- Products
- Learn
- Local User Groups
- Partners
- More
Over 20 years, I've probably forgotten more CLI commands than I remember at this point 
But here are a few of the ones I still use from time to time:
fw stat
Shows what policy is loaded on the current gateway and what interfaces it has seen traffic on.
If it's DefaultFilter, then your gateway isn't running a real policy and is probably blocking all traffic
Example:
[Expert@oscar:0]# fw stat
HOST POLICY DATE
localhost IntFW 18Jul2017 19:11:16 : [>eth0] [<eth0] [>eth1] [<eth1] [>eth2] [<eth2]
fw fetch mastername
Fetches the policy from the management station named mastername. You can also use localhost as a way to reload the previously installed policy on the gateway. Note this is not to be confused with fw fetchlocal -d directory which is used in troubleshooting policy installation issues.
push_cert –s Cust_CMA –u admin –p adminpw –o examplegw –k test123
This is probably a command you haven't seen before and there's not even a public SK on it
It is used on the management to establish SIC with a newly installed security gateway without using SmartConsole or SmartDashboard, making it extremely useful in automation scenarios.
Arguments are as follows:
| Switch | Description |
|---|---|
| –s Cust_CMA | Management or CMA IP/hostname (can be localhost) |
| –u admin | Username of admin user in SmartConsole/SmartDashboard |
| –p adminpw | Password of admin user specified above |
| –o examplegw | Name (in SmartConsole/SmartDashboard) of gateway to establish SIC with |
| –k test123 | SIC one-time-password (should match what was specified on the gateway during first-time wizard) |
Looking forward to see what everyone else comes up with.
