Last adaptation to the version: 14.0.1 (01.2025)
- Die History des CLI per SSH ist jetzt persistent
Introduction
The Command Line Interface, or CLI for short, is the actual interface used to configure the Securepoint UTM. All graphical administration tools such as the Web Interface, Security Operation Center or Security Manager convert all your settings into commands that can be executed on the CLI. There are of course differences in the structure and scope of the commands between the individual versions.
This article is intended to give an overview of the possible commands and to show in some examples how to work with the CLI.
CLI on the interface
The CLI in the web interface can be called up under .
CLI per SSH
Das CLI per SSH ruft man auf, indem man zunächst eine SSH-Verbindung für den root- oder admin-Benutzer aufbaut.
Beispiel: ssh admin@<IP-Adresse>
Mit der Pfeiltaste hoch ↑ bewegt man sich in der Historie rückwärts und mit der Pfeiltaste runter ↓ vorwärts.
Zu beachten: Bei einer Anmeldung als admin öffnet sich direkt das CLI, wohingegen root-Nutzer es mit der Eingabe spcli explizit starten müssen.
Commands
The commands on the CLI can be divided into different levels. In v11, these levels have been divided into thematic points. For example, all commands relevant for interface configurations are located below "interface", such as the command "interface address get" (displays all existing IP addresses). Below is a list of all the commands on the first level.
As of version 11.6, when passing multiple parameters, note that they are enclosed in square brackets and separated by a space.
Example:
user group new name gruppenname permission [ perm1 perm2 ...]
| Command | Description |
|---|---|
| alertingcenter | Alerting Center Management |
| appmgmt | Management of the applications (start/stop) |
| captiveportal | Captive Portal Settings |
| cert | Certificate management |
| clear | Deletes the current content of the terminal |
| cli | Settings for the output behavior of the CLI |
| clientlessvpn | Settings for the ClientlessVPN |
| cluster | Settings via the cluster |
| debug | Debug routines |
| dhcp | Settings for the DHCP server |
| dns | Settings for the DNS server |
| exit | Ends the current CLI session |
| extc | Management of variables, as well as templates for applications |
| geolocation | List of geolocation |
| help | List of all commands |
| interface | Settings regarding the interfaces |
| ipsec | Settings for IPSec connections |
| logout | User is logged out after the CLI session ends |
| Mail filter/mail archive settings | |
| manager | Administration release |
| node | Configuration of network objects and groups |
| object | List of all objects |
| openvpn | Configuration of OpenVPN connections |
| pkey | Public key settings |
| qos | Settings for QoS profiles |
| quit | Ends the current CLI session |
| route | Network route management |
| rproxy | Reverse-Proxy configuration |
| rsa | RSA key management |
| rule | Management of the port filter (set of rules) |
| server | Management of the backend servers for the reverse proxy |
| service | Management of the services (ruleset) |
| spf2bd | Management of the FailToBan service |
| ssh | Create and manage the SSH keys for the cluster |
| syslog | Management of the syslog server, as well as output of the livelog |
| system | System-specific configuration items |
| usc_vhost | Management of the Unified Security Console (USC) |
| user | User management |
| view webuser | Information of the User-WebUI |
| webfilter | Web filter configuration |
| wireguard | WireGuard configuration |
| wlan | Management of WLAN functionality |