Create Hosts and Host Groups Configuration Example

Download Report

Transcript Create Hosts and Host Groups Configuration Example 

Command Line Interface Introduction
Configuration Example
Alcatel-Lucent Security Products Configuration Example Series
Command Line Introduction
The Brick Command Line Interface provides a way to issue commands directly
to a Brick for query purposes or for troubleshooting.
There are a total of 5 ways to create a connection to the Brick console.
 Remote connection from navigator
 Remote console connection from a command line
 Local connection (monitor and keyboard connected to Brick)
 Remote dial-in connection (external modem on serial port)
 Local serial port connection
All Rights Reserved © Alcatel-Lucent 2007
Command Line Introduction
For this example we will connect via the ALSMS navigator.
Login to the ALSMS locally or via the Remote Navigator.
Select the Bricks Folder. Select the Brick that you want to connect to.
Select Brick Utilities>Open Brick Console.
All Rights Reserved © Alcatel-Lucent 2007
Command Line Introduction
You can enter commands at the
bottom of the screen.
If you aren’t sure what commands you
want or the syntax of the commands
enter Help.
Or you can Click on the Commands
menu at the top of the page.
All Rights Reserved © Alcatel-Lucent 2007
Command Line Introduction
The Commands menu will show you most of the commands that you have at your
disposal and allow you to choose them right from the menu without having to type them.
Notice that there are submenus as seen to the left.
All Rights Reserved © Alcatel-Lucent 2007
Command Line Introduction
As you can see there are several commands to choose from.
This is a handy tool for displaying things like Arp tables, NAT sessions, VLANs,
routes per interface or just about anything else that you can think of to
check.
This is also a very handy tool to check network connectivity to the Brick.
You can ping from the Brick to see what the Brick can see.
All Rights Reserved © Alcatel-Lucent 2007
Command Line Introduction
Type Ping in the Enter Command field at
the bottom of the page to see the ping
options.
Or Select Ping from the commands menu.
The resulting screen will allow you to enter
various ping options as seen on the
following page.
All Rights Reserved © Alcatel-Lucent 2007
Command Line Introduction
You can apply up to seven options. You
can do the same with the traceroute
command.
In the case above we were sending pings
to a gateway at 135.119.2.161 with 1024
byte packets for 20 pings.
These are handy tools for checking
connectivity to the Brick.
All Rights Reserved © Alcatel-Lucent 2007
Command Line Introduction
You also have similar filtering options to do things like Packet Traces, ARP Traces,
Heartbeat Traces and so on.
From the Commands menu select Trace>Trace packet>Trace Packet Filter
(see next slide for options).
All Rights Reserved © Alcatel-Lucent 2007
Command Line Introduction
First a warning. Tracing packets can impact network throughput, use this
option with care on busy networks.
For packet tracing you have the following options:
 I = Brick port number (interface)
 S = Source IP Address
 D = Destination IP Address
 P = Protocol
 R = Direction (in or out)
F = Format




A = Hex dump
L = binary data in audit records to the ALSMS
M = prints the MAC addresses of the packet
C= prints additional contents of the IP Packet based on the protocol.
All Rights Reserved © Alcatel-Lucent 2007
Command Line Introduction
If your network is not overly busy try a packet trace now.
From the Commands menu select Trace>Trace Packet>Trace Packet Filter.
Set your options
From the Commands menu select Trace>Trace Packet>On.
Then Trace>Trace Packet>Off.
All Rights Reserved © Alcatel-Lucent 2007
Command Line Introduction
Your output should look something like this.
There are many more commands that can be done from the command line.
Refer to the section on “Maintaining An ALU VPN Firewall Brick Appliance” in the
Administrative Guide.
Also refer to the sections in the “Tools and Troubleshooting Guide”.
All Rights Reserved © Alcatel-Lucent 2007
Command Line Introduction
For more detailed information on configuring this feature click
Help>On Line Product Manuals>Tools and Troubleshooting Guide
See the sections on Command Line Interface.
The Product Manuals can also be found on your ALSMS CD.
All Rights Reserved © Alcatel-Lucent 2007