CLI Guide - WatchGuard Technologies
CLI Guide - WatchGuard Technologies CLI Guide - WatchGuard Technologies
CHAPTER 1: Using the Command Line Interface attempting to use the CLI. Learning the WatchGuard Vcontroller, its terms and processes, and the underlying “flow” of appliance administration, will establish a solid competency with concepts and terms used extensively in the CLI. We also recommend that you review the latest Release Notes for your WatchGuard security appliances and verify that the most current versions of WatchGuard and Java software are being used. Electronic copies may be obtained from the WatchGuard Technical Support web site (www.watchguard.com/support/). The Technical Support Group can also assist in verifying that you have all of the latest WatchGuard software. CLI capabilities The WatchGuard command line interface (CLI) provides you with simple, fast, command-line access to any local WatchGuard Firebox Vclass security appliance to perform most major administrative tasks, including rebooting, resetting appliance interface IP addresses, entering remote access user accounts, and managing policies, actions and proposals stored in the appliance database. An almost-complete list of CLI setup and administration tasks includes the following: • Configuring security appliance software • Interface (port) management • Viewing current system settings • Inserting new security policies • Editing or removing existing policies • Reorganizing sort order of policies • Configuring and using the High Availability feature • Opening and reviewing current log files • Displaying reports of tunnel and SA activities • Restoring factory-default configurations • Shutting down and restarting security appliances 2 WatchGuard Vclass 5.1
CLI limitations CLI Guide text conventions Please note that the WatchGuard CLI is not a complete replacement for the WatchGuard Vcontroller application, as you cannot do the following with the CLI: • Set up probes that monitor the current activities of the security appliance • Set up, activate, and review alarms that are triggered by a range of operational circumstances • Import Certificate Revocation List (CRL) files or their contents • Create “admin” access user accounts • Create firewall-access internal user accounts CLI Guide text conventions To help you better use this guide, the following text conventions are used. Control key The symbol ^ represents the Control (CTRL) key and is usually used in combination with other text. For example, when you see the key combinations ^Z or Ctrl-Z, this means you should hold down the Control key while pressing the Z key. In the guide, these keys may be printed in capital letters, but “Ctrl+letter” functions are not casesensitive. Text strings A text string is defined as a set of user-variable characters. Text strings (or, strings) are usually presented as example data, or the kind of thing one might type for a particular value. Such an example might be presented enclosed in WatchGuard Command Line Interface Guide 3
- Page 1 and 2: WatchGuard ® Command Line Interfac
- Page 3 and 4: WatchGuard Technologies, Inc. Fireb
- Page 5 and 6: 4. Limited Warranty. WATCHGUARD mak
- Page 7 and 8: 6. Export Controls. You agree not t
- Page 9 and 10: Contents Contents .................
- Page 11 and 12: CHAPTER 3 Configuration Mode Comman
- Page 13 and 14: CHAPTER 5 Other Commands ..........
- Page 15: CHAPTER 1 Using the Command Line In
- Page 19 and 20: Getting started with the WatchGuard
- Page 21 and 22: Getting started with the WatchGuard
- Page 23 and 24: Case sensitivity Getting started wi
- Page 25 and 26: Getting started with the WatchGuard
- Page 27 and 28: Navigating through the CLI Getting
- Page 29 and 30: Arguments None. Example WG(admin)#e
- Page 31 and 32: Getting started with the WatchGuard
- Page 33 and 34: Installing and configuring a WatchG
- Page 35 and 36: Command Description Installing and
- Page 37 and 38: Installing and configuring a WatchG
- Page 39 and 40: CHAPTER 2 Administration Mode Comma
- Page 41 and 42: Administration mode commands plete
- Page 43 and 44: Administration mode commands 4 Clic
- Page 45 and 46: Administration mode commands #ex: e
- Page 47 and 48: crl command Administration mode com
- Page 49 and 50: Administration mode commands Merge
- Page 51 and 52: Administration mode commands Proces
- Page 53 and 54: Administration mode commands Shuts
- Page 55 and 56: CHAPTER 3 Configuration Mode Comman
- Page 57 and 58: abort command Top-level configurati
- Page 59 and 60: certificate command Top-level confi
- Page 61 and 62: Top-level configuration mode comman
- Page 63 and 64: interface command Top-level configu
- Page 65 and 66: Arguments None Example WG#config WG
<strong>CLI</strong> limitations<br />
<strong>CLI</strong> <strong>Guide</strong> text conventions<br />
Please note that the <strong>WatchGuard</strong> <strong>CLI</strong> is not a complete<br />
replacement for the <strong>WatchGuard</strong> Vcontroller application,<br />
as you cannot do the following with the <strong>CLI</strong>:<br />
• Set up probes that monitor the current activities of the<br />
security appliance<br />
• Set up, activate, and review alarms that are triggered<br />
by a range of operational circumstances<br />
• Import Certificate Revocation List (CRL) files or their<br />
contents<br />
• Create “admin” access user accounts<br />
• Create firewall-access internal user accounts<br />
<strong>CLI</strong> <strong>Guide</strong> text conventions<br />
To help you better use this guide, the following text conventions<br />
are used.<br />
Control key The symbol ^ represents the Control<br />
(CTRL) key and is usually used in<br />
combination with other text. For<br />
example, when you see the key<br />
combinations ^Z or Ctrl-Z, this<br />
means you should hold down the<br />
Control key while pressing the Z<br />
key. In the guide, these keys may be<br />
printed in capital letters, but<br />
“Ctrl+letter” functions are not casesensitive.<br />
Text strings A text string is defined as a set of<br />
user-variable characters. Text<br />
strings (or, strings) are usually<br />
presented as example data, or the<br />
kind of thing one might type for a<br />
particular value. Such an example<br />
might be presented enclosed in<br />
<strong>WatchGuard</strong> Command Line Interface <strong>Guide</strong> 3
Change language