This publication, including all photographs, illustrat ions and soft ware, is protected under
internat ional copyright laws, with all rights reserved. Neither this manual, nor any of the
material cont ained herein, may be reproduc ed without written consent of the author.
Disclaimer
The inf ormation in this document is subject to change without notice. The manufacturer
makes no representations or warranties with respect to the contents hereof and
specific ally disclaim any implied warranties of merchantability or fitness for any particular
purpose. The manufacturer reserves the right to revise t his publication and to make
changes from time to time in the content hereof without obligation of the manuf acturer to
notify any person of suc h revision or changes.
Limitations of Liability
UNDER NO CIRCUMSTANCES SHALL D-LINK OR ITS SUPPLIERS BE LIABL E FOR
DAMAGES OF ANY CHARACTER (E.G. DAMAGES FOR LOSS OF PROFIT, SOFTWARE
RESTORATION, WORK STOPPAGE, LOSS OF SAVED DATA OR AN Y OTHER
COMMERCIAL DAMAG ES OR LOSSES) RESULTING FROM THE APPLICATION OR
IMPROPER USE OF THE D-LINK PRODUCT OR FAILURE OF THE PRODUCT, EVEN
IF D-LINK IS INFORMED OF THE PO SSIBILITY OF SUCH DAMAG ES. FURTHERMORE,
D-LINK WILL NOT BE LIABLE FOR T HIRD-PART Y CLAIMS AGAINST CUSTOMER FOR
LOSSES OR DAMAG ES. D-LINK WILL IN NO EVENT BE LIABLE FOR ANY DAMAGES
IN EXCESS OF THE AMOUNT D-LINK R ECEIVED FROM THE END- USER FOR THE
PRODUCT.
This document describes the Command Line Interface (CLI) for managing D-Link's
DSR-500/500AC/1000/1000AC router.
The CLI user requires advanced knowledge about the configuration of the system,
and it should be used only by those users who are familiar with CLI-based
configuration.
Note that the following features in the DSR Unified Services Router cannot be
managed by the CLI:
•Firmware Upgrade
•Configuration Backup/Restore
•Certificate Generate/Upload
•Power Savings mode configuration
•System Dashboard/Resource Utilization
Please access the web browser based UI of the DSR router for managing these
features.
1.1 Accessing the CLI
T
he CLI can be accessed by logging in with the same user credentials used to
[?] - Displays context sensitive help. This is eithe
completions with summaries, or the full syntax of the current command. A
subsequent repeat of this key, when a command has been resolved, will display
a detailed reference.
r a list of possible command
2.2 Auto-Completion
The following keys both perform auto-completion for the current command line. If
the command prefix is not unique a subsequent repeat of the key will display
possible completions.
•[enter] - Auto-completes, syntax-checks then executes a command. If there
is a syntax error then offending part of the command line will be highlighted
and explained.
•[space] - Auto-completes, or if the command is already resolved, inserts a
space.
2.3 Movement Keys
[CTRL-A] - Moves to the start of the line.
•
•[CTRL-E] - Moves to the end of the line.
•[up] - Moves to the previous command line held in history.
•[down] - Moves to the next command line held in history.
•[left] - Moves the insertion point left one character.
•[right] - Moves the insertion point right one character.
2.4 Deletion Keys
•[CTRL-C] - Deletes the whole line.
•[CTRL-D] - Deletes the character to the right on the insertion point.
•[CTRL-K] - Deletes all the characters to the right of the insertion point.
•[Backspace] - Deletes the character to the left of the insertion point.
1
1
.5 Escape Sequences
2
•
!! - Substitutes the last command line.
•!N - Substitutes the Nth command line (absolute as per 'history' command).
•!-N - Substitutes the command line entered N lines before (relative).
1
2
hapter 3. Command Hierarchy in CLI
C
3.1 CLI Commands
The CLI commands are divided into 4 categories:
•
Global commands
•Show commands
•Utility commands
•Configuration commands
3.2 Router Configuration
The router configuration is divided into 5 branches:
•Net: Network Settings
•Security: Security Settings
•System: Admin Settings
•Dot11: Wireless Settings
•Vpn: VPN Settings
•Radius: RADIUS Settings
1
3
hapter 4. Global commands used in
C
CLI
The global commands that are used in CLI are given b
•.exit: Exit this session
•.help:
•.top: Returns to the default mode
•.reboot: Reboots the system.
•.history: Displays the current session's command line history. Number
of commands in history list can be controlled by setting limit argument;
by default it is unbounded.
Displays an overview of the CLI syntax
elow:
1
4
hapter 5. Show commands used in
C
CLI
The show commands for all the above mentioned branch
section.
The command show activeDirectory-serverCheck? at the CLI
description of all the show commands in the branch activeDirectory-serverCheck, which
is as follows:
1
The command show NT-Domain-Settings? at the CLI prompt would give the description
of all the show commands in the branch NT-Domain-Settings, which is as follows:
1 show NT-Domain-Settings Displays NT Domain configuration.
The command show vpn? at the CLI prompt would give the description of all the show
commands in the branch vpn, which is as follows:
1 show vpn gre_tunnels gre tunnels display mode.
2 show vpn l2tp client Shows l2tp client details.
3 show vpn l2tp client setup Displays l2tp client setup.
show activeDirectoryserverCheck
Displays status of Active Directory servers.
es are outlined in this
prompt would give the
4 show vpn l2tp client status Displays l2tp client status.
5 show vpn l2tp Shows l2tp server details.
6 show vpn l2tp server Shows l2tp server details.
7 show vpn l2tp server setup Displays l2tp server setup.
8
9 show vpn openvpn Displays openvpn commands.
10 show vpn openvpn config Displays openvpn configuration.
11
12
13
14 show vpn pptp client Shows pptp client details.
15 show vpn pptp client setup Displays pptp client setup.
16 show vpn pptp client_status Shows pptp client status details.
17
show vpn l2tp server
connections
show vpn openvpn
remote_network_all
show vpn openvpn
local_network_all
show vpn openvpn
cert_upload_status
show vpn pptp client_status
setup
Displays l2tp server stats.
Displays all openvpn remote network on
system.
Displays all openvpn local network on system.
Displays openvpn certificate status.
Displays pptp client status setup.
1
5
8 show vpn pptp Shows pptp server details.
Access Point configuration. This
s the list of configured Access
Points for the device. From this summary list,
status and parameters of each AP are available
1
19 show vpn pptp server Shows pptp server details.
20 show vpn pptp server setup Displays pptp server setup.
21
show vpn pptp server
connections
Displays pptp server stats.
22 show vpn sslvpn Shows sslvpn settings.
23
show vpn sslvpn
connections
Shows sslvpn active connections.
24 show vpn sslvpn client Shows sslvpn client settings.
25 show vpn sslvpn route Shows route settings.
26 show vpn sslvpn policy Shows sslvpn policy settings.
27
28
29
30
show vpn sslvpn portallayouts
show vpn sslvpn
portforwarding
show vpn sslvpn
portforwarding appconfig
show vpn sslvpn
portforwarding hostconfig
Shows sslvpn portal-layouts settings.
Shows sslvpn portforwarding settings.
Shows sslvpn portforwarding appconfig
settings.
Shows sslvpn portforwarding hostconfig
settings.
31 show vpn sslvpn resource Shows sslvpn resource settings.
32
show vpn sslvpn resourceobject <resource_name>
Shows sslvpn resource object settings.
33 show vpn ipsec Shows vpn policy.
34 show vpn ipsec policy Shows vpn policy.
35 show vpn ipsec policy setup Shows vpn policy.
36 show vpn ipsec policy status Shows vpn status.
The command show LDAP-Settings? at the CLI prompt would give the description of all
the show commands in the branch LDAP-Settings, which is as follows:
1 show LDAP-Settings Displays LDAP configuration.
The command show dot11? at the CLI prompt would give the description of all the show
commands in the branch dot11, which is as follows:
1 show dot11 Displays 802.11 configuration
2
show dot11
accesspoint<ap_name>
Displays
command display
for display.
1
6
ap_name:
This is an AP identifier which
quely identifies an AP in the list of configured
An AP can be disabled if not in
use and enabled as needed. The AP is disabled
if this field has the value 'N' and it is enabled if it
has the value 'Y'. Disabling an AP does not
iguration, but stops the AP.
Enabling the AP creates a wireless network
where computers and other devices can join and
communicate with the devices connected to the
access point or the devices on the Local Area
The name or Service Set
Identifier (SSID) is the name of the wireless
network serviced by this AP. Note that since a
given wireless profile can be common to multiple
APs, the SSID is not unique to an AP. In order
for computers or devices to communicate via
erviced by this AP, all
devices must select the same SSID from the list
The field indicates whether SSID is broadcasted
or not in the beacon frames transmitted by the
, the wireless
devices will not be able to see the network name
(SSID). If this field has the value 'Y', it indicates
that the AP's SSID is broadcasted to the public.
If it is 'N' it indicates the SSID is not to be
broadcasted and a device would have to specify
This field has a brief description of the
security, encryption and authentication
combination assigned to the AP. A Profile is not
necessarily unique to an AP, rather this
The physical radio(s) on which this AP is
running on. An AP can run on multiple radios at
balancing and better
part of a logical network
AN id. This allows devices
connected to the VLAN through this AP to
exchange data with one another as in a LAN. If
the optional argument ap_name is specified, the
following configuration information is displayed
amount of time in
milliseconds between beacon transmissions.
Interval for delivery of traffic
uni
APs. Enabled:
delete the conf
Network (LAN). SSID:
this wireless network s
of wireless networks in the area.Broadcast:
AP. If SSID is not broadcasted
the SSID exactly to connect to this AP.
Profile:
grouping of wireless settings can be used on
more than one AP at the same time.
Radio:
the same time for loadthroughput.
VLAN: The AP can be a
defined by the VL
for the access point.
Beacon Interval: The
DTIM Interval:
17
indication message. It is related to beacon
The Request to Send (RTS)
threshold is the value the AP checks against its
ansmitting frames to determine if the
RTS/Clear To Send (CTS) handshake is
required with the receiving client. Using a small
value causes RTS packets to be sent more
often, consuming more of the available
bandwidth, therefore reducing the apparent
ut of the network packet. The default is
Frag
This is the maximum length of the
frame, beyond which packets must be broken up
(fragmented) into two or more frames. Collisions
because
. The default is 2346, which effectively
802.11b requires that a preamble be prepended
to every frame before it is transmitted to the air.
e either the traditional long
preamble, which requires 192 micro second for
transmission, or it may be an optional short
preamble that requires only 96 micro second.
Long preamble is needed for the compatibility
d
RTS/CTS
If selected the AP always performs
RTS/CTS handshake before transmitting a
packet. It is generally used to minimize collisions
n (gain) in dbm
for transmitted packets which is added to the TX
Retry
The number of retries the AP will use
when a frame transmission fails. It is used for
both long and short frames, of size less than or
The rate or rates (in Mbps) which the AP will
Profile configuration. If no profile name
ay a
summary of the details of all the profiles
configured in the system. If a profile name is
specified, this command will display a detailed
of the profile. If the argument
'DisplayQosInfo' is set to 'Y', the profile details
interval.
RTS Threshold:
tr
throughp
2346, which effectively disables RTS.
Threshold:
occur more often for long frames
sending them occupies the channel for a longer
time
disables Fragmentation. Preamble Mode:
3
show dot11
profile<profile_name><display_qos>
The preamble may b
with legacy 802.11 systems operating at 1 an
2 Mbps. The default is 'long'.
Protection:
among hidden stations Transmit Power Gain:
Defines the relative amplificatio
power configured on the physical radio.
Limit:
equal to the RTS threshold. Supported Rate:
advertise in the beacon frames.
Displays
is specified, this command will displ
configuration
will include the QoS details as well.
18
access point and radio statistics. This
table shows a cumulative total of relevant
wireless statistics for the APs and radios; the
counter is reset when the device is rebooted.
table displays
transmit/receive data for each radio. It has the
The number of
The number of
The number of
/received packet errors reported to
The number of
transmitted/received packet drops between the
: The number of multicast
The number
AP
This table displays transmit/receive
data for each AP. An AP can have multiple
entries if it is running on multiple radios. It has
the following fields: Pkt(Tx/Rx): The number of
transmitted/received wireless packets
ber of
transmitted/received bytes of information
The number of
transmitted/received packet errors reported to
The number of
The number of multicast packets sent
The number of packet
access control list information for the
Available Radios
This table shows the list of available radios that
an AP may use. It has the following fields:
This field
This field indicates which path the radio is
Displays
Radio Statistics: This
following fields: Pkt(Tx/Rx):
transmitted/received wireless packets.
Byte(Tx/Rx):
transmitted/received bytes of information.
Err(TRx/Rx):
transmitted
the radio. Drop(Tx/Rx):
radio and client. Mcast
4 show dot11 statistics
packets sent over this radio. Coll:
of packet collisions reported to the radio.
Statistics:
Byte(Tx/Rx): The num
Err(TRx/Rx):
the AP. Drop(Tx/Rx):
transmitted/received packet dropped by the AP.
Mcast:
over this AP. Coll:
collisions reported to the AP
5 show dot11 acl<ap_name>
6
7
show dot11 accesspoint
status<ap_name>
show dot11
wmm<profile_name>
Displays
specified access point.
Displays wireless stats.
Displays wireless stats.
8 show dot11 radius Displays radius Information.
9 show dot11 wps Displays WPS Information.
10 show dot11 wds<radio_no> Displays WDS Information.
11
show dot11
wireless_statistics
Displays wireless_statistics Information.
Displays Radio configuration.
12 show dot11 radio<radio_no>
Radio: The radio number. Card:
indicates which card the radio is using. Path:
19
RogueAP Enabled:
If this field has
value 'Y' it indicates that RogueAP detection is
enabled on this radio. If it is 'N' it indicates that
RogueAP detection is disabled on this radio. If
the
following cofiguration information is displayed
The
This field indicates
This field
io is mapped to.
The channel used by the
If this field has the
it indicates that RogueAP detection
Value in
dBm is the default transmitted power level for all
Enable
receive diversity (use multiple antennas to
receive packets) List of Access Points for Radio
This table shows all the APs that are configured
This is the
ID of the AP
The SSID serviced by AP Profile: This
field has a brief description of the security,
encryption and authentication combination
show system logging remote
mapped to.
the optional argument radioNum is given,
for the given radio. Radio Settings Radio:
radio number. Card Name:
which card the radio is using. Path:
indicates which path the rad
Current Channel:
radio. RogueAP Enabled:
value 'Yes',
is enabled on this radio. TX Power:
APs that use this radio. RX Diversity:
for a particular radio. AP Name:
name of the AP. BSSID: The BSS
SSID:
assigned to the AP.
The command show POP3-Settings? at the CLI prompt would give the description of all
the show commands in the branch POP3-Settings, which is as follows:
1 show POP3-Settings Displays POP3 configuration.
The command show POP3-Trusted-CA? at the CLI prompt would give the description of
all the show commands in the branch POP3-Trusted-CA, which is as follows:
1 show POP3-Trusted-CA Displays POP3 Trusted Certificates.
The command show system? at the CLI prompt would give the description of all the show
commands in the branch system, which is as follows:
1 show system logging .
2 show system logging remote .
3
setup
Displays remote logging configuration
4 show system logging facility .
5
show system logging facility
setup <facility>
Displays logging facility configuration
6 show system logging ipv4 .
20
captured log messages of the router
captured log messages of the
router activities from Event Log. The logs
displayed on this event viewer can be defined in
captured log messages of
vent Log. The logs
displayed on this event viewer can be defined in
remote management over https
jumbo_frame
s the resources being used in the system
7
show system logging ipv4
setup
Displays logging configuration
8 show system logging ipv6 .
9
10 show system log
show system logging ipv6
setup
Displays ipv6 logs configuration
Displays
activities
Displays all the
11 show system log all
the Log Configuration commands
Displays Page Wise,
12 show system log page
the router activities from E
the Log Configuration commands
13
14
15
16
show system
remote_management
show system
remote_management setup
show system
sessionSettings
show system
snmp <agentIP>
.
Displays
configuration
Displays sessionSettings Configuration
Displays SNMP configuration
17 show system switch_setting .
18
19
show system switch_setting
power_mode
show system switch_setting
Displays power mode configuration
Displays jumbo frame configuration
20 show system status Displays system status
21 show system dashboard
Display
currently
22 show system time .
23 show system time setup Displays Timezone and NTP configuration
24 show system traffic_meter .
25
show system traffic_meter
setup
Displays traffic meter configuration
26 show system usb-status Displays USB Status
27 show system users System group display mode
28 show system group System user display mode
29
show system group
specific<row_id>
Displays information for given group
30 show system group all Displays all groups on system
31 show system users all Displays all users on system
32
show system users
specific<row_id>
Displays information for given user
21
s Group Access Control configuration for
A RADIUS server maintains a database of user
larger environments. If a
RADIUS server already exists, it can be used for
authenticating users that want to connect to the
wireless network provided by this device. When
they
e table.
If first RADIUS server is not accessible, then
the next RADIUS
This table
33
34
35
36
show system group
groupaccesscontrol <group_id>
show system group
access_control_browser
show system group
access_control_ip
show system
firmwareVersion
Display
the selected group
Displays Access Control browsers Policies
Displays Access Control ips Policies
Displays the firmware Version.
The command show ntDomain-serverCheck? at the CLI prompt would give the description
of all the show commands in the branch ntDomain-serverCheck, which is as follows:
1
show ntDomainserverCheck
Displays status of NT Domain servers.
The command show Active-Directory-Settings? at the CLI prompt would give the
description of all the show commands in the branch Active-Directory-Settings, which is as
follows:
1
show Active-DirectorySettings
Displays Active Directory configuration.
The command show pop3-serverCheck? at the CLI prompt would give the description of
all the show commands in the branch pop3-serverCheck, which is as follows:
1 show pop3-serverCheck Displays status of Pop3 servers.
The command show Radius-serverCheck? at the CLI prompt would give the description
of all the show commands in the branch Radius-serverCheck, which is as follows:
1 show Radius-serverCheck Displays status of Radius servers.
The command show Radius-Settings? at the CLI prompt would give the description of all
the show commands in the branch Radius-Settings, which is as follows:
Displays RADIUS configuration.
accounts used in
1 show Radius-Settings
multiple RADIUS servers are configured,
are accessed in the same order as in th
system tries to contact to
server. Configured Radius Servers
22
displays the list of all configured RADIUS
servers. If the optional argument ServerIP is
figuration of the RADIUS
IP address of
IP address of RADIUS accounting
RADIUS authentication
server port to send the RADIUS messages.
in seconds) the device waits
The number of tries the router will make to the
RADIUS server secret. This field is only
list of interface for Inbound
specified, detailed con
server is displayed. Server IP:
RADIUS authentication server Accounting
Server IP:
server Server Port:
Timeout: The time (
for a response from the RADIUS server Retries:
RADIUS server before giving up. Secret:
displayed if the argument ServerIP is specified.
The command show net? At the CLI prompt would give the description of all the show
commands in the branch net, which is as follows:
1 show net ipv6_tunnel status Displays ipv6 tunnels status
2 show net bandwidth .
3 show net bandwidth profile .
4
5
6
7
8
show net bandwidth profile
setup
show net bandwidth
traffic_selector
show net bandwidth
traffic_selector setup
show net bandwidth profile
interface_list
show net bandwidth
traffic_selector services
Displays list of Available Bandwidth Profile(s).
.
Shows the list of Available Traffic Selector(s).
Displays the
Bandwidth Profile. It includes Available VLANs
Displays a list of available services
9 show net ddns .
10 show net ddns setup Show Dynamic DNS Configuration.
11 show net lan dhcp .
12
13
14
15
show net lan dhcp
reserved_ip
show net lan dhcp
reserved_ip setup
show net lan dhcp
leased_clients
show net lan dhcp
leased_clients list
.
Shows a list of DHCP Reserved Addresses.
.
Shows a list of Available DHCP Leased Clients.
16 show net dmz .
17 show net dmz setup Shows DMZ Configuration.
18 show net dmz dhcp .
23
list of DMZ DHCP Reserved
list of Available DMZ DHCP Leased
19
20
21
22
show net dmz dhcp
reserved_ip
show net dmz dhcp
reserved_ip setup
show net dmz dhcp
leased_clients
show net dmz dhcp
leased_clients list
.
Displays a
Addresses.
.
Shows a
Clients.
23 show net ethernet Displays Ethernet interfaces
24 show net lan .
25 show net lan ipv4 .
26 show net lan ipv4 setup Displays LAN Configuration.
27 show net lan ipv6 .
28 show net lan ipv6 setup Shows IPv6 LAN Configuration.
29
show net
statistics <interface>
Shows Interface Statistics
30 show net igmp Displays igmp configuration
31 show net intel_Amt Shows IntelAmt details
32 show net intel_Amt server Shows IntelAmt Server Configuration
33
34
35
show net intel_Amt
Reflector
show net intel_Amt server
setup
show net intel_Amt
Reflector setup
show IntelAmt Reflector Configuration
Displays Intel_Amt server configuration.
Displays Intel_Amt Reflector setup.
36 show net Ip_Alias Shows Ip Alias configuration details.
37 show net Ip_Alias server Shows Ip Alias configuration details.
38
show net Ip_Alias server
setup
Displays net Intel_Amt server setup.
39 show net mode .
40 show net mode setup Displays IP MODE configuration
41 show net ipv6_tunnel .
42 show net ipv6_tunnel setup Displays ipv6 tunnels configuration
43 show net routing mode .
44
show net routing mode
setup
Routing Mode between WAN and LAN
45 show net wan wan1 .
46 show net wan wan1 ipv4 .
47
48
show net wan wan1 ipv4
status
show net wan wan1 ipv4
setup
Displays ipv4 wan1 Information.
Displays Wan1 Setup Information.
49 show net wan wan2 .
50 show net wan wan2 ipv4 .
24
51
52
show net wan wan2 ipv4
status
show net wan wan2 ipv4
setup
Displays ipv4 wan2 Information.
Displays wan2 Setup Information.
53 show net wan wan3 Displays the wan3 configuration
54 show net wan wan3 threeG Shows ThreeG information.
55
56
show net wan wan3 threeG
setup
show net wan wan3 threeG
status
Displays ThreeG Configuration.
Displays wan3 ThreeG status.
57 show net wan .
58 show net wan mode Displays wan mode Setup.
59 show net wan port_setup Displays wan port Setup.
60 show net wan vlan_setup Displays vlan port Information for wan.
61
show net wan
configurable_port
Displays configurable port Information.
62 show net wan wan1 ipv6 .
63
64
show net wan wan1 ipv6
status
show net wan wan1 ipv6
setup
Displays ipv6 wan1 Information.
Displays Wan1 Setup Information.
65 show net wan wan2 ipv6 .
66
67
show net wan wan2 ipv6
status
show net wan wan2 ipv6
setup
Displays ipv6 wan2 Information.
Displays Wan2 Setup Information.
68 show net routing ospfv2 Shows OSPFv2 Configuration
69 show net routing ospfv3 Shows OSPFv3 Configuration
70
71
72
73
show net routing ospfv2
setup
show net routing ospfv3
setup
show net routing
protocol_binding
show net routing
protocol_binding setup
Displays OSPFv2 Configuration
Displays OSPFv3 Configuration
Shows protocol_binding rules
Displays protocol Binding Rules
74 show net radvd .
75 show net radvd setup Displays RADVD configuration
76 show net routing dynamic Shows dynamic routing setup
77
show net routing dynamic
setup
Shows dynamic routing Setup.
78 show net routing Displays routing setup
79 show net routing static Displays Static Routes Info
80 show net routing static ipv4 Displays IPv4 Static Routes Info
25
static route
81
82
show net routing static ipv4
setup
show net routing static
interface_list
Shows all the configured IPV4 routes.
Shows all the interfaces on which
can be configured
83 show net routing static ipv6 Displays IPv6 Static Routes Info
84
show net routing static ipv6
setup
Shows all the configured IPV6 Static routes.
85 show net upnp Displays UPnP Information
86 show net upnp portmap Displays UPnP portmap Table Information.
87 show net upnp setup Displays UPnP Setup Information.
88 show net vlan
89 show net vlan configuration Displays VLAN Confgiuration.
90 show net multivlan Shows vlan server status
91 show net multivlan subnet Shows vlan server status
92
show net multivlan subnet
status
Displays multi vlan Subnet List.
93 show net port-vlan Shows Port vlan status
94 show net port-vlan status Displays Port vlan status.
95 show net wireless_vlan Shows Port vlan status
96
show net wireless_vlan
status
Displays Port vlan status.
The command show ldap-serverCheck? at the CLI prompt would give the description of
all the show commands in the branch ldap-serverCheck, which is as follows:
1 show ldap-serverCheck Displays status of Ldap servers.
The command show security? at the CLI prompt would give the description of all the show
commands in the branch security, which is as follows:
1
show security
advanced_network
Shows advanced firewall attack checks
show security
2
advanced_network
Displays Security Checks configuration
attack_checks
3
4
5
6
7
show security
advanced_network ips
show security
application_rules
show security
application_rules setup
show security
application_rules status
show security firewall
custom_service
Displays ips configuration
.
Displays application rules configuration
Displays application rules status
.
26
8
show security firewall
custom_service setup
Displays a list of available Custom Service
configuration
9 show security firewall Displays Firewall Rules
10 show security firewall ipv4 Displays IPv4 Firewall Rules
11
show security firewall ipv4
setup
Displays IPv4 Firewall Rules
12 show security firewall algs Displays ALGs protocals status
13 show security firewall ipv6 Displays IPv6 Firewall Rules
14
show security firewall ipv6
setup
Displays IPv6 Firewall Rules
15 show security ids .
16 show security ids setup Displays IDS configuration
17
show security
session_settings
Displays Session Settings configuration
18 show security schedules .
19
20
21
22
23
show security schedules
setup
show security firewall
smtpAlg
show security firewall
smtpAlg configure
show security firewall
smtpAlg configure setup
show security firewall
smtpAlg approvedMailId
Displays Schedules configuration
.
.
Shows SmtpAlg Status.
.
show security firewall
24
smtpAlg approvedMailId
Shows a List of Approved Mail_Id.
setup
25
show security firewall
smtpAlg blockedMailId
.
show security firewall
26
smtpAlg blockedMailId
Shows a List of Blocked Mail_Id.
setup
27
28
show security firewall
smtpAlg subjectList
show security firewall
smtpAlg subjectList setup
.
Shows a List of Subject, corresponding Mail_Id
and Action.
29 show security mac_filter .
30
31
32
show security mac_filter
setup
show security
ip_or_mac_binding
show security
ip_or_mac_binding setup
Displays Source Mac Filter configuration
.
Displays IP/MAC Binding configuration
27
configuration and
n
33
34
show security firewall
vpn_passthrough
show security firewall
vpn_passthrough setup
.
Displays VPN passthrough Configuration
35 show security webAccess .
Displays security webAccess
36
show security webAccess
setup
rules
Displays a list of Allowed IpAdrr/Network Web
Access
37 show security website_filter .
38
39
40
show security website_filter
content_filtering
show security website_filter
approved_urls
show security website_filter
blocked_keywords
Displays content filtering configuration
Displays trusted domains configuration
Displays a list of available Approved URLs
Displays blocked keywords configuration
The command vpn? at the CLI prompt would give the description of all the configuration
commands in the branch vpn, which is as follows:
1 vpn gre_tunnel GRE Tunnel.
2 vpn gre_tunnel add GRE Tunnel add mode