Scribd Logo
Upload

Welcome to Scribd!

  • Comandos Utilizados

    Uploaded by

    enrique_stf
    67 views2 pages
    This document contains a collection of Check Point commands and SNMP queries for monitoring and troubleshooting Check Point firewall services and VPN connectivity. It includes commands to view CPU usage, memory usage, network interfaces, NAT tables, VPN debugging, cluster state, and more.

    Original Description:

    Original Title

    comandos utilizados

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document contains a collection of Check Point commands and SNMP queries for monitoring and troubleshooting Check Point firewall services and VPN connectivity. It includes commands to view CPU usage, memory usage, network interfaces, NAT tables, VPN debugging, cluster state, and more.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as txt, pdf, or txt
    67 views2 pages

    Comandos Utilizados

    Uploaded by

    enrique_stf
    This document contains a collection of Check Point commands and SNMP queries for monitoring and troubleshooting Check Point firewall services and VPN connectivity. It includes commands to view CPU usage, memory usage, network interfaces, NAT tables, VPN debugging, cluster state, and more.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as txt, pdf, or txt
    of 2

    http://furiousfiber.

    com/automatically-delete-old-log-files-on-check-point/
    https://community.checkpoint.com/thread/5319-my-top-3-check-point-cli-commands
    http://www.linfo.org/watch.html
    Check Point services sk83520
    VPN 3rd party sk108600
    Enabling IKE and VPN debugging skI4326
    ATRG: VPN Core sk104760
    Best Practices - Security Gateway Performance sk98348
    CoreXL Dynamic Dispatcher in R77.30 / R80.10 and above sk105261

    fw ctl multik stat (distribucion de conexiones x CPU)


    fw ctl affinity -l -v -r
    cphaconf set_ccp broadcast
    cphaconf set_ccp multicast
    cphaprob mmagic (R80)
    cphaconf cluster_id get
    cpstat -f indexer mg
    cpstat -f log_server mg
    free -m
    mpstat 2 5
    iostat 2 5
    /sbin/cpuinfo
    cat /proc/meminfo

    snmpwalk -v 2c -c public localhost .1.3.6.1.4.1.2620.1.6.7.7.2.1.9 1.0


    snmpwalk -v 2c -c public localhost .1.3.6.1.4.1.2620.999.1.4.4

    snmpwalk -v 2c -c public localhost .1.3.6.1.4.1.2620.1.1.25.21


    snmpwalk -v 2c -c FW-Fenix-02 172.17.196.117 .1.3.6.1.4.1.2620.1.1.25.21
    snmpget -v 2c -c public 172.17.196.117 .1.3.6.1.4.1.2620.1.1.25.21

    snmpwalk -v3 -l authNoPriv -u admin -a MD5 -A vpn123 localhost .


    1.3.6.1.4.1.2620.1.1.25.21

    cpstat fw
    cpstat mg (validar equipos conectados a la consola)
    watch --interval=1 'cpstat fw'
    fw stat

    fw tab -u -t connections | awk '{ print $2 }' | sort -n | uniq -c | sort -nr | head
    -10
    fw tab -u -t connections -f | awk -F\; '{ print $3 }' | sort -n | uniq -c | sort
    -nr | head -10 (PARA ORIGEN)
    fw tab -u -t connections -f | awk -F\; '{ print $5 }' | sort -n | uniq -c | sort
    -nr | head -10 (PARA DESTINO)
    transformar el resultado de hex a decimal (top 10 IPs origen que acaparan la tabla
    de conexiones) cambiar el 2 x el 4 para destino

    Assume the Hide NAT address in question is 203.0.113.1:

    fw tab -u -t connections | grep -ci cb007101


    Divide the number reported by 2, and you have your answer. The result must be
    divided by 2 because each post-NATted connection is represented by 2 flows,
    one outbound (c2s) and one inbound (s2c). Also the NAT IP address must be converted
    from the dotted quad format to hexadecimal as shown.

    show routed cluster-state detailed


    fw getifs

    fw ctl multik stat (conexiones por core)


    fw ctl affinity -l -r -a -v
    cpstat -f memory os
    cpstat -f multi_cpu os
    enabled_blades

    Delete all connections from the NAT cache and NAT allocation tables:
    [Expert@HostName:<VSID>]# fw tab -t fwx_alloc -x -y
    [Expert@HostName:<VSID>]# fw tab -t fwx_cache -x -y

    fw ctl debug 0 (deshabilitar cualquier debug)

    You might also like