curiousecurity

Yet another blog about info & networking security this and that… Buzzword… Catchphrase…

  • Posts
  • About
  • Career
  • Education
  • Contact
  • LinkedIn
  • GitHub
  • Email
You are here: Home / Firewall / Checkpoint VSX Commands

Checkpoint VSX Commands

June 4, 2012 by ryanhorst

This is a short list of Checkpoint VSX Commands that I am compiling as I continue to work with CheckPoint VSX systems.  The list is not comprehensive and may not work for everyone, so if you see errors, please contact me so I may correct them.

Thanks!

/ryan

Check Point CLI “CP” Commands
CLI Command Command Description
vsx get View current shell context.
vsx set Set context to VS with the ID .

[Expert@FW-VSX-Gateway:0]# vsx set 3
Context is set to Virtual Device FW-VSX-Gateway_FW-VSX-VS3 (ID 3).
vsx stat [-v] [-l] [id] Displays VSX status with various arguments:
-v for verbose, -l for interface list, or virtual system ID for single system status.
cphaprob -vs state View HA state for Virtual System id.
Note: Only works when “Per Virtual System HA” mode is configured.

[Expert@FW-VSX-VS3:0]# fw -vs 3 stat
HOST		POLICY			DATE            
localhost	FW-VSX-VS3		1Jun2012 23:24:55 : [eth1-01] [eth1-02]
fw vsx stat -vs Shows normal ‘fw stat’ information as well as current, peak, and max-limit for connections on the specified virtual system (VS)

[Expert@FW-VSX-Gateway:0]# fw vsx stat -vs 3
VSID:					3
VRID:					3
Type:					Virtual System
Name:					FW-VSX-Gateway_FW-VSX-VS3
Security Policy:			VSX-VS3
Installed at:				3Jun2012  8:08:15
SIC Status:				Trust
Connections number:		4756
Connections peak:		15735
Connections limit:		100000
fw -vs 3 tab -t connections -s Shows the following info: HOST, NAME, ID, #VALS, #PEAK, #SLINKS

[Expert@FW-VSX-Gateway:0]# fw -vs 3 tab -t connections -s
HOST		NAME			ID		#VALS	#PEAK	#SLINKS
localhost	connections		8158	4731	15735	14193
cpinfo -x [id] Collect CPINFO data for a specific virtual system ID.
fw tab -vs [id] -t [table] View state tables for specific virtual system ID.
vsx sic reset [id] Reset SIC for a specific virtual system ID.
vsx_util [subcmd] Perfom VSX maintenance from the main DMS. See vsx_util -h for sub-commands.

Related

Filed Under: Firewall, Howto Article, Network Security Tagged With: CheckPoint, CLI