Useful Netscreen Commands for Troubleshooting

Netscreen Commands for Troubleshooting:

Here is some useful Netscreen commands for troubleshooting.

get config : to get device configuration

save : to save changes to config

get system : gets system information, Netscreen mode

get session info : shows load on the firewall 85+ implies there will be some latency

get interface : shows interfaces, zones

get address trust/unturst: shows defined network objects

get Arp : shows firewall Arp entries

get route : shows firewall routes

get service : shows firewall services

get group address : network groups

get group service : service groups

get policy in/out : shows applied firewall policies

get log traffic : shows firewall logs – options: based on src/dst/IP/port

unset : to remove a config statement

get user all : shows vpn users

get log event : shows vpn logs

get MIP : shows one to one Nat’s

get VIP : shows configured port forwarding rules

get route ip x.x.x.x: finds the specific route for an ip

set policy id xx : put you in a specific policy then you can add more objects it instead of creating a group


1 Response to "Useful Netscreen Commands for Troubleshooting"

MJ said... May 21, 2010 at 7:27 AM

u can add snoop also

Post a Comment

Search This Blog

Blog Archive

Total Pageviews