Professional Documents
Culture Documents
These commands relate to VPN and are also documented in the R77 Command Line Interface
Reference Guide.
Command Description
VPN This command and subcommands are used for working with various
aspects of VPN. VPN commands executed on the command line
generate status information regarding VPN processes, or are used to
stop and start specific VPN services.
vpn crl_zap This command is used to erase all Certificate Revocation Lists
(CRLs) from the cache.
vpn crlview This command retrieves the Certificate Revocation List (CRL) from
various distribution points and displays it for the user.
vpn debug This command instructs the VPN daemon to write debug messages to
the log file: $FWDIR/log/vpnd.elg.
vpn drv This command installs the VPN kernel (vpnk) and
vpn macutil This command is related to Remote Access VPN, specifically Office
mode, generating a MAC address per remote user. This command is
relevant only when allocating IP addresses via DHCP.
vpn mep_refresh This command causes all MEP tunnels to fail-back to the best
available gateway, providing that backup stickiness has been
configured.
vpn nssm_toplogy This command generates and uploads a topology (in NSSM format) to
a IPSO NSSM server for use by IPSO clients.
vpn overlap_encdom This command displays all overlapping VPN domains. Some IP
addresses might belong to two or more VPN domains. The command
alerts for overlapping encryption domains if one or both of the
following conditions exist:
vpn sw_topology This command downloads the topology for a SofaWare Security
Gateway.
vpn ver This command displays the VPN major version number and build
number.
vpn tu This command launches the TunnelUtil tool which is used to control
VPN tunnels.
SecureClient Commands
The following commands relate to SecureClient.
Command Explanation
scc connect This command connects to the site using the specified profile, and
waits for the connection to be established. In other words, the OS does
not put this command into the background and executes the next
command in the queue.
scc connectnowait This command connects asynchronously to the site using the specified
profile. This means, the OS moves onto the next command in the
queue and this command is run in the background.
scc disconnect This command disconnects from the site using a specific profile.
scc passcert This command sets the user's authentication credentials when
authentication is performed using certificates.
scc setmode <mode> This command switches the SecuRemote / SecureClient mode.
scc setpolicy This command enables or disables the current default security policy.
scc userpass This command sets the user's authentication credentials -- username,
and password.
scc icacertenroll This command enrolls a certificate with the internal CA, and currently
receives 4 parameters - site, registration key, filename and password.
Currently the command only supports the creation of p12 files.
scc sethotspotreg This command line interface now includes HotSpot/Hotel registration
support.
Desktop Policy Commands
The following command lines relate to the Desktop Policy.
Command Description
dtps debug [on|off] This command starts or stops the debug printouts to
$FWDIR/log/dtps.elg
fwm psload <path to desktop policy This command loads the Desktop Policy onto the
file> <target> module. The target is the name of the module where the
Desktop Policy is being loaded and should be entered as
it appears in SmartDashboard. This command should be
run from the management.
fwm sdsload <path to SDS objects This command loads the SDS database onto the module.
file> <target> The target is the name of the module where the SDS
objects file is being loaded and should be entered as it
appears in SmartDashboard. This command should be
run from the management.