Technical Documentation

Security

Firewall

To view stateful firewall filter information in the J-Web interface, select Monitor>Security>Firewall>Stateful Firewall. To display stateful firewall filter information for a particular address prefix, port, or other characteristic, type or select information in one or more of the Narrow Search boxes, and click OK.

Table 1 shows a summary of the information displayed on Firewall pages and the corresponding CLI show commands you can enter at the J-Web CLI terminal.

Table 1: Firewall Information and Corresponding CLI show Commands

Information Displayed

Corresponding CLI Command

Statistics Summary

Stateful firewall filter statistics.

show services stateful-firewall statistics

Stateful Firewall

Stateful firewall filter conversations.

show services stateful-firewall conversations

Flow table entries for stateful firewall filters.

show services stateful-firewall flows

IDS Information

Information about an address under possible attack.

show services ids destination-table

Information about an address that is a suspected attacker.

show services ids source-table

Information about a particular suspected attack source and destination address pair.

show services ids pair-table

IPSec

To view information about configured IPSec tunnels and statistics, and IKE security associations for adaptive services interfaces select Monitor>Security>IPSec in the J-Web interface.

Table 2 shows a summary of the information displayed on the IPSec page and the corresponding CLI show commands you can enter at the J-Web CLI terminal.

Table 2: IPSec Information and Corresponding CLI show Commands

Information Displayed

Corresponding CLI Command

(Adaptive services interface only) IPSec statistics for the selected service set.

show services ipsec-vpn ipsec statistics

(Adaptive services interface only) IPSec security associations for the selected service set.

show services ipsec-vpn ipsec security-associations

(Adaptive services interface only) Internet Key Exchange (IKE) security associations.

show services ipsec-vpn ike security-associations

NAT

NAT pool information includes information about the address ranges configured within the pool on the routing platform. To view NAT pool information, select Monitor>Security>NAT in the J-Web interface.

Table 3 shows a summary of the information displayed on the NAT page and the corresponding CLI show command you can enter at the J-Web CLI terminal.

Table 3: NAT Information and Corresponding CLI show Command

Information Displayed

Corresponding CLI Command

Information about Network Address Translation (NAT) pools.

show services nat pool


Published: 2010-04-29