Description
These commands stop the SecureXL on-the-fly.
Starting from R80.20, you can stop the SecureXL only temporarily. The SecureXL starts automatically when you start Check Point services (with the cpstart
command), or reboot the Security Gateway.
Important:
SecureXL remains disabled until you enable it again on-the-fly, or reboot the Security Gateway.
SecureXL continues to accelerate the connections that are already accelerated.
Other non-connection oriented processing continues to function (for example, virtual defragmentation, VPN decrypt).
In Gaia Clish, run:
VSIDset virtual-system <
>
In Expert mode, run:
VSIDvsenv <
>
-a
parameter.In this case, it does not matter from which Virtual System context you run this command.
Syntax for IPv4
|
Syntax for IPv6
|
Parameters
Parameter |
Description |
---|---|
|
Specifies the SecureXL instance ID (for IPv4 only). |
|
On VSX Gateway, stops acceleration on all Virtual Systems. |
|
Suppresses the output (does not show a returned output). |
Possible returned output
SecureXL device disabled
SecureXL device is not active
Failed to disable SecureXL device
fwaccel_off: failed to set process context <
VSID>
Example 1 - Output from a non-VSX Gateway
[Expert@MyGW:0]# fwaccel off SecureXL device disabled. [Expert@MyGW:0]# |
Example 2 - Output from a VSX Gateway for a specific Virtual System
[Expert@MyVSXGW:1]# vsx stat -v VSX Gateway Status ================== Name: VSX2_192.168.3.242 Access Control Policy: VSX_GW_VSX Installed at: 17Sep2018 13:17:14 Threat Prevention Policy: <No Policy> SIC Status: Trust
Number of Virtual Systems allowed by license: 25 Virtual Systems [active / configured]: 2 / 2 Virtual Routers and Switches [active / configured]: 0 / 0 Total connections [current / limit]: 4 / 44700
Virtual Devices Status ======================
ID | Type & Name | Access Control Policy | Installed at | Threat Prevention Policy | SIC Stat -----+---------------------+-----------------------+-----------------+--------------------------+--------- 1 | S VS1 | VS1_Policy | 17Sep2018 12:47 | <No Policy> | Trust 2 | S VS2 | VS2_Policy | 17Sep2018 12:47 | <No Policy> | Trust
Type: S - Virtual System, B - Virtual System in Bridge mode, R - Virtual Router, W - Virtual Switch.
[Expert@MyVSXGW:1]# [Expert@MyVSXGW:1]# vsenv 1 Context is set to Virtual Device VS1 (ID 1). [Expert@MyVSXGW:1]# [Expert@MyVSXGW:1]# fwaccel stat -t +-----------------------------------------------------------------------------+ |Id|Name |Status |Interfaces |Features | +-----------------------------------------------------------------------------+ |0 |SND |enabled |eth1,eth2,eth3 |Acceleration,Cryptography | +-----------------------------------------------------------------------------+
[Expert@MyVSXGW:1]#
[Expert@MyVSXGW:1]# fwaccel off SecureXL device disabled. (Virtual ID 1) [Expert@MyVSXGW:1]# [Expert@MyVSXGW:1]# fwaccel stat -t +-----------------------------------------------------------------------------+ |Id|Name |Status |Interfaces |Features | +-----------------------------------------------------------------------------+ |0 |SND |disabled |eth1,eth2,eth3 |Acceleration,Cryptography | +-----------------------------------------------------------------------------+
[Expert@MyVSXGW:1]# |
Example 3 - Output from a VSX Gateway for all Virtual Systems
[Expert@MyVSXGW:1]# vsx stat -v VSX Gateway Status ================== Name: VSX2_192.168.3.242 Access Control Policy: VSX_GW_VSX Installed at: 17Sep2018 13:17:14 Threat Prevention Policy: <No Policy> SIC Status: Trust
Number of Virtual Systems allowed by license: 25 Virtual Systems [active / configured]: 2 / 2 Virtual Routers and Switches [active / configured]: 0 / 0 Total connections [current / limit]: 4 / 44700
Virtual Devices Status ======================
ID | Type & Name | Access Control Policy | Installed at | Threat Prevention Policy | SIC Stat -----+---------------------+-----------------------+-----------------+--------------------------+--------- 1 | S VS1 | VS1_Policy | 17Sep2018 12:47 | <No Policy> | Trust 2 | S VS2 | VS2_Policy | 17Sep2018 12:47 | <No Policy> | Trust
Type: S - Virtual System, B - Virtual System in Bridge mode, R - Virtual Router, W - Virtual Switch.
[Expert@MyVSXGW:1]# [Expert@MyVSXGW:1]# vsenv 1 Context is set to Virtual Device VS1 (ID 1). [Expert@MyVSXGW:1]# [Expert@MyVSXGW:1]# fwaccel off -a SecureXL device disabled. (Virtual ID 0) SecureXL device disabled. (Virtual ID 1) SecureXL device disabled. (Virtual ID 2) [Expert@MyVSXGW:1]# |