Wednesday, May 19, 2010

Useful Netscreen Commands for Troubleshooting

Netscreen Commands for Troubleshooting:
Here is some useful Netscreen commands for troubleshooting.

get config : to get device configuration
save : to save changes to config
get system : gets system information, Netscreen mode
get session info : shows load on the firewall 85+ implies there will be some latency
get interface : shows interfaces, zones
get address trust/unturst: shows defined network objects
get Arp : shows firewall Arp entries
get route : shows firewall routes
get service : shows firewall services
get group address : network groups
get group service : service groups
get policy in/out : shows applied firewall policies
get log traffic : shows firewall logs – options: based on src/dst/IP/port
unset : to remove a config statement
get user all : shows vpn users
get log event : shows vpn logs
get MIP : shows one to one Nat’s
get VIP : shows configured port forwarding rules
get route ip x.x.x.x: finds the specific route for an ip
set policy id xx : put you in a specific policy then you can add more objects it instead of creating a group

No comments: