Contents/Index/Search Download Complete PDF Send Feedback Print This Page

Previous

VPN Shell

In This Section

Configuring a Virtual Interface Using the VPN Shell

Configuring a Virtual Interface Using the VPN Shell

The VPN Shell, used for creating Virtual VPN Tunnel Interfaces, is composed of menus and commands. The shell can be used interactively or as a single command line. Invoking the command - vpn shell - without any other arguments starts the interactive shell. Adding arguments after vpn shell is interpreted as a direct command and executed.

VPN shell — starts the interactive mode

  • The basic format of the command is: [path/path/path arguments], for example interface/add takes you directly to the menu for adding numbered interfaces.
  • Within the VPN shell, command line completion is available, for example i/a/n is completed to interface/add/numbered and executed provided there are not two commands starting with the same letter.
  • Use Control-D to exit the VPN shell/end of line (when including vpn shell commands in a script)

VPN shell is not supported in Gaia. Use show vpn, add vpn, and delete vpn.

Expressions and meanings for the VPN shell are shown in the following table:

VPN Shell Commands/Arguments

Expression

Meaning

?

Shows available commands

/

Returns to the top of the main menu

.. (two dots)

Moves up one menu level

/quit

Exists the VPN shell

show/interface/summary

Shows summary of all interfaces or of a specific interface

show/interface/detailed

Shows summary of all interfaces or of a specific interface with greater detail

interface/add/numbered

Adds a numbered interface (Local IP, remote IP, peer name and interface name required)

interface/add/unnumbered

Adds an unnumbered interface (Peer name and interface name required)

interface/modify/peer/mtu

Modify the MTU of an interface by peer name

interface/modify/peer/netmask

Modify the netmask of an interface by peer name

interface/modify/ifname/mtu

Modify the MTU of an interface by given interface name

interface/modify/ifname/netmask

Modify the netmask of an interface by given interface name

interface/delete/peer

Delete interface by given peer name

interface/delete/ifname

Delete interface by given interface name

interface/show/summary

Shows summary of all interfaces or of a specific interface

interface/show/detailed

Shows summary of all interfaces or of a specific interface with greater detail

tunnels/show/IKE/all

Displays all valid SA's

tunnels/show/IKE/peer

Displays valid SA for a specific peer (gateway IP address required)

tunnels/show/IPSec/all

Displays all IPSec tunnels

tunnels/show/IPSec/peer

Displays IPSec tunnels for a specific peer

tunnels/delete/IKE/peer

Deletes valid SA's for a specific peer (Security Gateway IP address required)

tunnels/delete/IKE/user

Deletes valid SA's for a specific user (internal IP address and user name required)

tunnels/delete/IKE/all

Deletes all valid SA's

tunnels/delete/IPSec/peer

Deletes IPSec tunnels for a specific peer (gateway IP address required)

tunnels/delete/IPSec/user

Deletes IPSec tunnels for a specific user (internal IP address and user name required)

tunnels/delete/IPSec/all

Deletes all IPSec tunnels

tunnels/delete/all

Deletes all SA's and IPSec tunnels

 
Top of Page ©2013 Check Point Software Technologies Ltd. All rights reserved. Download Complete PDF Send Feedback Print