Use the network configuration CLI commands to:
Identify a connector on the back of the machine: see show network interface port
Reset networking after installing or moving a network card: see store network interface inventory
Set IP addresses: see:
Enable or disable high-availability, see store network interface high-availability
Configure the network card if the switch it attaches to will not auto-negotiate the settings; see:
Displays the address resolution protocol (ARP) table, which is an operational system value. This command is provided for support purposes only.
show network arp-table
g4.guardium.com> sho net arp
IP address HW type Flags HW address Mask Device
192.168.3.1 0x1 0x2 00:0E:D7:98:07:7F * nic1
192.168.3.20 0x1 0x2 00:C0:9F:40:33:30 * nic1
ok
g4.guardium.com>
Displays a list of MAC addresses (like the show network interface inventory command).
show network macs
g3.guardium.com> show net macs
eth0: 00:13:72:50:CF:40
eth1: 00:13:72:50:CF:41
eth2: 00:04:23:CB:11:84
eth3: 00:04:23:CB:11:85
eth4: 00:04:23:CB:11:96
eth5: 00:04:23:CB:11:9
ok
This command shows settings for the network interface used to connect the Guardium appliance to the desktop LAN. The IP address, mask, state (enabled or disabled) and high availability status will be displayed. If IP high-availability is enabled, the system will display two interfaces (ETH0 and ETH3). Otherwise, only ETH0 will be displayed.
show network interface all
Use this command to display the port names and MAC addresses of all installed network interfaces.
Network Configuration CLI Commands
g3.guardium.com> show network interface inventory
eth0 00:13:72:50:CF:40
eth1 00:13:72:50:CF:41
eth2 00:04:23:CB:11:84
eth3 00:04:23:CB:11:85
eth4 00:04:23:CB:11:96
eth5 00:04:23:CB:11:97
ok
Use this command to locate a physical connector on the back of the appliance. After using the show network interface inventory command (above) to display all port names, use this command to blink the light on the physical port specified by n (the digit following eth in the above command), 20 times.
show network interface port <n>
g4.guardium.com> sho net int port 1
The orange light on port eth1 will now blink 20 times.
ok
Display the IP routing configuration in use.
show network routes operational
g4.guardium.com> sho net rout ope
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.3.0 0.0.0.0 255.255.255.0 U 0 0 0 nic1
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 nic2
0.0.0.0 192.168.3.1 0.0.0.0 UG 0 0 0 nic1
ok
g4.guardium.com>
If auto-negotiation is available on the switch to which a Guardium port is connected, auto-negotiation will be used, and only the restart option of this command will have any effect. Use this command to enable, disable, or restart auto-negotiation for the network interface named ethn. Use the show network interface inventory command (above) to display all port names.
store network interface auto-negotiation <ethn> <on | off | restart>
show network interface auto-negotiation <ethn>
Use this command only when auto-negotiation is not available on the switch to which the Guardium port is connected. This command configures duplex mode for the port named ethn. Use the show network interface inventory command (above) to display all port names.
store network interface duplex <ethn> <half | full>
show network interface duplex <ethn>
Enables or disables IP Teaming, which provides a fail-over capability for the Guardium appliance primary IP address. In addition (or alternatively), defines secondary routing by specifying which set addresses are to be directed to the specified gateway.
The two ports used (ETH0 and ETH3) must be connected to the same network. There is a slight delay, caused by the switch re-learning the port configuration. The default setting is off.
The port used for the primary IP address is always ETH0. When the high-availability option is enabled, the Guardium appliance automatically fails over to ETH3 (in effect transferring the primary IP address to ETH3).
Note: The high availability option is not available for the secondary IP address. Also, do not confuse the secondary IP address with the high-availability port. A secondary IP address can used to provide access to the Guardium appliance from second network, or to provide additional bandwidth on the same network. The secondary IP address is not related to the high availability feature.
To use secondary routing, enter an ip address and mask to identify all of the addresses for which responses are to be directed to the specified secondary gateway (which is identified by its IP address).
store network interface high-availability [on | off | <ip> <mask> <gateway>]
There is no show network interface high-availability command.
Resets the network interface MAC addresses stored in the Guardium internal tables. This command should only be used after replacing or moving a network card.
store network interface inventory
show network interface inventory
Sets the primary IP address for the Guardium appliance. When changing the network interface IP address, you may also need to change its subnet mask. See store network interface mask. A secondary IP address can be assigned, but only from the System Configuration panel on the Administration Console. In addition, a fail-over interface can be configured for the primary interface.
store network interface ip <ip address>
show network interface all
Maps the Ethernet port identified by ethn to the MAC address mac.
store network interface map <ethn> <mac>
Sets the subnet mask for the primary IP address. When changing the network interface mask, you may also need to change its IP address. See store network interface ip. Note that the subnet mask for a secondary IP address can be assigned only from the System Configuration panel on the Administration Console.
store network interface mask <ip mask>
show network interface all
Use this command only when auto-negotiation is not available on the switch to which the Guardium port is connected. This command configures the speed setting for the port named ethn. Use the show network interface inventory command (above) to display all port names.
store network interface speed <ethn> <10 | 100 | 1000>
show network interface speed <ethn>
Sets the IP address for the first, second, or third DNS server to be used by the Guardium appliance. Each resolver address must be unique. To remove a DNS server, enter null instead of an IP address.
store network resolver <1 | 2 | 3> <ip address | null>
show network resolver <1 | 2 | 3>
Sets the IP address for the default router to the specified value.
store network routes defaultroute <ip address>
show network routes defaultroute