Interface
| get counter statistics |
Show interface statistics (CRC errors etc) |
| get interface trust port phy |
Show physical ports for a certain zone |
| get driver phy |
Show all link states of interfaces |
| get counter statistics interface ethernet3 |
Show hardware stats on interface |
| set interface [interface] no-subnet-conflict-check |
Allows you to configure multiple interfaces in the same IP broadcast domain. |
Current Settings / Values
| get envar |
get environment variable |
| get config |
get device configuration |
| get system |
get system information |
| get arp |
get arp cache |
| get route |
get routing table |
| get system | i Box |
get port-mode |
| get alg h323 counters |
get the ALG counters |
| get alg |
get status of ALGs (disabled or enabled) |
| get sys-cfg |
get default settings for the device |
| get sys scale |
get basic system limits |
| get debug |
get currently enabled debug level |
| get tcp |
get system socket information |
NAT
| get mip |
get mip (nat) |
| get vip |
get vip (nat) |
| get nat cookie |
get show nat cookies |
Statistics / Performance
| get perf cpu detail |
get cpu performance |
| get session info |
get load on firewall |
| get counter flow |
Show flow stats (fragmentation etc) |
| get counter screen |
Show screen stats (SYN Floods etc) |
VPN
| clear ike-cookie [gateway ip] |
clear ike cookies |
| clear sa [id] |
clear sa |
| get vpn |
show vpns |
NSRP
| get nsrp cluster |
Show cluster info |
| get nsrp monitor |
Show list of monitored interfaces |
| get nsrp vsd id 0 |
Show VSD id 0 |
| get counters ha |
Show HA interface hardware counters |
| exec nsrp sync global-config check-sum |
Allows you to see if the cluster configs are syncronised |
| exec nsrp sync global save |
Sync’s the nodes.A reboot is required to complete the update. |
| exec nsrp vsd-group 0 mode |
Fails over the cluster. Run this command on the Master node. |
IGMP
| set interface ethernet0/1 igmp router |
enable IGMP on interface eth0/1 |
| get vrouter trust-vr protocol pim |
get the multicast sources visible to your ScreenOS device |
Misc
| set exec port-mode |
set the port mode |
| set flow tcp-mss 1460 |
sets the MSS |
Rick Donato is a Network Automation Architect/Evangelist and the founder of
Packet Coders.
Latest posts by Rick Donato
(see all)Want to become an IT Security expert?
Here is our hand-picked selection of the best courses you can find online:
Internet Security Deep Dive course
Complete Cyber Security Course – Hackers Exposed
CompTIA Security+ (SY0-601) Certification Complete course
and our recommended certification practice exams:
AlphaPrep Practice Tests - Free Trial
