Checkpoint Provider-1 Commands:

  • mdsenv [cma name] —> Sets the mds environment
  • mds_setup —> To setup MDS Servers
  • mdsconfig —> Alternative to cpconfig for MDS servers
  • mdsstat —> To see the processes status
  • mdsstart_customer [cma name] —> To start cma
  • mdsstop_customer [cma name] —> To stop cma
  • cma_migrate —> To migrate an Smart center server to CMA

Checkpoint Gaia Commands

  • set backup restore local <filename>  —– restores a local backup
  • set core-dump <enable/disable> ——-  enable/disable core dumps
  • set date yyyy-mm-dd       —————-  sets system date
  • set dhcp server enable —————  enable dhcp server
  • set dns primary <x.x.x.x>  —————— sets primary dns ip address
  • set dns secondary <x.x.x.x> —————- sets secondary dns ip address
  • set expert-password ——————– set or change password for entering into expert mode
  • set edition default <value> —————– set the default edition to 32-bit or 64-bit
    set hostname <value> ——————- sets system hostname
  • set inactivity-timeout <value> ——————  sets the inactivity timeout
  • set interface ethx ipv4-address x.x.x.x mask-length 24 —— adds ip address to an interface
  • set ipv6-state on/off ——————- sets ipv6 status as on or off
  • set kernel-routes on/off ——————- sets kernel routes to on/off state
  • set management interface <interface name> —— sets an interface as management interface
  • set message motd value —————– sets message of the day
  • set ntp active on/off —————– activates ntp on/off
  • set ntp server primary x.x.x.x version <1/2/3/4>  ———— sets primary ntp server
  • set ntp server secondary x.x.x.x version <1/2/3/4> ———– sets secondary ntp server
  • set snapshot revert<filename> ——————— revert the machine to the selected snapshot
  • set snmp agent on/off —————————- sets the snmp agent daemon on/off
  • set snmp agent-version <value> ——————– sets snmp agent version
  • set snmp community <value> read-only ———— sets snmp readonly community string
  • add snmp interface <interface name> —————- sets snmp agent interface
  • set snmp traps receiver <ip address> version v1 community value ——— specifies trap receiver
  • set snmp traps trap <value> —————- set snmp traps
  • set static-route x.x.x.x/24 nexthop gateway address x.x.x.x on ———— adds specific static route
  • set time <value> ——————————- sets system time
  • set time zone <time-zone> ———————- sets the time zone
  • set vsx off ————————– sets vsx mode off
  • set vsx on ———————-     sets vsx mode on
  • set user <username> password sets users password
  • set web session-timeout <value> sets web configuration session time-out in minutes
  • set web ssl-port <value> sets the web ssl-port for the system

Checkpoint VSX commands:

  1. Change the context to a different virtual device:

set virtual system <vsid>


Example: set virtual system 3

2. Showing virtual devices on VSX gateway:

show virtual system all

3.  Reset SIC for VS id:

vsx sic reset <id>

4. Unload a policy from VS:

fw -vs id unloadlocal

vsenv <id>; fw vsx sicreset

5. View state tables for virtual system <id>. Second line applies to VSX on R75.40VS and up

fw tab -vs <id> -t <table>

vsenv <id>; fw tab -t <table>

6. View HA state for Virtual System id when “Per Virtual System HA” mode is configured.

cphaprob -vs <id> state

7.View traffic for virtual system with ID <id>. Attn: with fw monitor use -v instead of -vs.

fw monitor -v <id> -e ‘accept;’

8. shows a list of the virtual devices and installed policies:

fw vsx stat -l

9. shows a list of the virtual devices and installed policies:

fw vsx stat -v

10. get the current context

vsx get [vsys name/id]