CLI Guide - WatchGuard Technologies
CLI Guide - WatchGuard Technologies CLI Guide - WatchGuard Technologies
CHAPTER 1: Using the Command Line Interface Deleting text in the Command Line Interface To delete characters to the left of the cursor, press the Backspace key, or press ^h. To delete all characters from the current position of the cursor back to the beginning of the command line, press ^u. Using the CLI to add to or replace existing settings and policies Existing settings can be modified using the WatchGuard CLI in two ways: 1 An existing item can be overwritten/replaced with an entirely new item 2 Additional entries or qualifications can be appended to an existing item Adding entries to an existing item requires use of the “plus” character (+). If a setting or entry already exists in this WatchGuard appliance, add a “plus” character (+) before additional elements to edit that setting. In the following example, an additional host with an IP address of 199.86.77.100 is added to the address group “VPNnet” WG(config)#address VPNnet + -host 199.86.77.100 WG(config)#exit Commit before exit? (Y/N):y WG#_ The named address group object VPNnet now has an additional (host) member with an IP address of 199.86.77.100. Grouping parameters in a command Groups of parameters may be repeated in a command line by surrounding the groups with “curly” brackets ({group1 param1 param2} {group2 param1 param2} etc.). In the fol- 10 WatchGuard Vclass 5.1
Getting started with the WatchGuard CLI lowing example of command line block repetition, the IP addresses, port numbers, and weighting is assigned for three servers in a round-robin load balanced cluster: WG(config)#nat –vip round –server \ {10.10.0.100 80 1} {10.10.0.101 80 2} \ {10.10.0.102 80 3} Note too, that the command line in the above example was “extended” with the use of the backslash (\) character, so that more parameters could be included in the command. Reviewing the recently used commands The WatchGuard CLI stores up to 20 commands (at each level in every mode) in a History buffer, which you can use to view your most recent tasks. • Type history at any prompt to review the last twenty commands applied at that level of the CLI. The CLI will append a number to each line, to indicate its place in the overall chronology. The higher the number, the more recently that command was enacted. (Note that active command history listings may have multiple-digit numbers.) • Type !! (two exclamation points) to recall and re-enact the most recently used command recorded in the buffer for this mode and level. • Type !6 (exclamation point followed by a number) to display and enact the command identified as “6” in the buffer at this CLI level. • Type !! to display the most recent command and to append it with arguments and values as needed. For example, if the last command was “show”, you could type “!!address” to display the current list of address groups. WatchGuard Command Line Interface Guide 11
- Page 1 and 2: WatchGuard ® Command Line Interfac
- Page 3 and 4: WatchGuard Technologies, Inc. Fireb
- Page 5 and 6: 4. Limited Warranty. WATCHGUARD mak
- Page 7 and 8: 6. Export Controls. You agree not t
- Page 9 and 10: Contents Contents .................
- Page 11 and 12: CHAPTER 3 Configuration Mode Comman
- Page 13 and 14: CHAPTER 5 Other Commands ..........
- Page 15 and 16: CHAPTER 1 Using the Command Line In
- Page 17 and 18: CLI limitations CLI Guide text conv
- Page 19 and 20: Getting started with the WatchGuard
- Page 21 and 22: Getting started with the WatchGuard
- Page 23: Case sensitivity Getting started wi
- Page 27 and 28: Navigating through the CLI Getting
- Page 29 and 30: Arguments None. Example WG(admin)#e
- Page 31 and 32: Getting started with the WatchGuard
- Page 33 and 34: Installing and configuring a WatchG
- Page 35 and 36: Command Description Installing and
- Page 37 and 38: Installing and configuring a WatchG
- Page 39 and 40: CHAPTER 2 Administration Mode Comma
- Page 41 and 42: Administration mode commands plete
- Page 43 and 44: Administration mode commands 4 Clic
- Page 45 and 46: Administration mode commands #ex: e
- Page 47 and 48: crl command Administration mode com
- Page 49 and 50: Administration mode commands Merge
- Page 51 and 52: Administration mode commands Proces
- Page 53 and 54: Administration mode commands Shuts
- Page 55 and 56: CHAPTER 3 Configuration Mode Comman
- Page 57 and 58: abort command Top-level configurati
- Page 59 and 60: certificate command Top-level confi
- Page 61 and 62: Top-level configuration mode comman
- Page 63 and 64: interface command Top-level configu
- Page 65 and 66: Arguments None Example WG#config WG
- Page 67 and 68: [no] traffic command (log level) WG
- Page 69 and 70: Top-level configuration mode comman
- Page 71 and 72: Top-level configuration mode comman
- Page 73 and 74: Top-level configuration mode comman
Getting started with the <strong>WatchGuard</strong> <strong>CLI</strong><br />
lowing example of command line block repetition, the IP<br />
addresses, port numbers, and weighting is assigned for<br />
three servers in a round-robin load balanced cluster:<br />
WG(config)#nat –vip round –server \<br />
{10.10.0.100 80 1} {10.10.0.101 80 2} \<br />
{10.10.0.102 80 3}<br />
Note too, that the command line in the above example was<br />
“extended” with the use of the backslash (\) character, so<br />
that more parameters could be included in the command.<br />
Reviewing the recently used commands<br />
The <strong>WatchGuard</strong> <strong>CLI</strong> stores up to 20 commands (at each<br />
level in every mode) in a History buffer, which you can use<br />
to view your most recent tasks.<br />
• Type history at any prompt to review the<br />
last twenty commands applied at that level of the <strong>CLI</strong>.<br />
The <strong>CLI</strong> will append a number to each line, to indicate<br />
its place in the overall chronology. The higher the<br />
number, the more recently that command was enacted.<br />
(Note that active command history listings may have<br />
multiple-digit numbers.)<br />
• Type !! (two exclamation points) to recall and re-enact<br />
the most recently used command recorded in the<br />
buffer for this mode and level.<br />
• Type !6 (exclamation point followed by a number) to<br />
display and enact the command identified as “6” in the<br />
buffer at this <strong>CLI</strong> level.<br />
• Type !! to display the most<br />
recent command and to append it with arguments and<br />
values as needed. For example, if the last command<br />
was “show”, you could type “!!address” to display the<br />
current list of address groups.<br />
<strong>WatchGuard</strong> Command Line Interface <strong>Guide</strong> 11