Jump to content


Photo

CLI - VPN and FW management

CLI VPN FW

  • Please log in to reply
4 replies to this topic

#1 Marco Holdorf

Marco Holdorf
  • Members
  • 9 posts

Posted 25 July 2013 - 06:20 PM

Hi, am fairly new to this product / linux and just trying to find my way around - sorry if I post in the wrong section or ask a already million times asked question, etc.

Currently I try to figure out if I can manage VPN tunnels, FW rules or monitor the firewall live log via the command line? I found already techlib for the commands, which helped me out a lot, but I can not figure out how and where I could manage these 3 sections.

http://techlib.barra...-Line+Interface

Can somebody let me know if it is possible or quickly point me to the right command / documentation?

Thanks! : )

#2 Bernhard Patsch

Bernhard Patsch
  • Barracuda Team Members
  • 110 posts

Posted 26 July 2013 - 01:43 AM

Hi Marco,

What tasks do you want to do on the CLI excately? The NG product is designed to provide excellent configuration management features and it provides a flexible and object-oriented Firewall. For improved usability, NG provides a graphical UI to manage all aspects of the firewall. Access to the CLI is usually only required for troubleshooting purposes.

Monitoring the firewall logs is easy: they are available in the /phion0/logs/ directory.

Benny

#3 Marco Holdorf

Marco Holdorf
  • Members
  • 9 posts

Posted 28 July 2013 - 07:09 PM

Hey, thanks for reply. :)

I was wondering if I am e.g. able to see if a VPN tunnel is up or down or if I could disable / enable a tunnel on the CLI, etc.

Yeah the NG product is great and the UI is really easy to handle. All the features provided work for me and I can find my way around. Just for speed reasons it is sometimes quicker and more convenient to manage smaller tasks via SSH I reckon ... like I do the same with our switches and routers, just for the firewalls I have use the graphical UI ... but yeah it's working fine, just was wondering if it is possible. :)

thanks for the hint about the firewall logs, that's already pretty handy for some quick troubleshooting :)

cheers

#4 Christoph Bittig

Christoph Bittig
  • Members
  • 7 posts

Posted 12 March 2014 - 07:29 AM

I would also appreciate it, if Barracuda will provide an easy to use CLI for creating for example a huge amount of Firewall address objects.



#5 Stefan Hora

Stefan Hora
  • Barracuda Guru
  • 141 posts

Posted 14 March 2014 - 11:59 AM

Hey, thanks for reply. :)

I was wondering if I am e.g. able to see if a VPN tunnel is up or down or if I could disable / enable a tunnel on the CLI, etc.

Yeah the NG product is great and the UI is really easy to handle. All the features provided work for me and I can find my way around. Just for speed reasons it is sometimes quicker and more convenient to manage smaller tasks via SSH I reckon ... like I do the same with our switches and routers, just for the firewalls I have use the graphical UI ... but yeah it's working fine, just was wondering if it is possible. :)

thanks for the hint about the firewall logs, that's already pretty handy for some quick troubleshooting :)

cheers

 

You can try this command:

ktinactrl ?
use: ktinactrl [start stop tunnel transport spi lookup]
   start      Load module, caches and rules
   stop       Save caches and unload module
   tunnel     Tunnel Operations
   transport  Transport Operations
   spi        SPI Operations
   route      VPN Routing Operations
   lookup     VPN Routing Lookup Operations
   meth       VPN Methods (cipher,esp,hash,compress)
   udp        UDP Managment
   cache      Cache Control
   personal   Personal Network Control
   reserved   Reserved Address/Network Control
   boxrate    get/set box rate limit
   mils       mils specific operations
   cipher     external cipher operations
   stream     get/set stream compression limits
   cyclemeth  transport packet cycle methods
   wanopt     wanopt parameters
   tune       tuning parameters
   rdev       routed devices