Juniper Netscreen Commands

Interface

get counter statisticsShow interface statistics (CRC errors etc)
get interface trust port phyShow physical ports for a certain zone
get driver phyShow all link states of interfaces
get counter statistics interface ethernet3Show hardware stats on interface
set interface [interface] no-subnet-conflict-checkAllows you to configure multiple interfaces in the same IP broadcast domain.

Current Settings / Values

get envarget environment variable
get configget device configuration
get systemget system information
get arpget arp cache
get routeget routing table
get system | i Boxget port-mode
get alg h323 countersget the ALG counters
get algget status of ALGs (disabled or enabled)
get sys-cfgget default settings for the device
get sys scaleget basic system limits
get debugget currently enabled debug level
get tcpget system socket information

NAT

get mipget mip (nat)
get vipget vip (nat)
get nat cookieget show nat cookies

Statistics / Performance

get perf cpu detailget cpu performance
get session infoget load on firewall
get counter flowShow flow stats (fragmentation etc)
get counter screenShow screen stats (SYN Floods etc)

VPN

clear ike-cookie [gateway ip]clear ike cookies
clear sa [id]clear sa
get vpnshow vpns

NSRP

get nsrp clusterShow cluster info
get nsrp monitorShow list of monitored interfaces
get nsrp vsd id 0Show VSD id 0
get counters haShow HA interface hardware counters
exec nsrp sync global-config check-sumAllows you to see if the cluster configs are syncronised
exec nsrp sync global saveSync’s the nodes.A reboot is required to complete the update.
exec nsrp vsd-group 0 modeFails over the cluster. Run this command on the Master node.

IGMP

set interface ethernet0/1 igmp routerenable IGMP on interface eth0/1
get vrouter trust-vr protocol pimget the multicast sources visible to your ScreenOS device

Misc

set exec port-modeset the port mode
set flow tcp-mss 1460sets the MSS
Rick Donato

Want to become an IT Security expert?

Here is our hand-picked selection of the best courses you can find online:
Internet Security Deep Dive course
Complete Cyber Security Course – Hackers Exposed
CompTIA Security+ (SY0-601) Certification Complete course
and our recommended certification practice exams:
AlphaPrep Practice Tests - Free Trial