Interface
get counter statistics | Show interface statistics (CRC errors etc) |
get interface trust port phy | Show physical ports for a certain zone |
get driver phy | Show all link states of interfaces |
get counter statistics interface ethernet3 | Show hardware stats on interface |
set interface [interface] no-subnet-conflict-check | Allows you to configure multiple interfaces in the same IP broadcast domain. |
Current Settings / Values
get envar | get environment variable |
get config | get device configuration |
get system | get system information |
get arp | get arp cache |
get route | get routing table |
get system | i Box | get port-mode |
get alg h323 counters | get the ALG counters |
get alg | get status of ALGs (disabled or enabled) |
get sys-cfg | get default settings for the device |
get sys scale | get basic system limits |
get debug | get currently enabled debug level |
get tcp | get system socket information |
NAT
get mip | get mip (nat) |
get vip | get vip (nat) |
get nat cookie | get show nat cookies |
Statistics / Performance
get perf cpu detail | get cpu performance |
get session info | get load on firewall |
get counter flow | Show flow stats (fragmentation etc) |
get counter screen | Show screen stats (SYN Floods etc) |
VPN
clear ike-cookie [gateway ip] | clear ike cookies |
clear sa [id] | clear sa |
get vpn | show vpns |
NSRP
get nsrp cluster | Show cluster info |
get nsrp monitor | Show list of monitored interfaces |
get nsrp vsd id 0 | Show VSD id 0 |
get counters ha | Show HA interface hardware counters |
exec nsrp sync global-config check-sum | Allows you to see if the cluster configs are syncronised |
exec nsrp sync global save | Sync’s the nodes.A reboot is required to complete the update. |
exec nsrp vsd-group 0 mode | Fails over the cluster. Run this command on the Master node. |
IGMP
set interface ethernet0/1 igmp router | enable IGMP on interface eth0/1 |
get vrouter trust-vr protocol pim | get the multicast sources visible to your ScreenOS device |
Misc
set exec port-mode | set the port mode |
set flow tcp-mss 1460 | sets the MSS |
Rick Donato is a Network Automation Architect/Evangelist and the founder of
Packet Coders.Latest posts by Rick Donato
(see all)Want to become an IT Security expert?
Here is our hand-picked selection of the best courses you can find online:
Internet Security Deep Dive course
Complete Cyber Security Course – Hackers Exposed
CompTIA Security+ (SY0-601) Certification Complete course
and our recommended certification practice exams:
AlphaPrep Practice Tests - Free Trial