE Dynamic add internet-connection name <name> interface DSL type ipoe-dynamic Parameters Parameter Description conn-test-timeout Connection test timeout Type: A number with no fractional part (integer) encapsulation Encapsulation type for the ADSL connection Options: llc, vcmux...
  • Page 486 add internet-connection (physical interface) add internet-connection name <name> interface DSL type ipoe-static default-gw <default-gw> ipv4-address <ipv4-address> subnet-mask VALUE { dns-primary <dns-primary> dns-secondary <dns-secondary> dns-tertiary <dns-tertiary> } Parameters Parameter Description conn-test-timeout Connection test timeout Type: A number with no fractional part (integer) default-gw WAN default gateway (in the advanced section of PPTP and l2TP) Type: IP address...
  • Page 487 add internet-connection (physical interface) Parameter Description VCI value for the ADSL connection Type: A number between 0 and 65535 vlan-id VLAN ID Type: A number with no fractional part (integer) VPI value for the ADSL connection Type: A number between 0 and 255 Syntax for PPPoE add internet-connection name <name>...

  • Page 488: Dmz

    add internet-connection (physical interface) Parameter Description password Password for PPP connection settings Type: internetPassword password- The hash of the user password hash Type: passwordHash type Connection type Type: Press TAB to see available options username User name for PPP connection settings Type: A string that contains all printable characters but a single or double quote- like <username>...
  • Page 489 add internet-connection (physical interface) Parameter Description type Connection type Type: Press TAB to see available options vlan-id VLAN ID Type: A number with no fractional part (integer) Syntax for Static IP add internet-connection name <name> interface DMZ type static default- gw <default-gw>...
  • Page 490 add internet-connection (physical interface) Parameter Description name Connection name Type: A string that contains [A-Z], [0-9], '-', '@', '.', '_' and space characters subnet-mask Subnet mask Type: A subnet mask, or 255.255.255.255 type Connection type Type: Press TAB to see available options vlan-id VLAN ID Type: A number with no fractional part (integer)
  • Page 491 add internet-connection (physical interface) Parameter Description local-ipv4- Local tunnel IP address or Auto for automatic address Type: An IP address, or 'auto' name Connection name Type: A string that contains [A-Z], [0-9], '-', '@', '.', '_' and space characters password Password for PPP connection settings Type: internetPassword password-...
  • Page 492 add internet-connection (physical interface) Parameters Parameter Description conn-test- Connection test timeout timeout Type: A number with no fractional part (integer) interface Interface name Type: Press TAB to see available options Unnumbered PPPoE lets you manage a range of IP addresses and dial only once unnumbered- Type: Boolean (true/false) pppoe...
  • Page 493 add internet-connection (physical interface) add internet-connection name <name> interface DMZ type pptp server <server> password <password> username <username> { local-ipv4-address <local-ipv4-address> wan-ipv4-address <wan-ipv4-address> wan-subnet- mask <wan-subnet-mask> default-gw <default-gw>} { is-unnumbered-pppoe <is-unnumbered-pppoe> local-ipv4-address <local-ipv4-address>} Parameters Parameter Description conn-test- Connection test timeout timeout Type: A number with no fractional part (integer) interface...
  • Page 494 add internet-connection (physical interface) Parameter Description name Connection name Type: A string that contains [A-Z], [0-9], '-', '@', '.', '_' and space characters password Password for PPP connection settings Type: internetPassword password- The hash of the user password hash Type: passwordHash server Server IP address Type: IP address...
  • Page 495 add internet-connection (physical interface) Example add internet-connection name My connection interface WAN true vlan-id - 1000000 type static ipv4-address 192.168.1.1 subnet-mask 255.255.255.0 default-gw 192.168.1.1 dns-primary 192.168.1.1 dns-secondary 192.168.1.1 dns-tertiary 192.168.1.1 conn-test-timeout -1000000 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   495...

  • Page 496: Add Internet-Connection (3G/4G Modem)

    add internet-connection (3G/4G modem) add internet-connection (3G/4G modem) Description Adds a new internet connection using an external 3G/4G modem connected directly to the appliance (multiple internet connection can engage in High Availability/Load Sharing). Syntax USB: add internet-connection name <name> typeanalog use-serial-portfalse number <number>...
  • Page 497 add internet-connection (3G/4G modem) Parameter Description password Password for PPP connection settings Type: internetPassword password- The hash of the user password hash Type: passwordHash port-speed Port speed (serial port settings) Options: 9600, 19200, 38400, 57600, 115200, 230400 type Connection type Type: Press TAB to see available options use-serial- Use serial port...

  • Page 498: Delete Internet-Connection

    delete internet-connection delete internet-connection Deletes an existing internet connection or internet connection related configuration. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   498...

  • Page 499: Delete Internet-Connection

    delete internet-connection delete internet-connection Description Deletes an existing internet connection by name. Syntax delete internet-connection <name> Parameters Parameter Description name Connection name Type: A string that contains [A-Z], [0-9], '-', '@', '.', '_' and space characters Example delete internet-connection My connection SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   499...

  • Page 500: Deleter Internet-Connection

    deleter internet-connection deleter internet-connection Description Deletes an existing internet connection's ping servers, configured for connection health monitoring. Syntax delete internet-connection <name> probe-icmp-servers [ first ] [ second ] [ third ] Parameters Parameter Description name Connection name Type: A string that contains [A-Z], [0-9], '-', '@', '.', '_' and space characters Example delete internet-connection My connection probe-icmp-servers first second third...

  • Page 501: Delete Internet-Connections

    delete internet-connections delete internet-connections Description Deletes all existing internet connections. Syntax delete internet-connections Parameters Parameter Description Example delete internet-connections SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   501...

  • Page 502: Set Internet-Connection

    set internet-connection set internet-connection Configures internet connections settings. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   502...

  • Page 503: Set Internet-Connection

    set internet-connection set internet-connection Description Configures an existing internet connection. Syntax set internet-connection <name>[ auto-negotiation <auto-negotiation> ] [ link-speed <link-speed> ] [ mtu <mtu>] [ mac-addr <mac-addr> ] Parameters Parameter Description auto-negotiation Disable auto negotiation and manually define negotiation link speed Options: on, off link-speed Link speed...

  • Page 504: Set Internet-Connection

    set internet-connection set internet-connection Description Configures advanced settings for an existing internet connection. Syntax set internet-connection <name> connect-on-demand <connect-on-demand> Parameters Parameter Description connect-on-demand Holds the status of the connect on demand feature Type: Boolean (true/false) name Connection name Type: A string that contains [A-Z], [0-9], '-', '@', '.', '_' and space characters Example set internet-connection My connection connect-on-demand true SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   504...

  • Page 505: Set Internet-Connection

    set internet-connection set internet-connection Description Enable/Disable an existing internet connection. Syntax set internet-connection <name> { enable | disable } Parameters Parameter Description name Connection name Type: A string that contains [A-Z], [0-9], '-', '@', '.', '_' and space characters state Connection enabled/disabled Type: Boolean (true/false) Example...

  • Page 506: Set Internet-Connection

    set internet-connection set internet-connection Description Configures advanced settings for an existing internet connection. Download bandwidth details allow QoS blade to run on this internet connection in locally/SMP managed mode and when managed using an LSM profile. Syntax set internet-connection <name> qos-download { true [ bandwidth <bandwidth>...

  • Page 507: Set Internet-Connection

    set internet-connection set internet-connection Description Configures advanced settings for an existing internet connection. Upload bandwidth details allow QoS blade to run on this internet connection in locally/SMP managed mode and when managed using an LSM profile. Syntax set internet-connection <name> qos-upload { true [ bandwidth <bandwidth>...

  • Page 508: Set Internet-Connection

    set internet-connection set internet-connection Description Configure hide NAT behavior on an existing internet connection. It is possible to disable hide-NAT from a specific internet connection. Syntax set internet-connection <name> disable-nat <disable-nat> Parameters Parameter Description disable- Disable NAT(Network Address Translation) for traffic going through this Internet connection Type: Boolean (true/false) name...

  • Page 509: Set Internet-Connection

    set internet-connection set internet-connection Description Configures multiple ISP settings for an existing internet connection. Syntax set internet-connection <name> ha-priority <ha-priority> load- balancing-weight <load-balancing-weight> Parameters Parameter Description ha-priority Priority of the connection in HA Type: A number with no fractional part (integer) load-balancing-weight Internet connection weight for load balancing configuration Type: A number with no fractional part (integer)

  • Page 510: Set Internet-Connection

    set internet-connection set internet-connection Description Configures advanced settings for an existing internet connection. It is possible to remove a configured internet connection from being used as a default route, making it available for traffic through manual/dynamic routing rules. Syntax set internet-connection <name> route-traffic-through-default-gateway <route-traffic-through-default-gateway>...

  • Page 511: Set Internet-Connection

    set internet-connection set internet-connection Description Configures settings for an existing internet connection. Syntax set internet-connection <name>type { dhcp | pptp username <username> { password <password> | password-hash <password-hash> } [ local-ipv4- address <local-ipv4-address> ] [ is-unnumbered-pppoe <is-unnumbered- pppoe> ] server <server> [ local-ipv4-address <local-ipv4-address> ] [ wan-ipv4-address <wan-ipv4-address>...
  • Page 512 set internet-connection Parameter Description local-ipv4- Local tunnel IP address or Auto for automatic address Type: An IP address, or 'auto' mask-length Subnet mask length Type: A string that contains numbers only name Connection name Type: A string that contains [A-Z], [0-9], '-', '@', '.', '_' and space characters password Password for PPP connection settings Type: internetPassword...

  • Page 513: Set Internet-Connection

    set internet-connection set internet-connection Description Configures advanced settings for an existing internet connection. Syntax set internet-connection <name> type { pppoa username <username> { password <password> | password-hash <password-hash> } [ local-ipv4- addres <local-ipv4-address> ] [ is-unnumbered-pppoe <is-unnumbered- pppoe> ] [ vpi <vpi> ] [ vci <vci> ] [ encapsulation <encapsulation> ] | eoa } Parameters Parameter...
  • Page 514 set internet-connection Parameter Description VPI value for the ADSL connection Type: A number between 0 and 255 Example set internet-connection My connection type pppoe username MyUsername@MyISP password internetPassword local-ipv4-address auto is- unnumbered-pppoe true vpi 42 vci 42 encapsulation llc SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   514...

  • Page 515: Set Internet-Connection

    set internet-connection set internet-connection Description Configures advanced settings for an existing internet connection. This command is available only for hardware that contains a DSL port. Syntax set internet-connection <name> type { pppoa [ method <method> ] [ idle- time <idle-time> ] [ standard <standard> ] | eoa [ vpi <vpi> ] [ vci <vci>...
  • Page 516 set internet-connection Parameter Description wan-ipv4-address Wan IP address wrapper Type: An IP address, or 'auto' wan-mask-length WAN subnet mask length Type: A string that contains numbers only wan-subnet-mask WAN subnet mask (in the advanced section) Type: Subnet mask Example set internet-connection My connection type pppoa method auto idle-time -1000000 standard multimode SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   516...

  • Page 517: Set Internet-Connection

    set internet-connection set internet-connection Description Configures advanced settings for an existing internet connection. This command is available only for hardware that contains a DSL port. Syntax set internet-connection <name> type { pppoe [ username <username> ] [ { password <password> | password-hash <password-hash> } ] [ [ { use- connection-as-vlan } vlan-id <vlan-id>...
  • Page 518 set internet-connection Parameter Description is-unnumbered- Unnumbered PPPoE lets you manage a range of IP addresses and dial only pppoe once Type: Boolean (true/false) isVlan isVlan Type: Boolean (true/false) local-ipv4-address Local tunnel IP address or Auto for automatic Type: An IP address, or 'auto' mask-length Subnet mask length Type: A string that contains numbers only...
  • Page 519 set internet-connection Parameter Description vlan-id VLAN ID Type: A number with no fractional part (integer) VPI value for the ADSL connection Type: A number between 0 and 255 Example set internet-connection My connection type pppoe username MyUsername@MyISP password internetPassword true vlan-id -1000000 local- ipv4-address auto is-unnumbered-pppoe true vpi 42 vci 42 encapsulation llc method auto idle-time -1000000 standard multimode SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   519...

  • Page 520: Set Internet-Connection

    set internet-connection set internet-connection Description Configures settings for an existing internet connection. Syntax set internet-connection <name>type { cellular number <number> [ username <username> { password <password> | password-hash <password- hash> } ] [ apn <apn> ] } Parameters Parameter Description APN (cellular modem settings) Type: A string that contains [a-z], [0-9], '-' and '.' characters name...

  • Page 521: Set Internet-Connection

    set internet-connection set internet-connection Description Configures health monitoring settings for an existing internet connection. Syntax set internet-connection <name> probe-next-hop <probe-next-hop> [ probe- servers <probe-servers> ][ probing-method <probing-method> ] Parameters Parameter Description name Connection name Type: A string that contains [A-Z], [0-9], '-', '@', '.', '_' and space characters probe-next- Automatically detect loss of connectivity to the default gateway Type: Boolean (true/false)

  • Page 522: Set Internet-Connection

    set internet-connection set internet-connection Description Configures health monitoring settings for an existing internet connection. Syntax set internet-connection < name> { probe-icmp-servers } first <first> [ second <second> ] [ third <third> ] Parameters Parameter Description first First IP address for the probing method (when using connection monitoring) Type: An IP address or host name name Connection name...

  • Page 523: Show Internet-Connection

    show internet-connection show internet-connection Shows configuration and details of defined internet connections. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   523...

  • Page 524: Show Internet-Connection

    show internet-connection show internet-connection Description Shows configuration and details of a defined internet connection. Syntax show internet-connection <name> Parameters Parameter Description name Connection name Type: A string that contains [A-Z], [0-9], '-', '@', '.', '_' and space characters Example show internet-connection My connection SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   524...

  • Page 525: Show Internet-Connection

    show internet-connection show internet-connection Description Shows configured ping servers for health monitoring of defined internet connection. Syntax show internet-connection <name> icmp-servers Parameters Parameter Description name Connection name Type: A string that contains [A-Z], [0-9], '-', '@', '.', '_' and space characters Example show internet-connection My connection icmp-servers SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   525...

  • Page 526: Show Internet-Connections

    show internet-connections show internet-connections Description Shows details and configuration of all internet connections. Syntax show internet-connections Parameters Parameter Description Example show internet-connections SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   526...

  • Page 527: Show Internet-Connections Table

    show internet-connections table show internet-connections table Description Shows details and configuration of all internet connections in a table. Syntax show internet-connections table Parameters Parameter Description Example show internet-connections table SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   527...

  • Page 528: Internet-Connection-Bond

    internet-connection-bond internet-connection-bond delete internet-connection-bond Description Delete a link aggregation (bond) between two or more interfaces (WAN). Syntax delete internet-connection-bond <name> Parameters Parameter Description name Connection name Type: A string that contains [A-Z], [0-9], ’-’, ’@’, ’.’, ’_’ and space characters Example delete internet-connection-bond My connection SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   528...

  • Page 529: Set Internet-Connection-Bond

    set internet-connection-bond set internet-connection-bond Description Configure a link aggregation (bond) between two or more interfaces (WAN). Syntax set internet-connection-bond <name> [ bond-mode <bond-mode> ] [ bond-mii- interval <bond-mii-interval> ] [ bond-hash-policy <bond-hash-policy> ] [ bond- master <bond-master> ] Parameters Parameter Description bond-hash-policy The bond hash policy...

  • Page 530: Set Internet-Connection-Bond

    set internet-connection-bond set internet-connection-bond Description Configure a link aggregation (bond) between two or more interfaces (WAN). Syntax set internet-connection-bond <name> add-member <add-member> Parameters Parameter Description add-member bondPort1 Type: Type: A string that contains [A-Z], [0-9], ’_’, ’.’, ’-’ and ’/’ characters name Connection name Type: A string that contains [A-Z], [0-9], ’-’, ’@’, ’.’, ’_’...

  • Page 531: Set Internet-Connection-Bond

    set internet-connection-bond set internet-connection-bond Description Configure a link aggregation (bond) between two or more interfaces (WAN). Syntax set internet-connection-bond <name> remove-member <remove-member> Parameters Parameter Description name Connection name Type: A string that contains [A-Z], [0-9], ’-’, ’@’, ’.’, ’_’ and space characters remove-member List of interfaces that are part of the WAN link aggregation (Bond) Type: String...

  • Page 532: Show Internet-Connection-Bond

    show internet-connection-bond show internet-connection-bond Description Show the link aggregation (bond) between two or more interfaces. (WAN). Syntax show internet-connection-bond <name> Parameters Parameter Description name Connection name Type: A string that contains [A-Z], [0-9], ’-’, ’@’, ’.’, ’_’ and space characters Example show internet-connection-bond My connection SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   532...

  • Page 533: Show Internet-Connections-Bond

    show internet-connections-bond show internet-connections-bond Description Show the link aggregations (bond) between two or more interfaces (WAN). Syntax show internet-connections-bond Parameters Parameter Description Example show internet-connections-bond SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   533...

  • Page 534: Internet Mode

    internet mode internet mode SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   534...

  • Page 535: Set Internet Mode

    set internet mode set internet mode Description Configures multiple ISP internet connections behavior. Determines whether traffic will be distributed automatically across the defined active Internet connections according to the configured load balancing weights or use the default High Availability behavior based on priorities of each internet connection. Syntax set internet mode { load-balancing | high-availability } Parameters...

  • Page 536: Show Internet Mode

    show internet mode show internet mode Description Shows multiple internet connections mode (High Availability or Load Sharing. Syntax show internet mode Parameters Parameter Description Example show internet mode SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   536...

  • Page 537: Ip-Fragments-Params

    ip-fragments-params ip-fragments-params SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   537...

  • Page 538: Set Ip-Fragments-Params

    set ip-fragments-params set ip-fragments-params Configures how the appliance handles IP fragments. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   538...

  • Page 539: Set Ip-Fragments-Params

    set ip-fragments-params set ip-fragments-params Description Configures how the appliance handles IP fragments. Syntax set ip-fragments-params advanced-settings minsize <minsize> Parameters Parameter Description Example set ip-fragments-params advanced-settings minsize 150 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   539...

  • Page 540: Set Ip-Fragments-Params

    set ip-fragments-params set ip-fragments-params Description Configures how the appliance handles IP fragments. Syntax set ip-fragments-params advanced-settings config [ track <track> ] [ limit <limit> ] [ advanced-state <advanced-state> ] [ timeout <timeout> ] [ pkt-cap <pkt-cap> ] Parameters Parameter Description Example set ip-fragments-params advanced-settings config track none limit 150 advanced-state forbid timeout 15 pkt-cap true...

  • Page 541: Show Ip-Fragments-Params

    show ip-fragments-params show ip-fragments-params Description Shows configuration of IP fragments handling. Syntax show ip-fragments-params advanced-settings Parameters Parameter Description Example show ip-fragments-params advanced-settings SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   541...

  • Page 542: Ipv6-State

    ipv6-state ipv6-state SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   542...

  • Page 543: Set Ipv6-State

    set ipv6-state set ipv6-state Description Enable the IPv6 mode of the appliance. Syntax set ipv6-state Parameters Parameter Description Example set ipv6-state SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   543...

  • Page 544: Show Ipv6-State

    show ipv6-state show ipv6-state Description Show if the IPv6 mode of the appliance is enabled or disabled. Syntax show ipv6-state Parameters Parameter Description Example show ipv6-state SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   544...

  • Page 545: License

    license license SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   545...

  • Page 546: Fetch License

    Fetches a license from one of these locations: <file_name> Local gateway - There is an option to specify the file name with the parameter. User Center at Check Point <file_name> USB device - There is an option to specify the file name with the parameter.

  • Page 547: Show License

    show license show license Description Shows current license state. Syntax show license Parameters Parameter Description Example show license Output Current license state SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   547...

  • Page 548: Local-Group

    local-group local-group SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   548...

  • Page 549: Add Local-Group

    add local-group add local-group Description Adds a new group for user objects. Syntax add local-group name <name> [ comments <comments> ] [ remote-access-on <remote-access-on> ] Parameters Parameter Description comments Comments Type: A string that contains less than 257 characters, of this set: 0-9, a-z or , . - : () @ name Local group name Type: A string that begins with a letter and contain up to 32 alphanumeric (0-9, a-z, _ -...

  • Page 550: Delete Local-Group

    delete local-group delete local-group Deletes an existing group object for user objects. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   550...

  • Page 551: Delete Local-Group

    delete local-group delete local-group Description Deletes an existing group object for user objects by group object name. Syntax delete local-group name <name> Parameters Parameter Description name Local group name Type: A string that begins with a letter and contain up to 32 alphanumeric (0-9, a-z, _ - .) characters without spaces Example delete local-group name myObject_17...

  • Page 552: Delete Local-Group

    delete local-group delete local-group Description Deletes all existing group objects for user objects. Syntax delete local-group all Parameters Parameter Description Example delete local-group all SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   552...

  • Page 553: Set Local-Group

    set local-group set local-group Configures an existing user group object. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   553...

  • Page 554: Set Local-Group

    set local-group set local-group Description Configures an existing user group object. Syntax set local-group name <name> [ new-name <new-name> ] [ comments <comments> ] [ remote-access-on <remote-access-on> ] Parameters Parameter Description comments Comments Type: A string that contains less than 257 characters, of this set: 0-9, a-z or , . - : () @ name Local group name Type: A string that begins with a letter and contain up to 32 alphanumeric (0-9, a-z, _ -...

  • Page 555: Set Local-Group

    set local-group set local-group Description Adds a bookmark to be shown in the SNX landing page to an existing user group object. This is relevant only if users in this group have VPN remote access privileges. Syntax set local-group name <name> add bookmark label <bookmark label> Parameters Parameter Description...

  • Page 556: Set Local-Group

    set local-group set local-group Description Removes a bookmark from being shown in the SNX landing page to an existing user group object. This is relevant only if users in this group have VPN remote access privileges. Syntax set local-group name <name> remove bookmark label <bookmark label> Parameters Parameter Description...

  • Page 557: Show Local-Group

    show local-group show local-group Description Shows the content of a user group object. Syntax show local-group name <name> Parameters Parameter Description name Local group name Type: A string that begins with a letter and contain up to 32 alphanumeric (0-9, a-z, _ - .) characters without spaces Example show local-group name myObject_17...

  • Page 558: Show Local-Groups

    show local-groups show local-groups Description Shows the content of all user group objects. Syntax show local-groups Parameters Parameter Description Example show local-groups SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   558...

  • Page 559: Set Local-Group Users

    set local-group users set local-group users Configures an existing user group object. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   559...

  • Page 560: Set Local-Group Users

    set local-group users set local-group users Description Adds a user to an existing user group object. Syntax set local-group users name <name> add user-name <user-name> Parameters Parameter Description name Local group name Type: A string that begins with a letter and contain up to 32 alphanumeric (0-9, a-z, _ - .) characters without spaces user- User's name in the local database...

  • Page 561: Set Local-Group Users

    set local-group users set local-group users Description Removes a user from an existing user group object. Syntax set local-group users name <name> remove user-name <user-name> Parameters Parameter Description name Local group name Type: A string that begins with a letter and contain up to 32 alphanumeric (0-9, a-z, _ - .) characters without spaces user- User's name in the local database...

  • Page 562: Local-User

    local-user local-user SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   562...

  • Page 563: Add Local-User

    add local-user add local-user Description Adds a new locally defined user object and configure its VPN remote access permissions. Syntax add local-user name <name> { password-hash <password-hash> | password <password> } [ comments <comments> ] [ remote-access-always-on <remote- access-always-on> ] [ is-temp-user { true expiration-date <expiration- date>...
  • Page 564 add local-user Example add local-user name admin password-hash TZXPLs20bN0RA comments "This is a comment." remote-access-always-on true is-temp-user true expiration- date 2000-01-01 expiration-time 23:20 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   564...

  • Page 565: Delete Local-User

    delete local-user delete local-user Deletes an existing locally defined user object. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   565...

  • Page 566: Delete Local-User

    delete local-user delete local-user Description Deletes an existing locally defined user object by user name. Syntax delete local-user name <name> Parameters Parameter Description name User's name in the local database Type: A string that contains (0-9, a-z, - . @) up to 64 characters without spaces Example delete local-user name admin SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   566...

  • Page 567: Delete Local-User

    delete local-user delete local-user Description Deletes all existing locally defined user objects by user name. Syntax delete local-user all Parameters Parameter Description Example delete local-user all SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   567...

  • Page 568: Set Local-User

    set local-user set local-user Configures an existing user object. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   568...

  • Page 569: Set Local-User

    set local-user set local-user Description Configures an existing user object. Syntax set local-user name <name> [ new-name <new-name> ] [ { password-hash <password-hash> | password <password> } ] [ comments < comments> ] [ remote-access-always-on <remote-access-always-on> ] [ is-temp-user { true expiration-date <expiration-date>...
  • Page 570 set local-user Example set local-user name admin new-name admin password-hash TZXPLs20bN0RA comments "This is a comment." remote-access-always-on true is-temp-user true expiration-date 2000-01-01 expiration-time 23:20 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   570...

  • Page 571: Set Local-User

    set local-user set local-user Description Adds a bookmark to be shown in the SNX landing page to an existing user. This is relevant only if the user has VPN remote access privileges. Syntax set local-user name <name> add bookmark label <bookmark label> Parameters Parameter Description...

  • Page 572: Set Local-User

    set local-user set local-user Description Removes a bookmark from being shown in the SNX landing page to an existing user. This is relevant only if the user has VPN remote access privileges. Syntax set local-user name <name> remove bookmark label <bookmark label> Parameters Parameter Description...

  • Page 573: Show Local-User

    show local-user show local-user Description Shows the configuration of a locally defined user. Syntax show local-user name <name> Parameters Parameter Description name User's name in the local database Type: A string that contains (0-9, a-z, - . @) up to 64 characters without spaces Example show local-user name admin SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   573...

  • Page 574: Show Local-Users

    show local-users show local-users Description Shows all locally defined users. Syntax show local-users Parameters Parameter Description Example show local-users SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   574...

  • Page 575: Local-Users Expired

    local-users expired local-users expired SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   575...

  • Page 576: Delete Local-Users Expired

    delete local-users expired delete local-users expired Description Deletes all expired locally defined user objects from the database. Syntax delete local-users expired Parameters Parameter Description Example delete local-users expired SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   576...

  • Page 577: Show Local-Users Expired

    show local-users expired show local-users expired Description Shows all expired locally defined users. Syntax show local-users expired Parameters Parameter Description Example show local-users expired SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   577...

  • Page 578: Show Logs

    show logs show logs Description Shows system and kernel logs. Syntax show logs {system|kernel} Parameters Parameter Description Example show logs kernel SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   578...

  • Page 579: Log-Servers-Configuration

    log-servers-configuration log-servers-configuration SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   579...

  • Page 580: Set Log-Servers-Configuration

    set log-servers-configuration set log-servers-configuration Description Configures external log servers for a locally managed device. Syntax set log-servers-configuration mgmt-server-ip-addr <mgmt-server-ip-addr> [ log-server-ip-addr < log-server-ip-addr> ] sic-name <sic-name> one-time-password <one-time-password> [ external-log-server-enable <external-log-server-enable> ] Parameters Parameter Description external-log- Determine if an external log server is active server- enable Type: Boolean (true/false) log-server-ip-...

  • Page 581: Show Log-Servers-Configuration

    show log-servers-configuration show log-servers-configuration Description Shows external log server configuration. Syntax show log-servers-configuration Parameters Parameter Description Example show log-servers-configuration SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   581...

  • Page 582: Maas

    maas maas connect maas Description Connect to Management as a Service (MaaS) to manage policy, log analysis, and reporting log retention. Syntax connect maas auth-token <auth-token> Parameters Parameter Description auth-token Authentication token is used for connecting to MAAS Type: base64 Example connect maas auth-token base64 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   582...

  • Page 583: Set Maas

    set maas set maas Description Configure the settings for Management as a Service (MaaS). Syntax set maas mode <mode> Parameters Parameter Description mode Connection to MAAS mode Options: enable, disable, stop-using Example set maas mode enable SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   583...

  • Page 584: Show Maas

    show maas show maas Description Show if connected to Management as a Service (MaaS). Syntax show maas Parameters Parameter Description Example show maas SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   584...

  • Page 585: Mac-Filtering-List

    mac-filtering-list mac-filtering-list SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   585...

  • Page 586: Add Mac-Filtering-List

    add mac-filtering-list add mac-filtering-list Description Add a MAC address to the list of addresses allowed to access LAN/DMZ networks. Syntax add mac-filtering-list mac <mac> Parameters Parameter Description MAC address to allow Type: MAC address Example add mac-filtering-list mac 00:1C:7F:21:05:BE SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   586...

  • Page 587: Delete Mac-Filtering-List

    delete mac-filtering-list delete mac-filtering-list Description Delete a MAC address from the list of addresses allowed to access LAN/DMZ networks. Syntax delete mac-filtering-list mac <mac> Parameters Parameter Description MAC address to allow Type: MAC address Example delete mac-filtering-list mac 00:1C:7F:21:05:BE SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   587...

  • Page 588: Show Mac-Filtering-List

    show mac-filtering-list show mac-filtering-list Description Show the MAC addresses that are allowed to access LAN/DMZ networks. Syntax show mac-filtering-list Parameters Parameter Description Example show mac-filtering-list SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   588...

  • Page 589: Mac-Filtering-Settings

    mac-filtering-settings mac-filtering-settings SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   589...

  • Page 590: Set Mac-Filtering Settings

    set mac-filtering settings set mac-filtering settings Configure the settings for MAC filtering. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   590...

  • Page 591: Set Mac-Filtering-Settings

    set mac-filtering-settings set mac-filtering-settings Description Configure the settings for MAC filtering. Syntax set mac-filtering-settings state <state> Parameters Parameter Description state MAC filtering state Options: on, off Example set mac-filtering-settings state on SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   591...

  • Page 592: Set Mac-Filtering Settings

    set mac-filtering settings set mac-filtering settings Description Configure the settings for MAC filtering. Syntax set mac-filtering-settings advanced-settings log-activation <log- activation> Parameters Parameter Description Example set mac-filtering-settings advanced-settings log-activation on SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   592...

  • Page 593: Set Mac-Filtering Settings

    set mac-filtering settings set mac-filtering settings Description Configure the settings for MAC filtering. Syntax set mac-filtering-settings advanced-settings log-interval <log- interval> Parameters Parameter Description Example set mac-filtering-settings advanced-settings log-interval -1000000 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   593...

  • Page 594: Show Mac-Filtering-Settings

    show mac-filtering-settings show mac-filtering-settings Show the settings for MAC filtering. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   594...

  • Page 595: Show Mac-Filtering-Settings

    show mac-filtering-settings show mac-filtering-settings Description Show the settings for MAC filtering. Syntax show mac-filtering-settings Parameters Parameter Description Example show mac-filtering-settings SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   595...

  • Page 596: Show Mac-Filtering-Settings

    show mac-filtering-settings show mac-filtering-settings Description Show the advanced settings for MAC filtering. Syntax show mac-filtering-settings advanced-settings Parameters Parameter Description Example show mac-filtering-settings advanced-settings SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   596...

  • Page 597: Set Mobile-Settings

    set mobile-settings set mobile-settings Description Configure settings for a mobile device. In this case, for when the pairing code expires. Syntax set mobile-settings advanced-settings pairing-code-expiration <pairing- code-expiration> Parameters Parameter Description Example set mobile-settings advanced-settings pairing-code-expiration -1000000 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   597...

  • Page 598: Set Mobile-Settings

    set mobile-settings set mobile-settings Description Configure settings for a mobile device. Syntax set mobile-settings advanced-settings not-cloud-server <not-cloud- server> Parameters Parameter Description Example set mobile-settings advanced-settings not-cloud-server urlv6 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   598...

  • Page 599: Show Mobile-Settings

    show mobile-settings show mobile-settings Description Show configured advanced settings for a mobile device. Syntax show mobile-settings advanced-settings Parameters Parameter Description Example show mobile-settings advanced-settings SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   599...

  • Page 600: Mobile-Device

    mobile-device mobile-device revoke mobile-device Description Remove mobile device from the list of associated devices. Syntax revoke mobile-device id <id> Parameters Parameter Description Type: A number with no fractional part (Integer) Example revoke mobile-device id -1000000 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   600...

  • Page 601: Mobile-Settings

    mobile-settings mobile-settings These commands are relevant for mobile settings. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   601...

  • Page 602: Set Mobile-Settings

    set mobile-settings set mobile-settings Description Configure settings for a mobile device. In this case, for when the pairing code expires. Syntax set mobile-settings advanced-settings pairing-code-expiration <pairing- code-expiration> Parameters Parameter Description pairing-code-expiration Number of hours until the pairing code expires. Example set mobile-settings advanced-settings pairing-code-expiration 1 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   602...

  • Page 603: Set Mobile-Settings

    set mobile-settings set mobile-settings Description Configure settings for a mobile device. Syntax set mobile-settings advanced-settings not-cloud-server <not-cloud- server> Parameters Parameter Description not-cloud-server Notification server URL - URL for the cloud service that pushes the notifications. Example set mobile-settings advanced-settings not-cloud-server urlv6 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   603...

  • Page 604: Show Mobile-Settings

    show mobile-settings show mobile-settings Description Show configured advanced settings for a mobile device. Syntax show mobile-settings advanced-settings Parameters Parameter Description Example show mobile-settings advanced-settings SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   604...

  • Page 605: Mobile-Invitation

    mobile-invitation mobile-invitation add mobile-invitation Description Invitation for a new mobile device. Syntax add mobile-invitation administrator name <administrator name> Parameters Parameter Description administrator name Administrator Name Type: A string that contains [A-Z], [0-9], and ’_’ characters Example add mobile-invitation administrator name admin show mobile-invitation Description Show which mobile devices are connected.
  • Page 606 mobile-invitation Example show mobile-invitation id -1000000 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   606...

  • Page 607: Mobile-Push-Notification

    mobile-push-notification mobile-push-notification show mobile-push-notification Description Show mobile push notifications. Syntax show mobile-push-notifications Parameters Parameter Description Example show mobile-push-notifications SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   607...

  • Page 608: Monitor-Mode-Network

    monitor-mode-network monitor-mode-network SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   608...

  • Page 609: Add Monitor-Mode-Network

    add monitor-mode-network add monitor-mode-network Description Configuring "Monitor mode" over interfaces requires a mechanism to determine which are the local networks within the real topology. One of the options is a manual configuration of this topology using this command. Syntax add monitor-mode-network ipv4-address <ipv4-address> subnet-mask <subnet-mask>...

  • Page 610: Delete Monitor-Mode-Network

    delete monitor-mode-network delete monitor-mode-network Description Deletes manually configured IP addresses that determine the local networks in monitor mode when not working in automatic detection mode. Syntax delete monitor-mode-network ipv4-address <ipv4-address> Parameters Parameter Description ipv4-address Indicates a network IP address that will be recognized as Internal Type: IP address Example delete monitor-mode-network ipv4-address 192.168.1.1...

  • Page 611: Set Monitor-Mode-Network

    set monitor-mode-network set monitor-mode-network Description Configures IP addresses of networks that are manually recognized as local in the non-automatic mode of monitor mode interface inspection. Syntax set monitor-mode-network ipv4-address <ipv4-address> [ ipv4-address <ipv4-address> ] [ subnet-mask <subnet-mask> ] Parameters Parameter Description ipv4-address Indicates a network IP address that will be recognized as Internal...

  • Page 612: Show Monitor-Mode-Networks

    show monitor-mode-networks show monitor-mode-networks Description Shows manually defined local networks for monitor mode configuration. Syntax show monitor-mode-networks Parameters Parameter Description Example show monitor-mode-networks SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   612...

  • Page 613: Monitor-Mode-Configuration

    monitor-mode-configuration monitor-mode-configuration SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   613...

  • Page 614: Set Monitor-Mode-Configuration

    set monitor-mode-configuration set monitor-mode-configuration Description Configures mode of work for monitor mode interface inspection. Determines if locally managed networks will be automatically detected or manually configured. Syntax set monitor-mode-configuration [ use-defined-networks <use-defined- networks>] Parameters Parameter Description use-defined-networks Indicates if user-defined internal networks are used for Monitor mode Type: Boolean (true/false) Example set monitor-mode-configuration use-defined-networks true...

  • Page 615: Show Monitor-Mode-Configuration

    show monitor-mode-configuration show monitor-mode-configuration Description Shows monitor mode configuration for interfaces. Syntax show monitor-mode-configuration Parameters Parameter Description Example show monitor-mode-configuration SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   615...

  • Page 616: Message

    message message SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   616...

  • Page 617: Set Message

    set message set message Description Configures a banner message for the SSH administrator login Syntax set message <type> { on | off } [ line ] [ msgvalue <msgvalue> ] Parameters Parameter Description msgvalue Indicates the banner messages text Type: virtual status Indicates if a banner message for SSH login will appear Type: Boolean (true/false)

  • Page 618: Show Message

    show message show message Shows banner message for the ssh login. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   618...

  • Page 619: Show Message

    show message show message Description Shows banner message for the ssh login. Syntax show message <type> Parameters Parameter Description type Indicates the type of the message (only banner supported) Options: motd, banner, caption Example show message motd SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   619...

  • Page 620: Show Memory Usage

    show memory usage show memory usage Description Shows the amount of memory that is being used. Syntax show memory-usage Parameters Parameter Description Example show memory-usage Output Success shows used memory. Failure shows an appropriate error message. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   620...

  • Page 621: Nat

    SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   621...

  • Page 622: Set Nat

    set nat set nat Configures general NAT policy settings. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   622...

  • Page 623: Set Nat

    set nat set nat Description Configures if local networks will be hidden by default behind the external IP addresses of the gateway. Syntax set nat [ hide-internal-networks <hide-internal-networks> ] Parameters Parameter Description hide-internal-networks Hide internal networks behind the Gateway's external IP address Type: Boolean (true/false) Example set nat hide-internal-networks true...

  • Page 624: Set Nat

    set nat set nat Description Configures advanced NAT policy settings. Syntax set nat advanced-settings nat-destination-client-side <nat-destination- client-side> Parameters Parameter Description Example set nat advanced-settings nat-destination-client-side true SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   624...

  • Page 625: Set Nat

    set nat set nat Description Configures advanced NAT policy settings. Syntax set nat advanced-settings arp-proxy-merge <arp-proxy-merge> Parameters Parameter Description Example set nat advanced-settings arp-proxy-merge true SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   625...

  • Page 626: Set Nat

    set nat set nat Description Configures advanced NAT policy settings. Syntax set nat advanced-settings address-trans <address-trans> Parameters Parameter Description Example set nat advanced-settings address-trans true SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   626...

  • Page 627: Set Nat

    set nat set nat Description Configures advanced NAT policy settings. Syntax set nat advanced-settings nat-automatic-arp <nat-automatic-arp> Parameters Parameter Description Example set nat advanced-settings nat-automatic-arp true SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   627...

  • Page 628: Set Nat

    set nat set nat Description Configures advanced NAT policy settings. Syntax set nat advanced-settings nat-destination-client-side-manual <nat-destination-client-side-manual> Parameters Parameter Description Example set nat advanced-settings nat-destination-client-side-manual true SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   628...

  • Page 629: Set Nat

    set nat set nat Description Configures advanced NAT policy settings. Syntax set nat advanced-settings nat-hash-size <nat-hash-size> Parameters Parameter Description Example set nat advanced-settings nat-hash-size 1024 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   629...

  • Page 630: Set Nat

    set nat set nat Description Configures advanced NAT policy settings. Syntax set nat advanced-settings nat-cache-num-entries <nat-cache-num-entries> Parameters Parameter Description Example set nat advanced-settings nat-cache-num-entries 100 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   630...

  • Page 631: Set Nat

    set nat set nat Description Configures advanced NAT policy settings. Syntax set nat advanced-settings nat-limit <nat-limit> Parameters Parameter Description Example set nat advanced-settings nat-limit 100 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   631...

  • Page 632: Set Nat

    set nat set nat Description Configures advanced NAT policy settings. Syntax set nat advanced-settings increase-hide-capacity <increase-hide- capacity> Parameters Parameter Description Example set nat advanced-settings increase-hide-capacity true SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   632...

  • Page 633: Set Nat

    set nat set nat Description Configures advanced NAT policy settings. Syntax set nat advanced-settings nat-cache-expiration <nat-cache-expiration> Parameters Parameter Description Example set nat advanced-settings nat-cache-expiration 100 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   633...

  • Page 634: Set Nat

    set nat set nat Description Configures advanced NAT policy settings. Syntax set nat advanced-settings perform-cluster-hide-fold <perform-cluster- hide-fold> Parameters Parameter Description Example set nat advanced-settings perform-cluster-hide-fold true SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   634...

  • Page 635: Set Nat

    set nat set nat Description Configures advanced IP-Pool NAT policy settings. Syntax set nat advanced-settings ip-pool-nat [ ip-pool-securemote <ip-pool- securemote> ] [ ip-pool-log <ip-pool-log> ] [ ip-pool-per-interface <ip-pool-per-interface> ] [ ip-pool-override-hide <ip-pool-override- hide> ] [ ip-pool-gw2Gw <ip-pool-gw2Gw> ] [ ip-pool-unused-return- interval <ip-pool-unused-return-interval>...

  • Page 636: Show Nat

    show nat show nat Shows NAT policy. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   636...

  • Page 637: Show Nat

    show nat show nat Description Shows NAT policy. Syntax show nat Parameters Parameter Description Example show nat SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   637...

  • Page 638: Show Nat

    show nat show nat Description Shows advanced settings for NAT policy. Syntax show nat advanced-settings Parameters Parameter Description Example show nat advanced-settings SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   638...

  • Page 639: Nat-Rule

    nat-rule nat-rule SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   639...

  • Page 640: Add Nat-Rule

    add nat-rule add nat-rule Description Adds a new manual NAT (translation of source/destination/service) rule to the NAT Rule Base. Syntax add nat-rule [ original-source <original-source> ] [ original- destination <original-destination> ] [ original-service <original- service> ] [ translated-source <translated-source> ] [ translated- destination <translated-destination>...
  • Page 641 add nat-rule Parameter Description position- The order of the rule in comparison to other manual rules below Type: Decimal number translated- Translated destination of rule destination translated- Translated service of rule service translated- Translated source of rule source Example add nat-rule original-source TEXT original-destination TEXT original- service TEXT translated-source TEXT translated-destination TEXT translated-service TEXT comment "This is a comment."...

  • Page 642: Delete Nat-Rule

    delete nat-rule delete nat-rule Description Deletes a manually configured NAT rule by name. Syntax delete nat-rule name <name> Parameters Parameter Description name name Type: A string of alphanumeric characters without space between them Example delete nat-rule name word SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   642...

  • Page 643: Set Nat-Rule

    set nat-rule set nat-rule Description Configures an existing manual NAT rule by name. Syntax set nat-rule name <name> [ original-source <original-source> ] [ original-destination <original-destination> ] [ original-service <original-service>] [ translated-source <translated-source> ] [ translated-destination <translated-destination> ] [ translated-service <translated-service> ] [ comment <comment>] [ hide-sources <hide- sources>...
  • Page 644 set nat-rule Parameter Description position The order of the rule in comparison to other manual rules Type: Decimal number position- The order of the rule in comparison to other manual rules above Type: Decimal number position-below The order of the rule in comparison to other manual rules Type: Decimal number translated- Translated destination of rule...

  • Page 645: Show Nat-Rule

    show nat-rule show nat-rule Description Shows the name or position of a specific NAT rule. Includes auto-generated rules. Syntax show nat-rule name <name> show nat-rule position <position> Parameters Parameter Description Example show nat-rule name word SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   645...

  • Page 646: Show Nat-Rules

    show nat-rules show nat-rules Description Shows configuration of all manually and auto-generated NAT rules. Syntax show nat-rules Parameters Parameter Description Example show nat-rules position 2 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   646...

  • Page 647: Show Nat-Manual-Rules

    show nat-manual-rules show nat-manual-rules Description Shows configuration of manual NAT rules by name or position. Syntax show nat-manual-rules name <name> show nat-manual-rules <position> Parameters Parameter Description <name> Rule name <position> Rule position Example show nat-rule name word SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   647...

  • Page 648: Nat-Rule Position

    nat-rule position nat-rule position SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   648...

  • Page 649: Delete Nat-Rule Position

    delete nat-rule position delete nat-rule position Description Deletes a manually configured NAT rule by position. Syntax delete nat-rule position <position> Parameters Parameter Description position The order of the rule in comparison to other manual rules Type: Decimal number Example delete nat-rule position 2 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   649...

  • Page 650: Set Nat-Rule Position

    set nat-rule position set nat-rule position Description Configures an existing manual NAT rule by position Syntax set nat-rule position <position> [ original-source <original-source> ] [ original-destination <original-destination>] [ original-service <original-service>] [ translated-source <translated-source> ] [ translated-destination <translated-destination> ] [ translated-service <translated-service>...
  • Page 651 set nat-rule position Parameter Description position The order of the rule in comparison to other manual rules Type: Decimal number position- The order of the rule in comparison to other manual rules above Type: Decimal number position-below The order of the rule in comparison to other manual rules Type: Decimal number translated- Translated destination of rule...

  • Page 652: Netflow Collector

    netflow collector netflow collector SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   652...

  • Page 653: Add Netflow Collector

    add netflow collector add netflow collector Description Adds a new Netflow collector object (you can configure up to three). A collector uses a network protocol developed by Cisco for collecting network traffic patterns and volume. The Netflow records will be exported to each defined collector.

  • Page 654: Delete Netflow Collector

    delete netflow collector delete netflow collector Description Deletes an existing Netflow collector object by IP address and port. Syntax delete netflow collector ip <ip> port <port> Parameters Parameter Description IP address Type: IP address port UDP port Type: Port number Example delete netflow collector ip 192.168.1.1 port 8080 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   654...

  • Page 655: Set Netflow Collector

    set netflow collector set netflow collector Description Configures an existing network collector for Netflow protocol. Syntax set netflow collector for-ip <for-ip> for-port <for-port> [ ip <ip> ] [ port <port> ] [ export-format <export-format> ] [ srcaddr <srcaddr> ] [ is-enabled <is-enabled>...

  • Page 656: Show Netflow Collector

    show netflow collector show netflow collector Description Shows configuration of a specific NetFlow collector. Syntax show netflow collector ip <ip> port <port> Parameters Parameter Description IP address Type: IP address port UDP port Type: Port number Example show netflow collector ip 192.168.1.1 port 8080 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   656...

  • Page 657: Show Netflow Collectors

    show netflow collectors show netflow collectors Description Shows configuration of all NetFlow collectors. Syntax show netflow collectors Parameters Parameter Description Example show netflow collectors SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   657...

  • Page 658: Network

    network network SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   658...

  • Page 659: Add Network

    add network add network Description Adds a new network address range object (a network and a subnet mask). Syntax add network name <name> network-ipv4-address <network-ipv4-address> { subnet-mask <subnet-mask> | mask-length <mask-length> } Parameters Parameter Description mask-length Mask length name Network Object name Type: String network-ipv4-address Network address...

  • Page 660: Delete Network

    delete network delete network Description Deletes an existing network address range object (a network and a subnet mask) by object name. Syntax delete network <name> Parameters Parameter Description name Network Object name Type: String Example delete network TEXT SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   660...

  • Page 661: Set Network

    set network set network Description Configures an existing network with subnet. Syntax set network <name> [ name <name> ] [ network-ipv4-address <network- ipv4-address> ] { [ subnet-mask <subnet-mask> ] | [ mask-length <mask- length> ] } Parameters Parameter Description mask-length Mask length name Network Object name...

  • Page 662: Show Network

    show network show network Description Shows configuration of a specific IP address network object. Syntax show network <name> Parameters Parameter Description name Network Object name Type: String Example show network TEXT SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   662...

  • Page 663: Show Networks

    show networks show networks Description Shows configuration of all IP address network objects. Syntax show networks Parameters Parameter Description Example show networks SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   663...

  • Page 664: Show Notifications-Log

    show notifications-log show notifications-log Description Show the notification logs. Syntax show notifications-log Parameters Parameter Description Example show notifications-log SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   664...

  • Page 665: Notifications-Policy

    notifications-policy notifications-policy These commands are relevant for notifications policy. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   665...

  • Page 666: Set Notifications-Policy

    set notifications-policy set notifications-policy Description Configure the policy for sending notifications to the user. Syntax set notifications-policy [ send-push-notifications <send-push- notifications> ] [ send-detailed-push-notifications <send-detailed- push-notifications> ] set notifications-policy [send-cloud-notifications <send-cloud- notification>] Parameters Parameter Description send-detailed- Notification previews may contain information about your network. Turning it off push- means that the security gateway removes this information from the push notification.

  • Page 667: Set Notifications-Policy

    set notifications-policy set notifications-policy Description Configure the policy for sending notifications to the user. Syntax set notifications-policy advanced-settings limit-push-notifications <limit-push-notifications> Parameters Parameter Description Example set notifications-policy advanced-settings limit-push-notifications - 1000000 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   667...

  • Page 668: Set Notifications-Policy

    set notifications-policy set notifications-policy Description Configure the policy for sending notifications to the user. Syntax set notifications-policy advanced-settings send-push-notifications <send-push-notifications> Parameters Parameter Description Example set notifications-policy advanced-settings send-push-notifications true SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   668...

  • Page 669: Show Notifications-Policy

    show notifications-policy show notifications-policy Description Show the policy for sending notifications to the user. Syntax show notifications-policy Parameters Parameter Description Example show notifications-policy SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   669...

  • Page 670: Show Notifications-Policy

    show notifications-policy show notifications-policy Description Show the policy for sending notifications to the user. Syntax show notifications-policy advanced-settings Parameters Parameter Description Example show notifications-policy advanced settings SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   670...

  • Page 671: Ntp

    SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   671...

  • Page 672: Set Ntp

    set ntp set ntp Configures NTP settings. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   672...

  • Page 673: Set Ntp

    set ntp set ntp Description Configures NTP settings. Syntax set ntp [ local-time-zone <local-time-zone> ] [ auto-adjust-daylight- saving <auto-adjust-daylight-saving> ] Parameters Parameter Description auto-adjust-daylight- saving Auto daylight Options: on, off local-time-zone Region on earth that has a uniform standard time Example set ntp local-time-zone GMT-11:00(Midway-Island) auto-adjust-daylight- saving on...

  • Page 674: Set Ntp

    set ntp set ntp Description Enables/Disables NTP functionality. Syntax set ntp active <active> Parameters Parameter Description active Region on earth that has a uniform standard time Options: on, off Example set ntp active on SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   674...

  • Page 675: Set Ntp

    set ntp set ntp Description Configures NTP settings. Syntax set ntp interval <interval> Parameters Parameter Description interval Time interval (minutes) to update date and time settings from the NTP server Type: A number with no fractional part (integer) Example set ntp interval 15 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   675...

  • Page 676: Set Ntp

    set ntp set ntp Description Configures NTP settings. Syntax set ntp auth { on secret-id <secret-id> secret <secret> | off } Parameters Parameter Description auth Authentication with NTP servers flag Type: Press TAB to see available options secret Key string for authentication with the NTP servers Type: A string that contains alphanumeric and special characters secret-id Authentication key identifier...

  • Page 677: Show Ntp

    show ntp show ntp Description Shows NTP configuration. Syntax show ntp Parameters Parameter Description Example show ntp SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   677...

  • Page 678: Show Ntp Active

    show ntp active show ntp active Description Shows NTP activation status. Syntax show ntp active Parameters Parameter Description Example show ntp active SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   678...

  • Page 679: Ntp Server

    ntp server ntp server SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   679...

  • Page 680: Set Ntp Server

    set ntp server set ntp server Configures NTP server settings. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   680...

  • Page 681: Set Ntp Server

    set ntp server set ntp server Description Configures primary NTP server's IP address. Syntax set ntp server primary <primary> Parameters Parameter Description primary Primary NTP server Type: An IP address or host name Example set ntp server primary myHost.com SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   681...

  • Page 682: Set Ntp Server

    set ntp server set ntp server Description Configures secondary NTP server's IP address. Syntax set ntp server secondary <secondary> Parameters Parameter Description secondary Secondary NTP server Type: An IP address or host name Example set ntp server secondary myHost.com SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   682...

  • Page 683: Show Ntp Servers

    show ntp servers show ntp servers Description Shows all defined NTP servers. Syntax show ntp servers Parameters Parameter Description Example show ntp servers SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   683...

  • Page 684: Periodic Backup

    periodic backup periodic backup SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   684...

  • Page 685: Set Periodic-Backup

    set periodic-backup set periodic-backup Description Configures periodic backup to a remote FTP server. Syntax set periodic-backup [ mode <mode>] [ server-address <server-address> ] [ server-username <server-username> ] [ server-password <server- password> ] [ file-encryption { true [ encryption-password <encryption- password>] | false } ] [ schedule { monthly [ day-of-month <day-of- month>...
  • Page 686 set periodic-backup Parameter Description server-username Backup server username Type: A string that contains (0-9, a-z, - . @) up to 64 characters without spaces Example set periodic-backup mode true server-address backupUrl server-username admin server-password a(&7Ba file-encryption true encryption-password a (&7Ba schedule monthly day-of-month 2 hour 2 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   686...

  • Page 687: Show Periodic-Backup

    show periodic-backup show periodic-backup Description Shows periodic backup configuration. Syntax show periodic-backup Parameters Parameter Description Example show periodic-backup SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   687...

  • Page 688: Set Property

    set property set property Description Disables or enables first time configuration (from the USB autoplay configuration or the WebUI). Syntax set property {USB_auto_configuration {always|once|off} | first-time- wizard {always|once}} Parameters Parameter Description Example set property USB_auto_configuration off set property first-time-wizard off SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   688...

  • Page 689: Privacy Settings

    privacy settings privacy settings SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   689...

  • Page 690: Set Privacy-Settings

    Description In Advanced Settings, select if the customer consents to sending diagnostic data to Check Point. Syntax set privacy-settings advanced-settings customer-consent <customer- consent> Parameters Parameter Description customer-consent Type: Boolean (true/false) Example set privacy-settings advanced-settings customer-consent true...

  • Page 691: Show Privacy-Settings

    show privacy-settings show privacy-settings Description In Advanced Settings, show if the customer consents to sending diagnostic data. Syntax show privacy-settings advanced-settings Parameters Parameter Description Example show privacy-settings advanced-settings Sample Output customer-consent: true SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   691...

  • Page 692: Proxy

    proxy proxy SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   692...

  • Page 693: Delete Proxy

    delete proxy delete proxy Description Deletes configured proxy settings for the appliance. Syntax delete proxy Parameters Parameter Description Example delete proxy SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   693...

  • Page 694: Set Proxy

    Configures proxy settings for connecting with Check Point update and license servers. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   694...

  • Page 695: Set Proxy

    Description Configures proxy settings for connecting with Check Point update and license servers, when the device is located behind a proxy server. Syntax set proxy server <server> port <port> Parameters Parameter Description port The proxy port...

  • Page 696: Set Proxy

    Parameter Description use-proxy A proxy server between the appliance and the Internet. This proxy server will be used when the appliance?s internal processes must reach a Check Point server. Type: Boolean (true/false) Example set proxy true SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   696...

  • Page 697: Show Proxy

    show proxy show proxy Description Shows proxy configuration. Syntax show proxy Parameters Parameter Description Example show proxy SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   697...

  • Page 698: Qos

    SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   698...

  • Page 699: Set Qos

    set qos set qos Configures QoS policy. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   699...

  • Page 700: Set Qos

    set qos set qos Description Enables/Disables the QoS Syntax set qos mode <mode> Parameters Parameter Description mode Indicates if QoS blade is enabled Type: Boolean (true/false) Example set qos mode true SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   700...

  • Page 701: Set Qos

    set qos set qos Description Configures the default QoS policy. Syntax set qos default-policy [ limit-bandwidth-consuming-applications { true [ limit-upload-traffic <limit-upload-traffic>] [ upload-limit <upload- limit> ] [ limit-download-traffic <limit-download-traffic> ] [ download-limit <download-limit> ] | false } ] [ guarantee-bandwidth-to- configured-traffic <guarantee-bandwidth-to-configured-traffic>...

  • Page 702: Set Qos

    set qos set qos Description Configures advanced QoS settings. Syntax set qos low-latency-traffic maximum-percentage-of-bandwidth <maximum-percentage-of-bandwidth> Parameters Parameter Description Example set qos low-latency-traffic maximum-percentage-of-bandwidth 80 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   702...

  • Page 703: Set Qos

    set qos set qos Description Configures advanced QoS settings. Syntax set qos advanced-settings qos-logging <qos-logging> Parameters Parameter Description Example set qos advanced-settings qos-logging true SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   703...

  • Page 704: Show Qos

    show qos show qos Shows the policy of the QoS blade. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   704...

  • Page 705: Show Qos

    show qos show qos Description Shows the policy of the QoS blade. Syntax show qos Parameters Parameter Description Example show qos SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   705...

  • Page 706: Show Qos

    show qos show qos Description Shows advanced settings of the QoS blade. Syntax show qos advanced-settings Parameters Parameter Description Example show qos advanced-settings SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   706...

  • Page 707: Qos Delay-Sensitive-Service

    qos delay-sensitive-service qos delay-sensitive-service SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   707...

  • Page 708: Set Qos Delay-Sensitive-Service

    set qos delay-sensitive-service set qos delay-sensitive-service Configures a default used group of services that are delay sensitive. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   708...

  • Page 709: Set Qos Delay-Sensitive-Service

    set qos delay-sensitive-service set qos delay-sensitive-service Description Adds an existing service object to the default group of services that are delay sensitive. Syntax set qos delay-sensitive-service add service <service> Parameters Parameter Description service Service name Example set qos delay-sensitive-service add service TEXT SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   709...

  • Page 710: Set Qos Delay-Sensitive-Service

    set qos delay-sensitive-service set qos delay-sensitive-service Description Removes an existing service object from the default group of services that are delay sensitive. Syntax set qos delay-sensitive-service remove service <service> Parameters Parameter Description service Service name Example set qos delay-sensitive-service remove service TEXT SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   710...

  • Page 711: Show Qos Delay-Sensitive-Services

    show qos delay-sensitive-services show qos delay-sensitive-services Description Shows the group of services that are considered delay sensitive. Syntax show qos delay-sensitive-services Parameters Parameter Description Example show qos delay-sensitive-services SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   711...

  • Page 712: Qos Guarantee-Bandwidth-Selected-Services

    qos guarantee-bandwidth-selected-services qos guarantee-bandwidth-selected- services SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   712...

  • Page 713: Set Qos Guarantee-Bandwidth-Selected-Services

    set qos guarantee-bandwidth-selected-services set qos guarantee-bandwidth-selected-services Configures a default used group of services that will be guaranteed bandwidth according to QoS default policy. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   713...

  • Page 714: Set Qos Guarantee-Bandwidth-Selected-Services

    set qos guarantee-bandwidth-selected-services set qos guarantee-bandwidth-selected-services Description Adds an existing service object to the default used group of services that will be guaranteed bandwidth according to QoS default policy. Syntax set qos guarantee-bandwidth-selected-services add service <service> Parameters Parameter Description service Service name Example set qos guarantee-bandwidth-selected-services add service TEXT...

  • Page 715: Set Qos Guarantee-Bandwidth-Selected-Services

    set qos guarantee-bandwidth-selected-services set qos guarantee-bandwidth-selected-services Description Removes an existing service object from the default used group of services that will be guaranteed bandwidth according to QoS default policy. Syntax set qos guarantee-bandwidth-selected-services remove service <service> Parameters Parameter Description service Service name Example set qos guarantee-bandwidth-selected-services remove service TEXT...

  • Page 716: Show Qos Guarantee-Bandwidth-Selected-Services

    show qos guarantee-bandwidth-selected-services show qos guarantee-bandwidth-selected- services Description Shows the group of services that can be guaranteed bandwidth in the QoS default policy. Syntax show qos guarantee-bandwidth-selected-services Parameters Parameter Description Example show qos guarantee-bandwidth-selected-services SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   716...

  • Page 717: Qos-Rule

    qos-rule qos-rule SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   717...

  • Page 718: Add Qos-Rule

    add qos-rule add qos-rule Description Adds a new bandwidth/latency control rule to the QoS Rule Base. Syntax add qos-rule [ source <source> ] [ destination <destination> ] [ service <service> ] [ { [ low-latency-rule { normal [ limit-bandwidth <limit-bandwidth> [ limit-percentage <limit-percentage> ] ] [ guarantee-bandwidth <guarantee-bandwidth>...
  • Page 719 add qos-rule Parameter Description hours- If true, time is configured range- Type: Boolean (true/false) enabled hours- Time in the format HH:MM range-from Type: A time format hh:mm hours- Time in the format HH:MM range-to Type: A time format hh:mm limit- If true, traffic limit is defined bandwidth Type: Boolean (true/false)
  • Page 720 add qos-rule Example add qos-rule source TEXT destination TEXT service TEXT low-latency-rule normal limit-bandwidth true limit-percentage 15 guarantee-bandwidth true guarantee-percentage 30 weight 30 log none comment "This is a comment." vpn true hours-range-enabled true hours-range-from 23:20 hours-range-to 23:20 diffserv-mark true diffserv-mark-val 5 name word position 2 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   720...

  • Page 721: Delete Qos-Rule

    delete qos-rule delete qos-rule Deletes an existing bandwidth/latency control rule in the QoS Rule Base. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   721...

  • Page 722: Delete Qos-Rule

    delete qos-rule delete qos-rule Description Deletes an existing bandwidth/latency control rule in the QoS Rule Base by idx. Syntax delete qos-rule idx <idx> Parameters Parameter Description The order of the rule in comparison to other manual rules Type: Decimal number Example delete qos-rule idx 3.141 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   722...

  • Page 723: Delete Qos-Rule

    delete qos-rule delete qos-rule Description Deletes an existing bandwidth/latency control rule in the QoS Rule Base by name. Syntax delete qos-rule name <name> Parameters Parameter Description name name Type: A string of alphanumeric characters without space between them Example delete qos-rule name word SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   723...

  • Page 724: Set Qos-Rule

    set qos-rule set qos-rule Configures an existing bandwidth/latency control rule within the QoS blade policy. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   724...

  • Page 725: Set Qos-Rule

    set qos-rule set qos-rule Description Configures an existing bandwidth/latency control rule within the QoS blade policy by idx. Syntax set qos-rule idx <idx> [ source <source> ] [ destination <destination> ] [ service <service> ] [ { [ low-latency-rule { normal [ limit- bandwidth <limit-bandwidth>...
  • Page 726 set qos-rule Parameter Description guarantee- Traffic guarantee percentage percentage Type: A number with no fractional part (integer) hours- If true, time is configured range- Type: Boolean (true/false) enabled hours- Time in the format HH:MM range-from Type: A time format hh:mm hours- Time in the format HH:MM range-to...
  • Page 727 set qos-rule Parameter Description Indicates if traffic is matched on encrypted traffic only or all traffic Type: Boolean (true/false) weight Traffic weight, relative to the weights defined for other rules Type: A number with no fractional part (integer) Example set qos-rule idx 3.141 source TEXT destination TEXT service TEXT low- latency-rule normal limit-bandwidth true limit-percentage 80 guarantee- bandwidth true guarantee-percentage 80 weight 15 log none comment "This is a comment."...

  • Page 728: Set Qos-Rule

    set qos-rule set qos-rule Description Configures an existing bandwidth/latency control rule within the QoS blade policy by name. Syntax set qos-rule name <name> [ source <source> ] [ destination <destination> ] [ service <service> ] [ { [ low-latency-rule { normal [ limit-bandwidth <limit-bandwidth>...
  • Page 729 set qos-rule Parameter Description guarantee- Traffic guarantee percentage percentage Type: A number with no fractional part (integer) hours- If true, time is configured range- Type: Boolean (true/false) enabled hours- Time in the format HH:MM range-from Type: A time format hh:mm hours- Time in the format HH:MM range-to...
  • Page 730 set qos-rule Parameter Description weight Traffic weight, relative to the weights defined for other rules Type: A number with no fractional part (integer) Example set qos-rule name word source TEXT destination TEXT service TEXT low- latency-rule normal limit-bandwidth true limit-percentage 80 guarantee- bandwidth true guarantee-percentage 80 weight 15 log none comment "This is a comment."...

  • Page 731: Show Qos-Rule

    show qos-rule show qos-rule Shows configuration of QoS (bandwidth/latency control) rules. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   731...

  • Page 732: Show Qos-Rule

    show qos-rule show qos-rule Description Shows configuration of a QoS rule by ID. Syntax show qos-rule idx <idx> Parameters Parameter Description The order of the rule in comparison to other manual rules Type: Decimal number position The order of the rule in comparison to other manual rules Type: Decimal number Example show qos-rule idx 3.141 position 2...

  • Page 733: Show Qos-Rule

    show qos-rule show qos-rule Description Shows configuration of a QoS rule by name. Syntax show qos-rule name <name> Parameters Parameter Description name name Type: A string of alphanumeric characters without space between them position The order of the rule in comparison to other manual rules Type: Decimal number Example show qos-rule name word position 2...

  • Page 734: Show Qos-Rules

    show qos-rules show qos-rules Description Shows configuration of a QoS rule by position. Syntax show qos-rules position <position> Parameters Parameter Description position The order of the generated rules in the QoS Rule Base Type: A number with no fractional part (integer) Example show qos-rules position 2 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   734...

  • Page 735: Radius-Server

    radius-server radius-server SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   735...

  • Page 736: Delete Radius-Server

    delete radius-server delete radius-server Description Deletes an existing configured RADIUS server. Syntax delete radius-server priority <priority> Parameters Parameter Description priority Priority of the choose tab, can be primary or secondary Type: A number with no fractional part (integer) Example delete radius-server priority 1 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   736...

  • Page 737: Set Radius-Server

    set radius-server set radius-server Description Configures RADIUS servers. Syntax set radius-server priority <priority> [ ipv4-address <ipv4-address> ] [ udp-port <udp-port> ] [ shared-secret <shared-secret> ] [ timeout <timeout>] Parameters Parameter Description ipv4- The IP address of the RADIUS server address Type: IP address priority Priority of the choose tab, can be primary or secondary...

  • Page 738: Show Radius-Server

    show radius-server show radius-server Description Shows the configuration of a RADIUS server. Syntax show radius-server priority <priority> Parameters Parameter Description priority Priority of the choose tab, can be primary or secondary Type: A number with no fractional part (integer) Example show radius-server priority 1 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   738...

  • Page 739: Show Radius-Servers

    show radius-servers show radius-servers Description Shows the configuration of all RADIUS servers. Syntax show radius-servers Parameters Parameter Description Example show radius-servers SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   739...

  • Page 740: Reach-My-Device

    reach-my-device reach-my-device SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   740...

  • Page 741: Set Reach-My-Device

    set reach-my-device set reach-my-device Configures the "Reach my device" service, which enables connecting to the device's management portal even when the device is behind NAT. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   741...

  • Page 742: Set Reach-My-Device

    set reach-my-device set reach-my-device Description Configures the "Reach my device" service, which enables connecting to the device's management portal even when the device is behind NAT. Syntax set reach-my-device [ mode <mode> ] [ host-name <host-name> ] [ existing-host-name { true validation-token <validation-token> | false } Parameters Parameter Description...

  • Page 743: Set Reach-My-Device

    set reach-my-device set reach-my-device Description Configures advanced settings of the "Reach my device" service, which enables connecting to the device's management portal even when the device is behind NAT. Syntax set reach-my-device advanced-settings ignore-ssl-cert <ignore-ssl-cert> Parameters Parameter Description Example set reach-my-device advanced-settings ignore-ssl-cert true SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   743...

  • Page 744: Set Reach-My-Device

    set reach-my-device set reach-my-device Description Configures advanced settings of the "Reach my device" service, which enables connecting to the device's management portal even when the device is behind NAT. Syntax set reach-my-device advanced-settings reach-my-device-server-addr <reach-my-device-server-addr> Parameters Parameter Description Example set reach-my-device advanced-settings reach-my-device-server-addr http://www.checkpoint.com/ SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   744...

  • Page 745: Show Reach-My-Device

    show reach-my-device show reach-my-device Shows the configuration of "Reach My Device" cloud service. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   745...

  • Page 746: Show Reach-My-Device

    show reach-my-device show reach-my-device Description Shows the configuration of "Reach My Device" cloud service. Syntax show reach-my-device Parameters Parameter Description Example show reach-my-device SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   746...

  • Page 747: Show Reach-My-Device

    show reach-my-device show reach-my-device Description Shows advanced settings of "Reach My Device" cloud service. Syntax show reach-my-device advanced-settings Parameters Parameter Description Example show reach-my-device advanced-settings SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   747...

  • Page 748: Set Remote-Access Users

    set remote-access users set remote-access users Description Configures VPN remote access privileges to users defined in configured RADIUS servers. Syntax set remote-access users radius-auth { true [ use-radius-groups { true radius-groups <radius-groups> | false } ] | false } Parameters Parameter Description radius-auth...

  • Page 749: Show Remote-Access Users Radius-Auth

    show remote-access users radius-auth show remote-access users radius- auth Description Shows RADIUS-based users VPN remote access configuration. Syntax show remote-access users radius-auth Parameters Parameter Description Example show remote-access users radius-auth SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   749...

  • Page 750: Reboot

    reboot reboot Description Reboots the system. Syntax reboot Parameters Parameter Description Example reboot SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   750...

  • Page 751: Restore Settings

    restore settings restore settings Description Restores the appliance settings from a backup file. The backup file can be located on a USB device or on a TFTP server. Syntax restore settings from {usb|tftp server <serverIP>} filename <file_name> Parameters Parameter Description Name of the backup file.

  • Page 752: Show Restore Settings Log

    show restore settings log show restore settings log Description Shows the log file of previous restore settings to default operations. You can display these restore settings log files: restore-settings-log - Log file for restoring saved settings. restore-default-settings-log - Log file for restoring the default settings. Syntax show {restore-settings-log|restore-default-settings-log} Parameters...

  • Page 753: Show Revert Log

    show revert log show revert log Description Shows the log file of previous revert operations. Syntax show revert-log Parameters Parameter Description Example show revert-log Output Success shows the revert log file. Failure shows an appropriate error message. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   753...

  • Page 754: Revert To Factory Defaults

    revert to factory defaults revert to factory defaults Description Revert the appliance to the original factory defaults. This command deletes all data and software images from the appliance. Syntax revert to factory-defaults Parameters Parameter Description Example revert to factory-defaults Output Success shows a warning message.

  • Page 755: Revert To Saved Image

    revert to saved image revert to saved image Description Reverts the appliance to the previous software image. Syntax revert to previous-image Parameters Parameter Description Example revert to previous-image Output Success shows OK . Failure shows an appropriate error message. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   755...

  • Page 756: Report-Settings

    report-settings report-settings SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   756...

  • Page 757: Set Report-Settings

    set report-settings set report-settings Configure local reports settings. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   757...

  • Page 758: Set Report-Settings

    set report-settings set report-settings Description Configure advanced local reports settings. Syntax set report-settings advanced-settings centrally-max-period <centrally-max-period> Parameters Parameter Description Example set report-settings advanced-settings centrally-max-period report- period-hour SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   758...

  • Page 759: Set Report-Settings

    set report-settings set report-settings Description Configure advanced local reports settings. Syntax set report-settings advanced-settings locally-max-period <locally-max-period> Parameters Parameter Description Example set report-settings advanced-settings locally-max-period report-period- hour SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   759...

  • Page 760: Show Report-Settings

    show report-settings show report-settings Description Shows report scheduling and creation configuration. Syntax show report-settings advanced-settings Parameters Parameter Description Example show report-settings advanced-settings SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   760...

  • Page 761: Show Rule Hits

    show rule hits show rule hits Description Shows the top firewall policy rule hits. Syntax show rule-hits [top <rule>] Parameters Parameter Description rule Number of rules in the security policy that are displayed. Minimum value i Return Value on success, on failure Example show rule-hits top 3...

  • Page 762: Show Saved Image

    show saved image show saved image Description Shows information about the saved backup image. Syntax show saved-image Parameters Parameter Description Example show saved-image Output Success shows information about the image. Failure shows an appropriate error message. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   762...

  • Page 763: Update Security-Blades

    update security-blades update security-blades Description Manually update Software Blades. Syntax update security-blades [ all ] Parameters Parameter Description Example update security-blades all SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   763...

  • Page 764: Security-Management

    security-management security-management SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   764...

  • Page 765: Connect Security-Management

    connect security-management connect security-management Description Configure first connection to the Security Management Server. Syntax connect security-management mgmt-addr <mgmt-addr> use-one-time-password <use-one-time-password> local-override-mgmt-addr { true send-logs-to { local-override-log-server-addr addr <addr> | local-override-mgmt-addr } | false } Parameters Parameter Description addr The logs are sent to this address Type: An IP address or host name local- Indicates if the management address used in the next manual fetch command will be...

  • Page 766: Set Security-Management

    set security-management set security-management Configures settings to connect to a remote Security Management Server and log server. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   766...

  • Page 767: Set Security-Management

    set security-management set security-management Description Configures a local override to the IP addresses of the Security Management Server and log server. This is relevant when centrally managed. Syntax set security-management local-override-mgmt-addr { true mgmt-address <mgmt-address> send-logs-to { local-override-log-server-addr addr <addr> | local-override-mgmt-addr } | false } Parameters Parameter Description...

  • Page 768: Set Security-Management

    <mode> Parameters Parameter Description mode Indicates whether the appliance is managed locally or centrally using a Check Point Security Management Server. Options: locally-managed, centrally-managed Example set security-management mode locally-managed SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   768...

  • Page 769: Show Security-Management

    show security-management show security-management Description Shows settings of the Security Management Server. Syntax show security-management Parameters Parameter Description Example show security-management SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   769...

  • Page 770: Serial-Port

    serial-port serial-port SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   770...

  • Page 771: Set Serial-Port

    set serial-port set serial-port Configures the physical serial port settings. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   771...

  • Page 772: Set Serial-Port

    set serial-port set serial-port Description Configures the physical serial port data flow settings. Syntax set serial-port [ port-speed <port-speed> ] [ flow-control <flow- control> ] [ disabled <disabled> ] [ mode <mode> ] Parameters Parameter Description disabled Indicates if the serial port is disabled flow- Indicates the method of data flow control to and from the serial port control...

  • Page 773: Set Serial-Port

    set serial-port set serial-port Description Configures the physical serial port as a relay to which incoming TELNET traffic on a configured port will be redirected. Syntax set serial-port passive-mode [ tcp-port <tcp-port> ] [ allow-implicitly <allow-implicitly>] Parameters Parameter Description Example set serial-port passive-mode tcp-port 8080 allow-implicitly true SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   773...

  • Page 774: Set Serial-Port

    set serial-port set serial-port Description Configures the physical serial port as a relay to outgoing connection to a remote TELNET server. Syntax set serial-port active-mode [ tcp-port <tcp-port> ] [ primary-server- address <primary-server-address> <secondary-server-address> ] [ secondary-server-address Parameters Parameter Description Example set serial-port active-mode tcp-port 8080 primary-server-address myHost.com secondary-server-address myHost.com SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   774...

  • Page 775: Set Serial-Port-Nine-Pin

    set serial-port-nine-pin set serial-port-nine-pin Description Configure the settings for the 9 PIN serial port. Syntax set serial-port-nine-pin [ port-speed <port-speed> ] [ flow-control <flow- control> ] [ disabled <disabled> ] [ mode <mode> ] Parameters Parameter Description disabled Indicates if the 9-PIN serial port is disabled flow- Indicates the method of data flow control to and from the 9 PIN serial port control...

  • Page 776: Set Serial-Port-Nine-Pin

    set serial-port-nine-pin set serial-port-nine-pin Description Configure the settings for the 9 PIN serial port. Syntax set serial-port-nine-pin passive-mode [ tcp-port <tcp-port> ] [ allow-implicitly <allow-implicitly> ] Parameters Parameter Description Example set serial-port-nine-pin passive-mode tcp-port 8080 allow-implicitly true SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   776...

  • Page 777: Set Serial-Port-Nine-Pin

    set serial-port-nine-pin set serial-port-nine-pin Description Configure the settings for the 9 PIN serial port. Syntax set serial-port-nine-pin active-mode [ tcp-port <tcp-port> ] [primary-server- address <primary-server-address> ] [ secondary-server-address <secondary-server- address> ] Parameters Parameter Description Example set serial-port-nine-pin active-mode tcp-port 8080 primary-server-address myHost.com secondary-server-address myHost.com SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   777...

  • Page 778: Show Serial-Port

    show serial-port show serial-port Description Shows configuration for the serial port. Syntax show serial-port Parameters Parameter Description Example show serial-port SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   778...

  • Page 779: Show Serial-Port-Nine-Pin

    show serial-port-nine-pin show serial-port-nine-pin Description Show the settings for the 9 PIN serial port. Syntax show serial-port-nine-pin Parameters Parameter Description Example show serial-port-nine-pin SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   779...

  • Page 780: Server

    server server SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   780...

  • Page 781: Add Server

    add server add server Description Adds a new server object. Server object are a way to define a network host object with its access and NAT configuration, instead of creating manual rules for it. Syntax add server name <name> ipv4-address <ipv4-address> [ dhcp-exclude-ip- addr { on [ dhcp-reserve-ip-addr-to-mac { on mac-addr <mac-addr>...
  • Page 782 add server Parameter Description tcp-ports TCP ports for server of type 'other' Type: Port range tcpProtocol tcpProtocol Type: Boolean (true/false) udp-ports UDP ports for server of type 'other' Type: Port range udpProtocol udpProtocol Type: Boolean (true/false) Example add server name myObject_17 ipv4-address 192.168.1.1 dhcp-exclude-ip- addr on dhcp-reserve-ip-addr-to-mac on mac-addr 00:1C:7F:21:05:BE comments "This is a comment."...

  • Page 783: Delete Server

    delete server delete server Description Deletes an existing server object. Syntax delete server <name> Parameters Parameter Description name Server object name Type: A string that begins with a letter and contain up to 32 alphanumeric (0-9, a-z, _ - .) characters without spaces Example delete server myObject_17...

  • Page 784: Show Server

    show server show server Description Shows configuration of an existing server object. Syntax show server <name> Parameters Parameter Description name Server object name Type: A string that begins with a letter and contain up to 32 alphanumeric (0-9, a-z, _ - .) characters without spaces Example show server myObject_17...

  • Page 785: Show Servers

    show servers show servers Description Shows the configuration of all server objects. Syntax show servers Parameters Parameter Description Example show servers SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   785...

  • Page 786: Service-Details

    service-details service-details SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   786...

  • Page 787: Set Device-Details

    set device-details set device-details Description Configures the device's details. Syntax set device-details [ hostname <hostname> ] [ country <country> ] Parameters Parameter Description country The country where you are located. The country configured for the WLAN Options: country hostname The appliance name used to identify the gateway. Type: A string that contains [A-Z], [0-9] and '-' characters Example set device-details hostname My-appliance country albania...

  • Page 788: Show Device-Details

    show device-details show device-details Description Shows configuration of basic device details. Syntax show device-details Parameters Parameter Description Example show device-details SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   788...

  • Page 789: Service-Group

    service-group service-group SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   789...

  • Page 790: Add Service-Group

    add service-group add service-group Description Adds a new group for service objects. Syntax add service-group name <name> [ comments <comments> ] [ member <member> Parameters Parameter Description comments Comments and explanation about the Service Group Type: A string that contains less than 257 characters, of this set: 0-9, a-z or , . - : () @ member An association field for the contained services name...

  • Page 791: Delete Service-Group

    delete service-group delete service-group Description Deletes an existing group object for service objects by object name. Syntax delete service-group <name> Parameters Parameter Description name Service Group name Type: A string that begins with a letter and contain up to 32 alphanumeric (0-9, a-z, _ - .) characters without spaces Example delete service-group myObject_17...

  • Page 792: Set Service-Group

    set service-group set service-group Configures an existing service objects group. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   792...

  • Page 793: Set Service-Group

    set service-group set service-group Description Configures an existing service objects group. Syntax set service-group <name> [ new-name <new-name> ] [ comments <comments> Parameters Parameter Description comments Comments and explanation about the Service Group Type: A string that contains less than 257 characters, of this set: 0-9, a-z or , . - : () @ name Service Group name Type: A string that begins with a letter and contain up to 32 alphanumeric (0-9, a-z, _ - .)

  • Page 794: Set Service-Group

    set service-group set service-group Description Removes all service objects from an existing service objects group. Syntax set service-group <name> remove-all members Parameters Parameter Description name Service Group name Type: A string that begins with a letter and contain up to 32 alphanumeric (0-9, a-z, _ - .) characters without spaces Example set service-group myObject_17 remove-all members...

  • Page 795: Set Service-Group

    set service-group set service-group Description Adds an existing service object to an existing service objects group. Syntax set service-group <name> add member <member> Parameters Parameter Description member Service name name Service Group name Type: A string that begins with a letter and contain up to 32 alphanumeric (0-9, a-z, _ - .) characters without spaces Example set service-group myObject_17 add member TEXT...

  • Page 796: Set Service-Group

    set service-group set service-group Description Removes an existing service object from an existing service objects group. Syntax set service-group <name> remove member <member> Parameters Parameter Description member Service name name Service Group name Type: A string that begins with a letter and contain up to 32 alphanumeric (0-9, a-z, _ - .) characters without spaces Example set service-group myObject_17 remove member TEXT...

  • Page 797: Show Service-Group

    show service-group show service-group Description Shows the content of a service object group. Syntax show service-group <name> Parameters Parameter Description name Service Group name Type: A string that begins with a letter and contain up to 32 alphanumeric (0-9, a-z, _ - .) characters without spaces Example show service-group myObject_17...

  • Page 798: Show Service-Groups

    show service-groups show service-groups Description Shows the content of all service object groups. Syntax show service-groups Parameters Parameter Description Example show service-groups SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   798...

  • Page 799: Service-Icmp

    service-icmp service-icmp SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   799...

  • Page 800: Add Service-Icmp

    add service-icmp add service-icmp Description Adds a new ICMP-type service object. Syntax add service-icmp name <name> icmp-code <icmp-code> icmp-type <icmp- type> [ comments <comments>] Parameters Parameter Description comments Comments and explanation about the service Type: A string that contains less than 257 characters, of this set: 0-9, a-z or , . - : () @ icmp-code ICMP code Type: A number with no fractional part (integer)

  • Page 801: Delete Service-Icmp

    delete service-icmp delete service-icmp Description Deletes an existing ICMP-type service object by name. Syntax delete service-icmp <name> Parameters Parameter Description name Service name Type: String Example delete service-icmp TEXT SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   801...

  • Page 802: Set Service-Icmp

    set service-icmp set service-icmp Description Configures an existing ICMP-type service object. Syntax set service-icmp <name>[ name <name> ] [ icmp-code <icmp-code> ] [ icmp-type <icmp-type> ] [ comments <comments> ] Parameters Parameter Description comments Comments and explanation about the service Type: A string that contains less than 257 characters, of this set: 0-9, a-z or , .

  • Page 803: Show Service-Icmp

    show service-icmp show service-icmp Description Shows the configuration of a specific ICMP-type service object. Syntax show service-icmp <name> Parameters Parameter Description name Service name Type: String Example show service-icmp TEXT SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   803...

  • Page 804: Add Service-Protocol

    add service-protocol add service-protocol Description Adds a new non-TCP/UDP service object (a different IP protocol than 6 or 17). Syntax add service-protocol name <name> ip-protocol <ip-protocol> [ comments <comments>] Parameters Parameter Description comments Comments and explanation about the service Type: A string that contains less than 257 characters, of this set: 0-9, a-z or , . - : () @ ip-protocol IP Protocol number Type: A number with no fractional part (integer)

  • Page 805: Service-Protocol

    service-protocol service-protocol SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   805...

  • Page 806: Delete Service-Protocol

    delete service-protocol delete service-protocol Description Deletes a non-TCP/UDP service object by name. Syntax delete service-protocol <name> Parameters Parameter Description name Service name Type: String Example delete service-protocol TEXT SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   806...

  • Page 807: Set Service-Protocol

    set service-protocol set service-protocol Description Configures an existing non-TCP/UDP service object. Syntax set service-protocol <name> [ name <name>] [ ip-protocol <ip-protocol> ] [ comments <comments> ] [ session-timeout <session-timeout> ] [ accept-replies <accept-replies> ] [ sync-connections-on-cluster <sync-connections-on-cluster> ] [ match <match> ] [ aggressive-aging-enable <aggressive-aging-enable> ] [ aggressive-aging-timeout <aggressive-aging-timeout>...
  • Page 808 set service-protocol Example set service-protocol TEXT name TEXT ip-protocol 50 comments "This is a comment." session-timeout 15 accept-replies true sync-connections-on- cluster true match TEXT aggressive-aging-enable true aggressive-aging- timeout 15 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   808...

  • Page 809: Show Service-Protocol

    show service-protocol show service-protocol Description Shows the configuration of a specific non-TCP/UDP service object. Syntax show service-protocol <name> Parameters Parameter Description name Service name Type: String Example show service-protocol TEXT SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   809...

  • Page 810: Show Services-Protocol

    show services-protocol show services-protocol Description Shows the configuration of all non-TCP/UDP service objects. Syntax show services-protocol Parameters Parameter Description Example show services-protocol SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   810...

  • Page 811: Set Server Server-Access

    set server server-access set server server-access Description Configures an existing server object. A server object is a network object with predefined access and NAT configurations. Syntax set server server-access <name> [ access-zones { blocked [ trusted- zone-lan <trusted-zone-lan> ] [ trusted-zone-vpn-users <trusted-zone- vpn-users>...
  • Page 812 set server server-access Parameter Description trusted-zone- Indicates if traffic from Physical internal networks (LAN ports) to the server is allowed or blocked by default Options: blocked, allowed trusted-zone- Indicates if traffic from trusted wireless networks to the server is allowed or blocked trusted- by default wireless-...

  • Page 813: Set Server Server-Nat-Settings

    set server server-nat-settings set server server-nat-settings Description Configures NAT settings on an existing server object. Syntax set server server-nat-settings <name> [ nat-settings { static-nat [ static-nat-ipv4-address <static-nat-ipv4-address> ] [ static-nat-for- outgoing-traffic <static-nat-for-outgoing-traffic> ] | port-forwarding } ] [ port-address-translation <port-address-translation> ] [ port- address-translation-external <port-address-translation-external-port>...
  • Page 814 set server server-nat-settings Example set server server-nat-settings myObject_17 nat-settings static-nat static-nat-ipv4-address 192.168.1.1 static-nat-for-outgoing-traffic true port-address-translation true port-address-translation-external- port 8080 force-source-hide-nat true SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   814...

  • Page 815: Set Server Server-Network-Settings

    set server server-network-settings set server server-network-settings Description Configures network settings on an existing server object. Syntax set server server-network-settings <name> [ name <name> ] [ dhcp- exclude-ip-addr { on [ dhcp-reserve-ip-addr-to-mac { on mac-addr <mac- addr> | off } ] | off } ] [ comments <comments> ] [ dns-resolving <dns- resolving>...
  • Page 816 set server server-network-settings Example set server server-network-settings myObject_17 name myObject_17 dhcp- exclude-ip-addr on dhcp-reserve-ip-addr-to-mac on mac-addr 00:1C:7F:21:05:BE comments "This is a comment." dns-resolving true ipv4-address 192.168.1.1 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   816...

  • Page 817: Set Server Server-Ports

    set server server-ports set server server-ports Description Configures an existing server object. Syntax set server server-ports <name> [ web-server { true service-http { true [ service-http-ports <service-http-ports> ] | false } service-https { true [ service-https-ports <service-https-ports> ] | false } | false } ] [ mail-server { true service-smtp { true [ service-smtp-ports <service-smtp-ports>...
  • Page 818 set server server-ports Parameter Description service-dns Indicates if ports are defined for DNS (for a DNS server) service-dns- Configured ports for DNS (for a DNS server) ports service-ftp Indicates if ports are defined for FTP (for a FTP server) service-ftp- Configured ports for FTP (for a FTP server) ports service-http...
  • Page 819 set server server-ports Parameter Description udpProtocol udpProtocol Type: Boolean (true/false) web-server Indicates a web server (for each type we provide default but configurable ports) Example set server server-ports myObject_17 web-server true service-http true service-http-ports 8080-8090 service-https true service-https-ports 8080-8090 mail-server true service-smtp true service-smtp-ports 8080- 8090 service-pop3 true service-pop3-ports 8080-8090 service-imap true service-imap-ports 8080-8090 dns-server true service-dns true service- dns-ports 8080-8090 ftp-server true service-ftp true service-ftp-ports...

  • Page 820: Service-System-Default

    service-system-default service-system-default SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   820...

  • Page 821: Set Service-System-Default Any_Tcp

    set service-system-default Any_TCP set service-system-default Any_TCP Description Configures settings of the built-in Any_TCP service object. Syntax set service-system-default Any_TCP [ port <port> ] [ session-timeout <session-timeout> ] [ use-source-port { false | true [ source-port <source-port> ] } ] [ keep-connections-open-after-policy-installation <keep-connections-open-after-policy-installation>...
  • Page 822 set service-system-default Any_TCP Parameter Description sync-delay- True to delay connections synchronization. enable use-source- Use source port port Example set service-system-default Any_TCP port 8080-8090 session-timeout 15 use-source-port false source-port 8080 keep-connections-open-after- policy-installation true sync-connections-on-cluster true sync-delay- enable true delay-sync-interval 15 aggressive-aging-enable true aggressive-aging-timeout 15 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   822...
  • Page 823 show service-system-default Any_TCP show service-system-default Any_TCP Description Shows the settings of the built-in Any_TCP service object. Syntax show service-system-default Any_TCP Parameters Parameter Description Example show service-system-default Any_TCP SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   823...

  • Page 824: Set Service-System-Default Any_Udp

    set service-system-default Any_UDP set service-system-default Any_UDP Description Configures settings of the built-in Any_UDP service object. Syntax set service-system-default Any_UDP [ port <port> ] [ session-timeout <session-timeout> ] [ use-source-port { false | true [ source-port <source-port> ] } ] [ keep-connections-open-after-policy-installation <keep-connections-open-after-policy-installation>...
  • Page 825 set service-system-default Any_UDP Example set service-system-default Any_UDP port 8080-8090 session-timeout 15 use-source-port false source-port 8080 keep-connections-open-after- policy-installation true sync-connections-on-cluster true aggressive- aging-enable true aggressive-aging-timeout 15 accept-replies true SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   825...
  • Page 826 show service-system-default Any_UDP show service-system-default Any_UDP Description Shows the settings of the built-in Any_UDP service object. Syntax show service-system-default Any_UDP Parameters Parameter Description Example show service-system-default Any_UDP SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   826...

  • Page 827: Set Service-System-Default Cifs

    set service-system-default CIFS set service-system-default CIFS Description Configures settings of the built-in CIFS service object. Syntax set service-system-default CIFS [ port <port> ] [ disable-inspection <disable-inspection>] [ session-timeout <session-timeout> ] [ use- source-port { false | true [ source-port <source-port> ] } ] [ keep- connections-open-after-policy-installation <keep-connections-open- after-policy-installation>...
  • Page 828 set service-system-default CIFS Parameter Description sync- Enables state-synchronized High Availability or Load Sharing on a ClusterXL or connections- OPSEC-certified cluster. Of the services allowed by the Rule Base, only those with on-cluster synchronize connections on cluster will be synchronized as they pass through the cluster.

  • Page 829: Show Service-System-Default Cifs

    show service-system-default CIFS show service-system-default CIFS Description Shows the settings of the built-in CIFS service object. Syntax show service-system-default CIFS Parameters Parameter Description Example show service-system-default CIFS SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   829...

  • Page 830: Set Service-System-Default Citrix

    set service-system-default Citrix set service-system-default Citrix Description Configures settings of the built-in Citrix service object. Syntax set service-system-default Citrix [ port <port> ] [ disable-inspection <disable-inspection> ] [ session-timeout <session-timeout> ] [ use- source-port { false | true [ source-port <source-port> ] } ] [ keep- connections-open-after-policy-installation <keep-connections-open- after-policy-installation>...
  • Page 831 set service-system-default Citrix Parameter Description sync- Enables state-synchronized High Availability or Load Sharing on a ClusterXL or connections- OPSEC-certified cluster. Of the services allowed by the Rule Base, only those with on-cluster synchronize connections on cluster will be synchronized as they pass through the cluster.

  • Page 832: Show Service-System-Default Citrix

    show service-system-default Citrix show service-system-default Citrix Description Shows the settings of the built-in Citrix service object. Syntax show service-system-default Citrix Parameters Parameter Description Example show service-system-default Citrix SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   832...

  • Page 833: Set Service-System-Default Citrix Firewall-Settings

    set service-system-default Citrix firewall-settings set service-system-default Citrix firewall- settings Description Configures firewall inspection settings of the built-in Citrix service object. Syntax set service-system-default Citrix firewall-settings [ protocol-support <protocol-support> ] Parameters Parameter Description protocol- Which protocol to support on the configured ports. The default port 1494 is commonly support used by two different protocols - Winframe or Citrix ICA Options: PROTO_TYPE.WIN_FRAME, PROTO_TYPE.CITRIX_ICA...

  • Page 834: Show Service-System-Default Citrix Firewall-Settings

    show service-system-default Citrix firewall-settings show service-system-default Citrix firewall- settings Description Shows the inspection settings of the built-in Citrix service object. Syntax show service-system-default Citrix firewall-settings Parameters Parameter Description Example show service-system-default Citrix firewall-settings SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   834...

  • Page 835: Set Service-System-Default Dhcp

    set service-system-default DHCP set service-system-default DHCP Description Configures settings of the built-in DHCP service object. Syntax set service-system-default DHCP [ port <port> ] [ disable-inspection <disable-inspection> ] [ session-timeout <session-timeout> ] [ use- source-port { false | true [ source-port <source-port> ] } ] [ accept- replies <accept-replies>...

  • Page 836: Show Service-System-Default Dhcp

    show service-system-default DHCP show service-system-default DHCP Description Shows the settings of the built-in DHCP service object. Syntax show service-system-default DHCP Parameters Parameter Description Example show service-system-default DHCP SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   836...

  • Page 837: Set Service-System-Default Dns_Tcp

    set service-system-default DNS_TCP set service-system-default DNS_TCP Description Configures settings of the built-in DNS_TCP service object. Syntax set service-system-default DNS_TCP [ port <port> ] [ disable-inspection <disable-inspection> ] [ session-timeout <session-timeout> ] [ use- source-port { false | true [ source-port <source-port> ] } ] [ keep- connections-open-after-policy-installation <keep-connections-open- after-policy-installation>...
  • Page 838 set service-system-default DNS_TCP Parameter Description sync- Enables state-synchronized High Availability or Load Sharing on a ClusterXL or connections- OPSEC-certified cluster. Of the services allowed by the Rule Base, only those with on-cluster synchronize connections on cluster will be synchronized as they pass through the cluster.
  • Page 839 show service-system-default DNS_TCP show service-system-default DNS_TCP Description Shows the settings of the built-in DNS_TCP service object. Syntax show service-system-default DNS_TCP Parameters Parameter Description Example show service-system-default DNS_TCP SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   839...

  • Page 840: Set Service-System-Default Dns_Udp

    set service-system-default DNS_UDP set service-system-default DNS_UDP Description Configures settings of the built-in DNS_UDP service object. Syntax set service-system-default DNS_UDP [ port <port> ] [ disable-inspection <disable-inspection> ] [ session-timeout <session-timeout> ] [ use- source-port { false | true [ source-port <source-port> ] } ] [ accept- replies <accept-replies>...
  • Page 841 show service-system-default DNS_UDP show service-system-default DNS_UDP Description Shows the settings of the built-in DNS_UDP service object. Syntax show service-system-default DNS_UDP Parameters Parameter Description Example show service-system-default DNS_UDP SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   841...

  • Page 842: Set Service-System-Default Ftp

    set service-system-default FTP set service-system-default FTP Description Configures settings of the built-in FTP service object. Syntax set service-system-default FTP [ port <port> ] [ disable-inspection <disable-inspection> ] [ session-timeout <session-timeout> ] [ use- source-port { false | true [ source-port <source-port> ] } ] [ keep- connections-open-after-policy-installation <keep-connections-open- after-policy-installation>...
  • Page 843 set service-system-default FTP Parameter Description sync- Enables state-synchronized High Availability or Load Sharing on a ClusterXL or connections- OPSEC-certified cluster. Of the services allowed by the Rule Base, only those with on-cluster synchronize connections on cluster will be synchronized as they pass through the cluster.

  • Page 844: Show Service-System-Default Ftp

    show service-system-default FTP show service-system-default FTP Description Shows the settings of the built-in FTP service object. Syntax show service-system-default FTP Parameters Parameter Description Example show service-system-default FTP SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   844...

  • Page 845: Set Service-System-Default Ftp Firewall-Settings

    set service-system-default FTP firewall-settings set service-system-default FTP firewall-settings Description Configures firewall inspection settings of the built-in FTP service object. Syntax set service-system-default FTP firewall-settings [ mode <mode> ] Parameters Parameter Description mode FTP connection mode (allowed values are 'Any', 'Active' or 'Passive'). Options: any, active, passive Example set service-system-default FTP firewall-settings mode any...

  • Page 846: Show Service-System-Default Ftp Firewall-Settings

    show service-system-default FTP firewall-settings show service-system-default FTP firewall- settings Description Shows the inspection settings of the built-in FTP service object. Syntax show service-system-default FTP firewall-settings Parameters Parameter Description Example show service-system-default FTP firewall-settings SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   846...

  • Page 847: Set Service-System-Default Gre

    set service-system-default GRE set service-system-default GRE Description Configures settings of the built-in GRE service object. Syntax set service-system-default GRE [ ip-protocol <ip-protocol> ] [ disable- inspection <disable-inspection> ] [ session-timeout <session-timeout>] [ accept-replies <accept-replies> ] [ match <match> ] [ keep- connections-open-after-policy-installation <keep-connections-open- after-policy-installation>...
  • Page 848 set service-system-default GRE Example set service-system-default GRE ip-protocol 15 disable-inspection true session-timeout 15 accept-replies true match TEXT keep-connections- open-after-policy-installation true sync-connections-on-cluster true aggressive-aging-enable true aggressive-aging-timeout 15 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   848...

  • Page 849: Show Service-System-Default Gre

    show service-system-default GRE show service-system-default GRE Description Shows the settings of the built-in GRE service object. Syntax show service-system-default GRE Parameters Parameter Description Example show service-system-default GRE SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   849...

  • Page 850: Set Service-System-Default H323

    set service-system-default H323 set service-system-default H323 Description Configures settings of the built-in H323 service object. Syntax set service-system-default H323 [ port <port> ] [ disable-inspection <disable-inspection> ] [ session-timeout <session-timeout> ] [ use- source-port { false | true [ source-port <source-port> ] } ] [ keep- connections-open-after-policy-installation <keep-connections-open- after-policy-installation>...
  • Page 851 set service-system-default H323 Example set service-system-default H323 port 8080-8090 disable-inspection true session-timeout 15 use-source-port false source-port 8080 keep- connections-open-after-policy-installation true sync-connections-on- cluster true sync-delay-enable true delay-sync-interval 15 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   851...

  • Page 852: Show Service-System-Default H323

    show service-system-default H323 show service-system-default H323 Description Shows the settings of the built-in H323 service object. Syntax show service-system-default H323 Parameters Parameter Description Example show service-system-default H323 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   852...

  • Page 853: Set Service-System-Default H323_Ras

    set service-system-default H323_RAS set service-system-default H323_RAS Description Configures settings of the built-in H323_RAS service object. Syntax set service-system-default H323_RAS [ port <port> ] [ disable- inspection <disable-inspection> ] [ session-timeout <session-timeout> ] [ use-source-port { false | true [ source-port <source-port> ] } ] [ accept-replies <accept-replies>...

  • Page 854: Show Service-System-Default H323_Ras

    show service-system-default H323_RAS show service-system-default H323_RAS Description Shows the settings of the built-in H323_RAS service object. Syntax show service-system-default H323_RAS Parameters Parameter Description Example show service-system-default H323_RAS SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   854...

  • Page 855: Set Service-System-Default Http

    set service-system-default HTTP set service-system-default HTTP Description Configures settings of the built-in HTTP service object. Syntax set service-system-default HTTP [ port <port> ] [ disable-inspection <disable-inspection> ] [ session-timeout <session-timeout> ] [ use- source-port { false | true [ source-port <source-port> ] } ] [ keep- connections-open-after-policy-installation <keep-connections-open- after-policy-installation>...
  • Page 856 set service-system-default HTTP Parameter Description sync- Enables state-synchronized High Availability or Load Sharing on a ClusterXL or connections- OPSEC-certified cluster. Of the services allowed by the Rule Base, only those with on-cluster synchronize connections on cluster will be synchronized as they pass through the cluster.

  • Page 857: Show Service-System-Default Http

    show service-system-default HTTP show service-system-default HTTP Description Shows the settings of the built-in HTTP service object. Syntax show service-system-default HTTP Parameters Parameter Description Example show service-system-default HTTP SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   857...

  • Page 858: Set Service-System-Default Https

    set service-system-default HTTPS set service-system-default HTTPS Description Configures settings of the built-in HTTPS service object. Syntax set service-system-default HTTPS [ port <port> ] [ disable-inspection <disable-inspection> ] [ session-timeout <session-timeout> ] [ use- source-port { false | true [ source-port <source-port> ] } ] [ keep- connections-open-after-policy-installation <keep-connections-open- after-policy-installation>...
  • Page 859 set service-system-default HTTPS Parameter Description sync- Enables state-synchronized High Availability or Load Sharing on a ClusterXL or connections- OPSEC-certified cluster. Of the services allowed by the Rule Base, only those with on-cluster synchronize connections on cluster will be synchronized as they pass through the cluster.

  • Page 860: Show Service-System-Default Https

    show service-system-default HTTPS show service-system-default HTTPS Description Shows the settings of the built-in HTTPS service object. Syntax show service-system-default HTTPS Parameters Parameter Description Example show service-system-default HTTPS SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   860...

  • Page 861: Set Service-System-Default Http Ips-Settings

    set service-system-default HTTP ips-settings set service-system-default HTTP ips-settings Description Configures IPS settings of the built-in HTTP service object. Syntax set service-system-default HTTP ips-settings [ non-standard-ports- action <non-standard-ports-action>] [ non-standard-ports-track <non- standard-ports-track> ] [ parser-failure-action <parser-failure-action> ] [ parser-failure-track <parser-failure-track> ] [ strict-request <strict-request>...
  • Page 862 set service-system-default HTTP ips-settings Parameter Description non- Select track option for connection over non standard ports (allowed values are 'log', standard- 'alert' and 'don't log') . ports-track Options: none, log, alert parser- Select action for when the parser fails (allowed values are 'Accept' and 'Block'). failure-action Options: block, accept parser-...

  • Page 863: Show Service-System-Default Http Ips-Settings

    show service-system-default HTTP ips-settings show service-system-default HTTP ips-settings Description Shows the inspection settings of the built-in HTTP service object. Syntax show service-system-default HTTP ips-settings Parameters Parameter Description Example show service-system-default HTTP ips-settings SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   863...

  • Page 864: Set Service-System-Default Https Url-Filtering-Settings

    set service-system-default HTTPS url-filtering-settings set service-system-default HTTPS url-filtering- settings Description Configures URL filtering over HTTPS. Enables categorization over HTTPS even without full SSL inspection. Syntax set service-system-default HTTPS url-filtering-settings [ categorize- https-sites <categorize-https-sites> ] Parameters Parameter Description categorize-https-sites Categorize HTTPS sites by their certificate CN. Type: Boolean (true/false) Example set service-system-default HTTPS url-filtering-settings categorize-...

  • Page 865: Show Service-System-Default Https Url-Filtering-Settings

    show service-system-default HTTPS url-filtering-settings show service-system-default HTTPS url- filtering-settings Description Shows the configuration of URL filtering categorization option over HTTPS. Syntax show service-system-default HTTPS url-filtering-settings Parameters Parameter Description Example show service-system-default HTTPS url-filtering-settings SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   865...

  • Page 866: Set Service-System-Default Iiop

    set service-system-default IIOP set service-system-default IIOP Description Configures settings of the built-in IIOP service object. Syntax set service-system-default IIOP [ port <port> ] [ disable-inspection <disable-inspection> ] [ session-timeout <session-timeout> ] [ use- source-port { false | true [ source-port <source-port> ] } ] [ keep- connections-open-after-policy-installation <keep-connections-open- after-policy-installation>...
  • Page 867 set service-system-default IIOP Parameter Description sync- Enables state-synchronized High Availability or Load Sharing on a ClusterXL or connections- OPSEC-certified cluster. Of the services allowed by the Rule Base, only those with on-cluster synchronize connections on cluster will be synchronized as they pass through the cluster.

  • Page 868: Show Service-System-Default Iiop

    show service-system-default IIOP show service-system-default IIOP Description Shows the settings of the built-in IIOP service object. Syntax show service-system-default IIOP Parameters Parameter Description Example show service-system-default IIOP SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   868...

  • Page 869: Set Service-System-Default Imap

    set service-system-default IMAP set service-system-default IMAP Description Configures settings of the built-in IMAP service object. Syntax set service-system-default IMAP [ port <port> ] [ disable-inspection <disable-inspection> ] [ session-timeout <session-timeout> ] [ use- source-port { false | true [ source-port <source-port> ] } ] [ keep- connections-open-after-policy-installation <keep-connections-open- after-policy-installation>...
  • Page 870 set service-system-default IMAP Parameter Description sync- Enables state-synchronized High Availability or Load Sharing on a ClusterXL or connections- OPSEC-certified cluster. Of the services allowed by the Rule Base, only those with on-cluster synchronize connections on cluster will be synchronized as they pass through the cluster sync-delay- True to delay connections synchronization...

  • Page 871: Show Service-System-Default Imap

    show service-system-default IMAP show service-system-default IMAP Description Shows the settings of the built-in IMAP service object. Syntax show service-system-default IMAP Parameters Parameter Description Example show service-system-default IMAP SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   871...

  • Page 872: Set Service-System-Default Ldap

    set service-system-default LDAP set service-system-default LDAP Description Configures settings of the built-in LDAP service object. Syntax set service-system-default LDAP [ port <port> ] [ disable-inspection <disable-inspection> ] [ session-timeout <session-timeout> ] [ use- source-port { false | true [ source-port <source-port> ] } ] [ keep- connections-open-after-policy-installation <keep-connections-open- after-policy-installation>...
  • Page 873 set service-system-default LDAP Parameter Description sync- Enables state-synchronized High Availability or Load Sharing on a ClusterXL or connections- OPSEC-certified cluster. Of the services allowed by the Rule Base, only those with on-cluster synchronize connections on cluster will be synchronized as they pass through the cluster sync-delay- True to delay connections synchronization...

  • Page 874: Show Service-System-Default Ldap

    show service-system-default LDAP show service-system-default LDAP Description Shows the settings of the built-in LDAP service object. Syntax show service-system-default LDAP Parameters Parameter Description Example show service-system-default LDAP SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   874...

  • Page 875: Set Service-System-Default Mgcp

    set service-system-default MGCP set service-system-default MGCP Description Configures settings of the built-in MGCP service object. Syntax set service-system-default MGCP [ port <port> ] [ disable-inspection <disable-inspection> ] [ session-timeout <session-timeout> ] [ use- source-port { false | true [ source-port <source-port>] } ] [ accept- replies <accept-replies>...

  • Page 876: Show Service-System-Default Mgcp

    show service-system-default MGCP show service-system-default MGCP Description Shows the settings of the built-in MGCP service object. Syntax show service-system-default MGCP Parameters Parameter Description Example show service-system-default MGCP SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   876...

  • Page 877: Set Service-System-Default Netbiosdatagram

    set service-system-default NetBIOSDatagram set service-system-default NetBIOSDatagram Description Configures settings of the built-in NetBiosDatagram service object. Syntax set service-system-default NetBIOSDatagram [ port <port> ] [ disable- inspection <disable-inspection> ] [ session-timeout <session-timeout> ] [ use-source-port { false | true [ source-port <source-port> ] } ] [ accept-replies <accept-replies>...

  • Page 878: Show Service-System-Default Netbiosdatagram

    show service-system-default NetBIOSDatagram show service-system-default NetBIOSDatagram Description Shows the settings of the built-in NetBiosDatagram service object. Syntax show service-system-default NetBIOSDatagram Parameters Parameter Description Example show service-system-default NetBIOSDatagram SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   878...

  • Page 879: Set Service-System-Default Netbiosname

    set service-system-default NetBIOSName set service-system-default NetBIOSName Description Configures settings of the built-in NetBiosName service object. Syntax set service-system-default NetBIOSName [ port <port> ] [ disable- inspection <disable-inspection>] [ session-timeout <session-timeout> ] [ use-source-port { false | true [ source-port <source-port> ] } ] [ accept-replies <accept-replies>] Parameters Parameter...

  • Page 880: Show Service-System-Default Netbiosname

    show service-system-default NetBIOSName show service-system-default NetBIOSName Description Shows the settings of the built-in NetBiosName service object. Syntax show service-system-default NetBIOSName Parameters Parameter Description Example show service-system-default NetBIOSName SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   880...

  • Page 881: Set Service-System-Default Netshow

    set service-system-default NetShow set service-system-default NetShow Description Configures settings of the built-in NetShow service object. Syntax set service-system-default NetShow [ port <port> ] [ disable-inspection <disable-inspection> ] [ session-timeout <session-timeout> ] [ use- source-port { false | true [ source-port <source-port> ] } ] [ keep- connections-open-after-policy-installation <keep-connections-open- after-policy-installation>...
  • Page 882 set service-system-default NetShow Parameter Description sync- Enables state-synchronized High Availability or Load Sharing on a ClusterXL or connections- OPSEC-certified cluster. Of the services allowed by the Rule Base, only those with on-cluster synchronize connections on cluster will be synchronized as they pass through the cluster sync-delay- True to delay connections synchronization...

  • Page 883: Show Service-System-Default Netshow

    show service-system-default NetShow show service-system-default NetShow Description Shows the settings of the built-in NetShow service object. Syntax show service-system-default NetShow Parameters Parameter Description Example show service-system-default NetShow SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   883...

  • Page 884: Set Service-System-Default Nntp

    set service-system-default NNTP set service-system-default NNTP Description Configures settings of the built-in NNTP service object. Syntax set service-system-default NNTP [ port <port> ] [ disable-inspection <disable-inspection>] [ session-timeout <session-timeout> ] [ use- source-port { false | true [ source-port <source-port> ] } ] [ keep- connections-open-after-policy-installation <keep-connections-open- after-policy-installation>...
  • Page 885 set service-system-default NNTP Parameter Description sync- Enables state-synchronized High Availability or Load Sharing on a ClusterXL or connections- OPSEC-certified cluster. Of the services allowed by the Rule Base, only those with on-cluster synchronize connections on cluster will be synchronized as they pass through the cluster sync-delay- True to delay connections synchronization...

  • Page 886: Show Service-System-Default Nntp

    show service-system-default NNTP show service-system-default NNTP Description Shows the settings of the built-in NNTP service object. Syntax show service-system-default NNTP Parameters Parameter Description Example show service-system-default NNTP SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   886...

  • Page 887: Set Service-System-Default Pop3

    set service-system-default POP3 set service-system-default POP3 Description Configures settings of the built-in POP3 service object. Syntax set service-system-default POP3 [ port <port> ] [ disable-inspection <disable-inspection> ] [ session-timeout <session-timeout> ] [ use- source-port { false | true [ source-port <source-port> ] } ] [ keep- connections-open-after-policy-installation <keep-connections-open- after-policy-installation>...
  • Page 888 set service-system-default POP3 Parameter Description sync- Enables state-synchronized High Availability or Load Sharing on a ClusterXL or connections- OPSEC-certified cluster. Of the services allowed by the Rule Base, only those with on-cluster synchronize connections on cluster will be synchronized as they pass through the cluster sync-delay- True to delay connections synchronization...

  • Page 889: Show Service-System-Default Pop3

    show service-system-default POP3 show service-system-default POP3 Description Shows the settings of the built-in POP3 service object. Syntax show service-system-default POP3 Parameters Parameter Description Example show service-system-default POP3 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   889...

  • Page 890: Set Service-System-Default Pptp_Tcp

    set service-system-default PPTP_TCP set service-system-default PPTP_TCP Description Configures settings of the built-in PPTP_TCP service object. Syntax set service-system-default PPTP_TCP [ port <port> ] [ disable- inspection <disable-inspection>] [ session-timeout <session-timeout> ] [ use-source-port { false | true [ source-port <source-port> ] } ] [ keep-connections-open-after-policy-installation <keep-connections-open- after-policy-installation>...
  • Page 891 set service-system-default PPTP_TCP Parameter Description sync- Enables state-synchronized High Availability or Load Sharing on a ClusterXL or connections- OPSEC-certified cluster. Of the services allowed by the Rule Base, only those with on-cluster synchronize connections on cluster will be synchronized as they pass through the cluster sync-delay- True to delay connections synchronization...
  • Page 892 show service-system-default PPTP_TCP show service-system-default PPTP_TCP Description Shows the settings of the built-in PPTP_TCP service object. Syntax show service-system-default PPTP_TCP Parameters Parameter Description Example show service-system-default PPTP_TCP SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   892...

  • Page 893: Set Service-System-Default Pptp_Tcp Ips-Settings

    set service-system-default PPTP_TCP ips-settings set service-system-default PPTP_TCP ips- settings Description Configures additional inspection settings of the built-in PPTP_TCP service object. Syntax set service-system-default PPTP_TCP ips-settings [ action <action> ] [ track <track> ] [ strict <strict> ] Parameters Parameter Description action Select action for PPTP connections (allowed values are 'Accept' and 'Block') Options: block, accept...

  • Page 894: Show Service-System-Default Pptp_Tcp Ips-Settings

    show service-system-default PPTP_TCP ips-settings show service-system-default PPTP_TCP ips- settings Description Shows the inspection settings of the built-in Any_TCP service object. Syntax show service-system-default PPTP_TCP ips-settings Parameters Parameter Description Example show service-system-default PPTP_TCP ips-settings SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   894...

  • Page 895: Set Service-System-Default Realaudio

    set service-system-default RealAudio set service-system-default RealAudio Description Configures settings of the built-in RealAudio service object. Syntax set service-system-default RealAudio [ port <port> ] [ disable- inspection <disable-inspection> ] [ session-timeout <session-timeout> ] [ use-source-port { false | true [ source-port <source-port> ] } ] [ keep-connections-open-after-policy-installation <keep-connections-open- after-policy-installation>...
  • Page 896 set service-system-default RealAudio Parameter Description sync- Enables state-synchronized High Availability or Load Sharing on a ClusterXL or connections- OPSEC-certified cluster. Of the services allowed by the Rule Base, only those with on-cluster synchronize connections on cluster will be synchronized as they pass through the cluster sync-delay- True to delay connections synchronization...

  • Page 897: Show Service-System-Default Realaudio

    show service-system-default RealAudio show service-system-default RealAudio Description Shows the settings of the built-in RealAudio service object. Syntax show service-system-default RealAudio Parameters Parameter Description Example show service-system-default RealAudio SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   897...

  • Page 898: Set Service-System-Default Rsh

    set service-system-default RSH set service-system-default RSH Description Configures settings of the built-in RSH service object. Syntax set service-system-default RSH [ port <port> ] [ disable-inspection <disable-inspection> ] [ session-timeout <session-timeout> ] [ use- source-port { false | true [ source-port <source-port> ] } ] [ keep- connections-open-after-policy-installation <keep-connections-open- after-policy-installation>...
  • Page 899 set service-system-default RSH Parameter Description sync- Enables state-synchronized High Availability or Load Sharing on a ClusterXL or connections- OPSEC-certified cluster. Of the services allowed by the Rule Base, only those with on-cluster synchronize connections on cluster will be synchronized as they pass through the cluster sync-delay- True to delay connections synchronization...

  • Page 900: Show Service-System-Default Rsh

    show service-system-default RSH show service-system-default RSH Description Shows the settings of the built-in RSH service object. Syntax show service-system-default RSH Parameters Parameter Description Example show service-system-default RSH SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   900...

  • Page 901: Set Service-System-Default Rtsp

    set service-system-default RTSP set service-system-default RTSP Description Configures settings of the built-in RTSP service object. Syntax set service-system-default RTSP [ port <port> ] [ disable-inspection <disable-inspection> ] [ session-timeout <session-timeout> ] [ use- source-port { false | true [ source-port <source-port> ] } ] [ keep- connections-open-after-policy-installation <keep-connections-open- after-policy-installation>...
  • Page 902 set service-system-default RTSP Parameter Description sync- Enables state-synchronized High Availability or Load Sharing on a ClusterXL or connections- OPSEC-certified cluster. Of the services allowed by the Rule Base, only those with on-cluster synchronize connections on cluster will be synchronized as they pass through the cluster sync-delay- True to delay connections synchronization...

  • Page 903: Show Service-System-Default Rtsp

    show service-system-default RTSP show service-system-default RTSP Description Shows the settings of the built-in RTSP service object. Syntax show service-system-default RTSP Parameters Parameter Description Example show service-system-default RTSP SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   903...

  • Page 904: Set Service-System-Default Sccp

    set service-system-default SCCP set service-system-default SCCP Description Configures settings of the built-in SCCP service object. Syntax set service-system-default SCCP [ port <port> ] [ disable-inspection <disable-inspection> ] [ session-timeout <session-timeout> ] [ use- source-port { false | true [ source-port <source-port> ] } ] [ keep- connections-open-after-policy-installation <keep-connections-open- after-policy-installation>...
  • Page 905 set service-system-default SCCP Parameter Description sync- Enables state-synchronized High Availability or Load Sharing on a ClusterXL or connections- OPSEC-certified cluster. Of the services allowed by the Rule Base, only those with on-cluster synchronize connections on cluster will be synchronized as they pass through the cluster sync-delay- True to delay connections synchronization...

  • Page 906: Show Service-System-Default Sccp

    show service-system-default SCCP show service-system-default SCCP Description Shows the settings of the built-in SCCP service object. Syntax show service-system-default SCCP Parameters Parameter Description Example show service-system-default SCCP SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   906...

  • Page 907: Set Service-System-Default Sccps

    set service-system-default SCCPS set service-system-default SCCPS Description Configures settings of the built-in SCCPS service object. Syntax set service-system-default SCCPS [ port <port> ] [ disable-inspection <disable-inspection> ] [ session-timeout <session-timeout> ] [ use- source-port { false | true [ source-port <source-port> ] } ] [ keep- connections-open-after-policy-installation <keep-connections-open- after-policy-installation>...
  • Page 908 set service-system-default SCCPS Parameter Description sync- Enables state-synchronized High Availability or Load Sharing on a ClusterXL or connections- OPSEC-certified cluster. Of the services allowed by the Rule Base, only those with on-cluster synchronize connections on cluster will be synchronized as they pass through the cluster sync-delay- True to delay connections synchronization...

  • Page 909: Show Service-System-Default Sccps

    show service-system-default SCCPS show service-system-default SCCPS Description Shows the settings of the built-in SCCPS service object. Syntax show service-system-default SCCPS Parameters Parameter Description Example show service-system-default SCCPS SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   909...

  • Page 910: Set Service-System-Default Sip_Tcp

    set service-system-default SIP_TCP set service-system-default SIP_TCP Description Configures settings of the built-in SIP_TCP service object. Syntax set service-system-default SIP_TCP [ port <port> ] [ disable-inspection <disable-inspection> ] [ session-timeout <session-timeout> ] [ use- source-port { false | true [ source-port <source-port> ] } ] [ keep- connections-open-after-policy-installation <keep-connections-open- after-policy-installation>...
  • Page 911 set service-system-default SIP_TCP Parameter Description sync- Enables state-synchronized High Availability or Load Sharing on a ClusterXL or connections- OPSEC-certified cluster. Of the services allowed by the Rule Base, only those with on-cluster synchronize connections on cluster will be synchronized as they pass through the cluster sync-delay- True to delay connections synchronization...
  • Page 912 show service-system-default SIP_TCP show service-system-default SIP_TCP Description Shows the settings of the built-in SIP_TCP service object. Syntax show service-system-default SIP_TCP Parameters Parameter Description Example show service-system-default SIP_TCP SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   912...

  • Page 913: Set Service-System-Default Sip_Udp

    set service-system-default SIP_UDP set service-system-default SIP_UDP Description Configures settings of the built-in SIP_UDP service object. Syntax set service-system-default SIP_UDP [ port <port> ] [ disable-inspection <disable-inspection> ] [ session-timeout <session-timeout> ] [ use- source-port { false | true [ source-port <source-port> ] } ] [ accept- replies <accept-replies>...
  • Page 914 show service-system-default SIP_UDP show service-system-default SIP_UDP Description Shows the settings of the built-in SIP_UDP service object. Syntax show service-system-default SIP_UDP Parameters Parameter Description Example show service-system-default SIP_UDP SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   914...

  • Page 915: Set Service-System-Default Smtp

    set service-system-default SMTP set service-system-default SMTP Description Configures settings of the built-in SMTP service object. Syntax set service-system-default SMTP [ port <port> ] [ disable-inspection <disable-inspection> ] [ session-timeout <session-timeout> ] [ use- source-port { false | true [ source-port <source-port> ] } ] [ keep- connections-open-after-policy-installation <keep-connections-open- after-policy-installation>...
  • Page 916 set service-system-default SMTP Parameter Description sync- Enables state-synchronized High Availability or Load Sharing on a ClusterXL or connections- OPSEC-certified cluster. Of the services allowed by the Rule Base, only those with on-cluster synchronize connections on cluster will be synchronized as they pass through the cluster sync-delay- True to delay connections synchronization...

  • Page 917: Show Service-System-Default Smtp

    show service-system-default SMTP show service-system-default SMTP Description Shows the settings of the built-in SMTP service object. Syntax show service-system-default SMTP Parameters Parameter Description Example show service-system-default SMTP SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   917...

  • Page 918: Set Service-System-Default Snmp

    set service-system-default SNMP set service-system-default SNMP Description Configures settings of the built-in SNMP service object. Syntax set service-system-default SNMP [ port <port> ] [ disable-inspection <disable-inspection> ] [ session-timeout <session-timeout> ] [ use- source-port { false | true [ source-port <source-port> ] } ] [ accept- replies <accept-replies>...

  • Page 919: Show Service-System-Default Snmp

    show service-system-default SNMP show service-system-default SNMP Description Shows the settings of the built-in SNMP service object. Syntax show service-system-default SNMP Parameters Parameter Description Example show service-system-default SNMP SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   919...

  • Page 920: Set Service-System-Default Snmp Firewall-Settings

    set service-system-default SNMP firewall-settings set service-system-default SNMP firewall- settings Description Additional configuration for SNMP service Syntax set service-system-default SNMP firewall-settings [ read-only <read- only> ] Parameters Parameter Description read-only True to enforce read-only mode Type: Boolean (true/false) Example set service-system-default SNMP firewall-settings read-only true SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   920...

  • Page 921: Show Service-System-Default Snmp Firewall-Settings

    show service-system-default SNMP firewall-settings show service-system-default SNMP firewall- settings Description Shows the inspection settings of the built-in SNMP service object. Syntax show service-system-default SNMP firewall-settings Parameters Parameter Description Example show service-system-default SNMP firewall-settings SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   921...

  • Page 922: Set Service-System-Default Sqlnet

    set service-system-default SQLNet set service-system-default SQLNet Description Configures settings of the built-in SQLNet service object. Syntax set service-system-default SQLNet [ port <port> ] [ disable-inspection <disable-inspection> ] [ session-timeout <session-timeout> ] [ use- source-port { false | true [ source-port <source-port> ] } ] [ keep- connections-open-after-policy-installation <keep-connections-open- after-policy-installation>...
  • Page 923 set service-system-default SQLNet Parameter Description sync- Enables state-synchronized High Availability or Load Sharing on a ClusterXL or connections- OPSEC-certified cluster. Of the services allowed by the Rule Base, only those with on-cluster synchronize connections on cluster will be synchronized as they pass through the cluster sync-delay- True to delay connections synchronization...

  • Page 924: Show Service-System-Default Sqlnet

    show service-system-default SQLNet show service-system-default SQLNet Description Shows the settings of the built-in SQLNet service object. Syntax show service-system-default SQLNet Parameters Parameter Description Example show service-system-default SQLNet SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   924...

  • Page 925: Set Service-System-Default Ssh

    set service-system-default SSH set service-system-default SSH Description Configures settings of the built-in SSH service object. Syntax set service-system-default SSH [ port <port> ] [ disable-inspection <disable-inspection> ] [ session-timeout <session-timeout>] [ use- source-port { false | true [ source-port <source-port> ] } ] [ keep- connections-open-after-policy-installation <keep-connections-open- after-policy-installation>...
  • Page 926 set service-system-default SSH Parameter Description sync- Enables state-synchronized High Availability or Load Sharing on a ClusterXL or connections- OPSEC-certified cluster. Of the services allowed by the Rule Base, only those with on-cluster synchronize connections on cluster will be synchronized as they pass through the cluster sync-delay- True to delay connections synchronization...

  • Page 927: Show Service-System-Default Ssh

    show service-system-default SSH show service-system-default SSH Description Shows the settings of the built-in SSH service object. Syntax show service-system-default SSH Parameters Parameter Description Example show service-system-default SSH SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   927...

  • Page 928: Set Service-System-Default Ssh Ips-Settings

    set service-system-default SSH ips-settings set service-system-default SSH ips-settings Description Configures additional inspection settings of the built-in SSH service object. Syntax set service-system-default SSH ips-settings [ block-version <block- version> Parameters Parameter Description block-version True to enforce blocking of version 1.x Type: Boolean (true/false) Example set service-system-default SSH ips-settings block-version true SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   928...

  • Page 929: Show Service-System-Default Ssh Ips-Settings

    show service-system-default SSH ips-settings show service-system-default SSH ips-settings Description Shows the inspection settings of the built-in SSH service object. Syntax show service-system-default SSH ips-settings Parameters Parameter Description Example show service-system-default SSH ips-settings SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   929...

  • Page 930: Set Service-System-Default Telnet

    set service-system-default TELNET set service-system-default TELNET Description Configures settings of the built-in TELNET service object. Syntax set service-system-default TELNET [ port <port> ] [ disable-inspection <disable-inspection> ] [ session-timeout <session-timeout> ] [ use- source-port { false | true [ source-port <source-port> ] } ] [ keep- connections-open-after-policy-installation <keep-connections-open- after-policy-installation>...
  • Page 931 set service-system-default TELNET Parameter Description sync- Enables state-synchronized High Availability or Load Sharing on a ClusterXL or connections- OPSEC-certified cluster. Of the services allowed by the Rule Base, only those with on-cluster synchronize connections on cluster will be synchronized as they pass through the cluster sync-delay- True to delay connections synchronization...

  • Page 932: Show Service-System-Default Telnet

    show service-system-default TELNET show service-system-default TELNET Description Shows the settings of the built-in TELNET service object. Syntax show service-system-default TELNET Parameters Parameter Description Example show service-system-default TELNET SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   932...

  • Page 933: Set Service-System-Default Tftp

    set service-system-default TFTP set service-system-default TFTP Description Configures settings of the built-in TFTP service object. Syntax set service-system-default TFTP [ port <port> ] [ disable-inspection <disable-inspection> ] [ accept-replies <accept-replies> ] [ session- timeout <session-timeout> ] [ use-source-port { false | true [ source- port <source-port>...
  • Page 934 set service-system-default TFTP Example set service-system-default TFTP port 8080-8090 disable-inspection true accept-replies true session-timeout 15 use-source-port false source- port 8080 keep-connections-open-after-policy-installation true sync- connections-on-cluster true SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   934...

  • Page 935: Show Service-System-Default Tftp

    show service-system-default TFTP show service-system-default TFTP Description Shows the settings of the built-in TFTP service object. Syntax show service-system-default TFTP Parameters Parameter Description Example show service-system-default TFTP SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   935...

  • Page 936: Service-Tcp

    service-tcp service-tcp SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   936...

  • Page 937: Add Service-Tcp

    add service-tcp add service-tcp Description Adds a new TCP service object with configurable ports. Syntax add service-tcp name <name> port <port> [ comments <comments> ] Parameters Parameter Description comments Comments and explanation about the service Type: A string that contains less than 257 characters, of this set: 0-9, a-z or , . - : () @ name Service name Type: String...

  • Page 938: Set Service-Tcp

    set service-tcp set service-tcp Description Configures an existing TCP service object. Syntax set service-tcp <name> [ name <name> ] [ port <port> ] [ comments <comments> ] [ session-timeout <session-timeout>] [ sync-connections- on-cluster <sync-connections-on-cluster>] [ sync-delay-enable <sync- delay-enable> ] [ delay-sync-interval <delay-sync-interval>...
  • Page 939 set service-tcp Parameter Description sync- Enables state-synchronized High Availability or Load Sharing on a ClusterXL or connections- OPSEC-certified cluster. Of the services allowed by the Rule Base, only those with on-cluster synchronize connections on cluster will be synchronized as they pass through the cluster sync-delay- True to delay connections synchronization...

  • Page 940: Delete Service-Tcp

    delete service-tcp delete service-tcp Description Deletes a TCP service object by name. Syntax delete service-tcp <name> Parameters Parameter Description name Service name Type: String Example delete service-tcp TEXT SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   940...

  • Page 941: Show Service-Tcp

    show service-tcp show service-tcp Description Shows the configuration of a specific TCP service object. Syntax show service-tcp <name> Parameters Parameter Description name Service name Type: String Example show service-tcp TEXT SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   941...

  • Page 942: Show Services-Tcp

    show services-tcp show services-tcp Description Shows the configuration of all TCP service objects. Syntax show services-tcp Parameters Parameter Description Example show services-tcp SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   942...

  • Page 943: Service-Udp

    service-udp service-udp SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   943...

  • Page 944: Add Service-Udp

    add service-udp add service-udp Description Adds a new UDP service object with configurable ports. Syntax add service-udp name <name> port <port> [ comments <comments> ] Parameters Parameter Description comments Comments and explanation about the service Type: A string that contains less than 257 characters, of this set: 0-9, a-z or , . - : () @ name Service name Type: String...

  • Page 945: Delete Service-Udp

    delete service-udp delete service-udp Description Deletes a UDP service object by name. Syntax delete service-udp <name> Parameters Parameter Description name Service name Type: String Example delete service-udp TEXT SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   945...

  • Page 946: Set Service-Udp

    set service-udp set service-udp Description Configures an existing UDP service object Syntax set service-udp <name> [ name <name> ] [ port <port> ] [ comments <comments> ] [ session-timeout <session-timeout> ] [ accept-replies <accept-replies> ] [ sync-connections-on-cluster <sync-connections-on- cluster> ] [ aggressive-aging-enable <aggressive-aging- enable> ] [ aggressive-aging-timeout <aggressive-aging-timeout>...
  • Page 947 set service-udp Example set service-udp TEXT name TEXT port 8080-8090 comments "This is a comment." session-timeout 15 accept-replies true sync-connections-on- cluster true aggressive-aging-enable true aggressive-aging-timeout 15 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   947...

  • Page 948: Show Service-Udp

    show service-udp show service-udp Description Shows the configuration of a specific UDP service object Syntax show service-udp <name> Parameters Parameter Description name Service name Type: String Example show service-udp TEXT SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   948...

  • Page 949: Show Services-Udp

    show services-udp show services-udp Description Shows the configuration of all UDP service objects. Syntax show services-udp Parameters Parameter Description Example show services-udp SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   949...

  • Page 950: Show Services-Icmp

    show services-icmp show services-icmp Description Shows the configuration of all ICMP-type service objects. Syntax show services-icmp Parameters Parameter Description Example show services-icmp SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   950...

  • Page 951: Shell/Expert

    shell/expert shell/expert The shell and expert commands switch between the shell and expert modes. Description Changes to expert mode. Syntax shell expert Parameters Parameter Description Example shell Comments Use the cpshell command to start cpshell. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   951...

  • Page 952: Set Sic_Init

    set sic_init set sic_init Description Sets the SIC password. Syntax set sic_init password <pass> Parameters Parameter Description pass One-time password, as specified by the Security Management Server administrator. Example set sic_init password verySecurePassword SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   952...

  • Page 953: Sim

    Description SecureXL Implementation Module commands Parameters Parameter Description get the version get the interface list print the table content (-s for summary) tab [-s] [name] ranges print the range content print only templates in drop state tab -d templates dbg <options> set the sim debug flags get/set affinity options affinity...

  • Page 954: Snmp

    snmp snmp SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   954...

  • Page 955: Add Snmp

    add snmp add snmp Adds SNMP trap receiver and SNMP users to the SNMP configuration. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   955...

  • Page 956: Add Snmp

    add snmp add snmp Description Adds a new SNMP trap receiver IP address to be used by the SNMP agent. Syntax add snmp traps-receiver <traps-receiver> version { v2 community <community> | v3 user <user> } Parameters Parameter Description community Community name of the receivers trap, public is default for version2 users Type: A string of alphanumeric characters without space between them traps-receiver Receivers IP address that the trap associated with...

  • Page 957: Add Snmp

    add snmp add snmp Description Adds a new user to be used by SNMPv3 protocol. Syntax add snmp user <user> security-level { true auth-pass-type <auth-pass- type> auth-pass-phrase <auth-pass-phrase> privacy-pass-type <privacy- pass-type> privacy-pass-phrase <privacy-pass-phrase> | false auth-pass- type <auth-pass-type> auth-pass-phrase <auth-pass-phrase> } Parameters Parameter Description...

  • Page 958: Delete Snmp

    delete snmp delete snmp Deletes SNMP trap receivers and SNMP users. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   958...

  • Page 959: Delete Snmp

    delete snmp delete snmp Description Deletes an existing SNMP trap receiver by IP address. Syntax delete snmp traps-receiver <traps-receiver> Parameters Parameter Description traps-receiver Receivers IP address that the trap associated with Type: IP address Example delete snmp traps-receiver 192.168.1.1 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   959...

  • Page 960: Delete Snmp

    delete snmp delete snmp Description Deletes a configured SNMP contact. Syntax delete snmp contact Parameters Parameter Description Example delete snmp contact SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   960...

  • Page 961: Delete Snmp

    delete snmp delete snmp Description Deletes a configured SNMP location. Syntax delete snmp location Parameters Parameter Description Example delete snmp location SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   961...

  • Page 962: Set Snmp

    set snmp set snmp Configures SNMP settings. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   962...

  • Page 963: Set Snmp

    set snmp set snmp escription Configures SNMP agent settings. Syntax set snmp agent <agent> [ agent-version <agent-version> ] [ community <community> ] [ contact <contact> ] [ location <location> ] Parameters Parameter Description agent Is SNMP option enabled or disabled, disabled is the default Type: Boolean (true/false) agent-version Is the defined SNMP version is version3 only...

  • Page 964: Set Snmp

    set snmp set snmp Description Configures SNMP agent settings. Syntax set snmp agent-version <agent-version> [ agent <agent> ] [ community <community> ] [ contact <contact> ] [ location <location> ] Parameters Parameter Description agent Is SNMP option enabled or disabled, disabled is the default Type: Boolean (true/false) agent-version Is the defined SNMP version is version3 only...

  • Page 965: Set Snmp

    set snmp set snmp Description Configures SNMP community settings. Syntax set snmp community <community> [ agent <agent> ] [ agent-version <agent-version> ] [ contact <contact> ] [ location <location> ] Parameters Parameter Description agent Is SNMP option enabled or disabled, disabled is the default Type: Boolean (true/false) agent-version Is the defined SNMP version is version3 only...

  • Page 966: Set Snmp

    set snmp set snmp Description Configures SNMP contact settings. Syntax set snmp contact <contact> [ agent <agent> ] [ agent-version <agent- version> ] [ community <community> ] [ location <location> ] Parameters Parameter Description agent Is SNMP option enabled or disabled, disabled is the default Type: Boolean (true/false) agent-version Is the defined SNMP version is version3 only...

  • Page 967: Set Snmp

    set snmp set snmp Description Configures SNMP location settings. Syntax set snmp location <location>[ agent <agent> ] [ agent-version <agent- version> ] [ community <community> ] [ contact <contact> ] Parameters Parameter Description agent Is SNMP option enabled or disabled, disabled is the default Type: Boolean (true/false) agent-version Is the defined SNMP version is version3 only...

  • Page 968: Show Snmp

    show snmp show snmp Shows SNMP configuration. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   968...

  • Page 969: Show Snmp

    show snmp show snmp Description Shows SNMP agent configuration. Syntax show snmp agent Parameters Parameter Description Example show snmp agent SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   969...

  • Page 970: Show Snmp

    show snmp show snmp Description Shows SNMP agent version configuration. Syntax show snmp agent-version Parameters Parameter Description Example show snmp agent-version SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   970...

  • Page 971: Show Snmp

    show snmp show snmp Description Shows SNMP community configuration. Syntax show snmp community Parameters Parameter Description Example show snmp community SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   971...

  • Page 972: Show Snmp

    show snmp show snmp Description Shows SNMP contact configuration. Syntax show snmp contact Parameters Parameter Description Example show snmp contact SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   972...

  • Page 973: Show Snmp

    show snmp show snmp Description Shows SNMP location configuration. Syntax show snmp location Parameters Parameter Description Example show snmp location SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   973...

  • Page 974: Show Snmp-General-All

    show snmp-general-all show snmp-general-all Description Shows SNMP configuration. Syntax show snmp-general-all Parameters Parameter Description Example show snmp-general-all SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   974...

  • Page 975: Snmp Traps

    snmp traps snmp traps SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   975...

  • Page 976: Set Snmp Traps

    set snmp traps set snmp traps Configures, enables or disables traps from the list, the enabled traps are sent to the trap receivers. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   976...

  • Page 977: Set Snmp Traps

    set snmp traps set snmp traps Description Enable/Disable SNMP traps functionality. Syntax set snmp traps { enable | disable } Parameters Parameter Description snmpTrapsEnable snmpTrapsEnable Type: Boolean (true/false) Example set snmp traps true SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   977...

  • Page 978: Set Snmp Traps

    set snmp traps set snmp traps Description Configures an existing SNMP trap. Syntax set snmp traps trap-name <trap-name> [ enable <enable> ] [ severity <severity> ] [ repetitions <repetitions> ] [ repetitions-delay <repetitions-delay> ] [ threshold <threshold> ] Parameters Parameter Description enable Enable or disable whether a trap is sent for the specific event...

  • Page 979: Set Snmp Traps

    set snmp traps set snmp traps Description Configures an existing SNMP trap receiver. Syntax set snmp traps receiver <receiver> version { v2 [ community <community> ] | v3 [ user <user> ] } Parameters Parameter Description community Community name of the receivers trap, public is default for version2 users Type: A string of alphanumeric characters without space between them receiver Receivers IP address that the trap associated with...

  • Page 980: Show Snmp Traps

    show snmp traps show snmp traps Description Shows SNMP traps status. Syntax show snmp traps status Parameters Parameter Description Example show snmp traps status SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   980...

  • Page 981: Delete Snmp Traps-Receivers

    delete snmp traps-receivers delete snmp traps-receivers Description Deletes all configured SNMP trap receivers. Syntax delete snmp traps-receivers all Parameters Parameter Description Example delete snmp traps-receivers all SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   981...

  • Page 982: Show Snmp Traps Receivers

    show snmp traps receivers show snmp traps receivers Description Shows all SNMP trap receivers. Syntax show snmp traps receivers Parameters Parameter Description Example show snmp traps receivers SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   982...

  • Page 983: Show Snmp Traps Enabled-Traps

    show snmp traps enabled-traps show snmp traps enabled-traps Description Shows all SNMP traps. Syntax show snmp traps enabled-traps Parameters Parameter Description Example show snmp traps enabled-traps SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   983...

  • Page 984: Snmp User

    snmp user snmp user SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   984...

  • Page 985: Delete Snmp User

    delete snmp user delete snmp user Description Deletes a configured SNMP user by name. Syntax delete snmp user <user-name> Parameters Parameter Description user-name version3 user name Type: A string that contains (0-9, a-z, - . @) up to 64 characters without spaces Example delete snmp user admin SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   985...

  • Page 986: Set Snmp User

    set snmp user set snmp user Description Configures an existing SNMP user. Syntax set snmp user <user-name> security-level { true [ auth-pass-type <auth- pass-type> ] [ auth-pass-phrase <auth-pass-phrase> ] [ privacy-pass- type <privacy-pass-type> ] [ privacy-pass-phrase <privacy-pass-phrase> ] | false [ auth-pass-type <auth-pass-type> ] [ auth-pass-phrase <auth- pass-phrase>...

  • Page 987: Show Snmp User

    show snmp user show snmp user Description Shows the configuration of SNMP user. Syntax show snmp user <user-name> Parameters Parameter Description user-name version3 user name Type: A string that contains (0-9, a-z, - . @) up to 64 characters without spaces Example show snmp user admin SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   987...

  • Page 988: Show Snmp Users

    show snmp users show snmp users Description Shows the configuration of all SNMP users. Syntax show snmp users Parameters Parameter Description Example show snmp users SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   988...

  • Page 989: Delete Snmp Users

    delete snmp users delete snmp users Description Deletes all configured SNMP users. Syntax delete snmp users all Parameters Parameter Description Example delete snmp users all SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   989...

  • Page 990: Show Software Version

    show software version show software version Description Shows the version of the current software. Syntax show software-version | ver Parameters Parameter Description Example show software-version Output Success shows the software version of the appliance. Failure shows an appropriate error message. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   990...

  • Page 991: Ssl-Inspection Advanced-Settings

    ssl-inspection advanced-settings ssl-inspection advanced-settings SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   991...

  • Page 992: Set Ssl-Inspection Advanced-Settings

    set ssl-inspection advanced-settings set ssl-inspection advanced-settings Description Configure advanced settings for SSL Inspection. Syntax set ssl-inspection advanced-settings [ bypass-well-known-update- services <bypass-well-known-update-services> ] [ validate-crl <validate-crl> ] [ validate-cert-expiration <validate-cert-expiration> ] [ validate-unreachable-crl <validate-unreachable-crl> ] [ track- validation-errors <track-validation-errors> ] [ retrieve-intermediate- ca-certificate <retrieve-intermediate-ca-certificate>...
  • Page 993 set ssl-inspection advanced-settings Parameter Description validate-crl Indicates if the SSL inspection mechanism will drop connections that present a revoked certificate Type: Boolean (true/false) validate- Indicates if the SSL inspection mechanism will drop connections that present a unreachable-crl certificate with an unreachable CRL Type: Boolean (true/false) validate-untrusted- Indicates if the SSL inspection mechanism will drop connections that present...

  • Page 994: Show Ssl-Inspection Advanced-Settings

    show ssl-inspection advanced-settings show ssl-inspection advanced-settings Description Show advanced settings for SSL Inspection. Syntax show ssl-inspection advanced-settings Parameters Parameter Description Example show ssl-inspection advanced-settings SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   994...

  • Page 995: Ssl-Inspection Exception

    ssl-inspection exception ssl-inspection exception SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   995...

  • Page 996: Add Ssl-Inspection Exception

    add ssl-inspection exception add ssl-inspection exception Description Add a new exception to bypass SSL Inspection policy for specific traffic. Syntax add ssl-inspection exception [ source <source> ] [ source-negate <source-negate> ] [ destination <destination> ] [ destination-negate <destination-negate> ] [ service <service> ] [ service-negate <service- negate>...
  • Page 997 add ssl-inspection exception Parameter Description track The action taken when there is a match on the rule Options: none, log, alert Example add ssl-inspection exception source TEXT source-negate true destination TEXT destination-negate true service TEXT service-negate true category- name TEXT category-negate true comment This is a comment. track none disabled true SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   997...

  • Page 998: Delete Ssl-Inspection Exception

    delete ssl-inspection exception delete ssl-inspection exception Delete an existing SSL Inspection policy exception. SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   998...

  • Page 999: Delete Ssl-Inspection Exception

    delete ssl-inspection exception delete ssl-inspection exception Description Delete an existing SSL Inspection policy exception. Syntax delete ssl-inspection exception position <position> Parameters Parameter Description position The index of exception Type: Decimal number Example delete ssl-inspection exception position 2 SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   999...

  • Page 1000: Delete Ssl-Inspection Exception

    delete ssl-inspection exception delete ssl-inspection exception Description Delete an existing SSL Inspection policy exception. Syntax delete ssl-inspection exception all Parameters Parameter Description Example delete ssl-inspection exception all SMB 1500 Appliance Series R80.20.05 CLI Reference Guide   |   1000...

Table of Contents

Save PDF