CLI Guide - WatchGuard Technologies
CLI Guide - WatchGuard Technologies CLI Guide - WatchGuard Technologies
CHAPTER 1: Using the Command Line Interface To assign network addresses to appliance interfaces To assign network addresses to the data interfaces, use these commands (along with the arguments and values noted later in this user guide): Command Additional Information WG(config-if)#interface 0 WG(config-if)#interface 1 WG(config-if)#interface 2 if a DMZ interface is present WG(config-if)#ha2 if an HA2 port is present To complete system configuration To complete the initial system configuration, use these commands: Command Description WG(admin)#passwd change the default password to a new, secure password WG(config-sys)#route includes both static and dynamic routes WG(config-sys)#dns connect to a domain name server WG(config-sys)#snmp connect to any SNMP management stations WG(config-sys)#log activate needed system activity logging WG(config-sys)#ldap connect this appliance to an LDAP server WG(config)#tunnel_switch activate WatchGuard tunnelswitching features 20 WatchGuard Vclass 5.1
Command Description Installing and configuring a WatchGuard appliance WG(config)#cert request and import needed certificates from CA’s WG(config)#denial_of_service customize anti-hacker protection for this appliance WG(config)#high_availability set up and activate a high-availability system, using the High Availibility feature WG(config)#log includes event, traffic and alarm log files To create and apply security policies To create and apply security policies, use these commands: Command Description WG(config)#address create all the needed address groups for use in policies WG(config)#service add new services or groups of related services WG(config-ike)#action create IKE actions for use in IKE policies) WG(config-ike)#policy create IKE policies for use in IPSec policies WG(config-ipsec)#action create IPSec actions for use in IPSec proposals WG(config-ipsec)#proposal create IPSec proposals for use in security policies WG(config)#nat create NAT actions (DNAT, SNAT or VIP) for use in policies WG(config)#vlan create VLAN IDs for use in policies WG(config-qos)#action create QoS actions for use in policies WG(config)#schedule create schedules for application to specific policies WatchGuard Command Line Interface Guide 21
- Page 1 and 2: WatchGuard ® Command Line Interfac
- Page 3 and 4: WatchGuard Technologies, Inc. Fireb
- Page 5 and 6: 4. Limited Warranty. WATCHGUARD mak
- Page 7 and 8: 6. Export Controls. You agree not t
- Page 9 and 10: Contents Contents .................
- Page 11 and 12: CHAPTER 3 Configuration Mode Comman
- Page 13 and 14: CHAPTER 5 Other Commands ..........
- Page 15 and 16: CHAPTER 1 Using the Command Line In
- Page 17 and 18: CLI limitations CLI Guide text conv
- Page 19 and 20: Getting started with the WatchGuard
- Page 21 and 22: Getting started with the WatchGuard
- Page 23 and 24: Case sensitivity Getting started wi
- Page 25 and 26: Getting started with the WatchGuard
- Page 27 and 28: Navigating through the CLI Getting
- Page 29 and 30: Arguments None. Example WG(admin)#e
- Page 31 and 32: Getting started with the WatchGuard
- Page 33: Installing and configuring a WatchG
- Page 37 and 38: Installing and configuring a WatchG
- Page 39 and 40: CHAPTER 2 Administration Mode Comma
- Page 41 and 42: Administration mode commands plete
- Page 43 and 44: Administration mode commands 4 Clic
- Page 45 and 46: Administration mode commands #ex: e
- Page 47 and 48: crl command Administration mode com
- Page 49 and 50: Administration mode commands Merge
- Page 51 and 52: Administration mode commands Proces
- Page 53 and 54: Administration mode commands Shuts
- Page 55 and 56: CHAPTER 3 Configuration Mode Comman
- Page 57 and 58: abort command Top-level configurati
- Page 59 and 60: certificate command Top-level confi
- Page 61 and 62: Top-level configuration mode comman
- Page 63 and 64: interface command Top-level configu
- Page 65 and 66: Arguments None Example WG#config WG
- Page 67 and 68: [no] traffic command (log level) WG
- Page 69 and 70: Top-level configuration mode comman
- Page 71 and 72: Top-level configuration mode comman
- Page 73 and 74: Top-level configuration mode comman
- Page 75 and 76: as command Top-level configuration
- Page 77 and 78: Top-level configuration mode comman
- Page 79 and 80: Top-level configuration mode comman
- Page 81 and 82: Second level configuration mode com
- Page 83 and 84: Second level configuration mode com
CHAPTER 1: Using the Command Line Interface<br />
To assign network addresses to appliance<br />
interfaces<br />
To assign network addresses to the data interfaces, use<br />
these commands (along with the arguments and values<br />
noted later in this user guide):<br />
Command Additional Information<br />
WG(config-if)#interface 0<br />
WG(config-if)#interface 1<br />
WG(config-if)#interface 2 if a DMZ interface is present<br />
WG(config-if)#ha2 if an HA2 port is present<br />
To complete system configuration<br />
To complete the initial system configuration, use these<br />
commands:<br />
Command Description<br />
WG(admin)#passwd change the default password to a new,<br />
secure password<br />
WG(config-sys)#route includes both static and dynamic<br />
routes<br />
WG(config-sys)#dns connect to a domain name server<br />
WG(config-sys)#snmp connect to any SNMP management<br />
stations<br />
WG(config-sys)#log activate needed system activity<br />
logging<br />
WG(config-sys)#ldap connect this appliance to an LDAP<br />
server<br />
WG(config)#tunnel_switch activate <strong>WatchGuard</strong> tunnelswitching<br />
features<br />
20 <strong>WatchGuard</strong> Vclass 5.1