Check Point R75 CLI Pocket Guide

Shares

Here are a few Check Point CLI commands that i’ve put together for reference as a Pocket Guide. I will continuously add to this list



General Commands
sysconfig (System Config – i.e. Host Name, DNS, Time, Networking)
cpconfig (Check Point config – i.e. Licenses, SNMP, SIC, cluster membership, SecureXL, Automatic Start of Check Point Products)
cpstop (Stop all Check Point Services)
cpstart (Start all Check Point Services)
vi /var/log/opt/CPsuite-R75/fw1/vpnd.elg (Performed in Expert mode to view the vpn log file)
fwm unload firewall_name (Unloads the last applied firewall policy for example fwm unload cpmodule)
fw unloadlocal (unloads firewall policy in Gaia)
fw ctl zdebug drop (show dropped packets from the firewalls cli)
cpprod_util CPPROD_GetKeyValues products 0 (Lists installed products)
idle timeout (sets the cli idle timeout)

SSL Network Extender (SSL VPN)
webui disable (Disables the webui)
webui enable (Enabled the webui)
webui enable port_number (Changes the webui port for SSL VPN. For example webui enable 4434)

ClusterXL
cphaprob state (Monitors the Cluster Status)
cphaprob -a if (Checks the status of the cluster member interfaces)
cphaprob list (To see a list of critical devices on a cluster member and all other machines in the cluster)
cphastart (Activates ClusterXL on the member. Does not initiate a full synchronization)
cphastop (Stops the member from passing traffic, state synchronization also stops)
cpstart (initiates a full synchronization)
fw ctl pstat (Basic Synchronization Statistics at the end)
cphaprob syncstat (In depth Synchronization Statistics. Use cphaprob -reset syncstat to reset the stats)
cphaconf set_ccp multicast (Sets Cluster Control Protocol to Multicast)
cphaconf set_ccp broadcast (Sets Cluster Control Protocol to Broadcast)

Smart Event
evtop (stops the smart event service)
evstart (starts the smart event service)
evconfig (enters into the config menu, enables or disables components of Smart Event)