There are command line tools for the Secure SD-WAN Manager and the Engines.
This online help was created for Secure SD-WAN Manager, version 6.10.100.0.
Before setting up FlexEdge Secure SD-WAN, it is useful to know what the different components do and what engine roles are available.
Before you can set up the system and start configuring elements, you must consider how the different Secure SD-WAN Manager components should be positioned and deployed.
After deploying the Secure SD-WAN Manager components, you are ready to start using the Management Client and carrying out some of the first configuration tasks.
You can use the Secure SD-WAN Manager to monitor system components and third-party devices. You can also view and filter logs, and create Reports from them.
You can command and set options for engines through the Management Client or on the engine command line. You can also stop traffic manually.
Secure SD-WAN Manager configuration allows you to customize how the Secure SD-WAN Manager components work.
You can create and modify Firewalls, IPS engines, Layer 2 Firewalls, Master Engines and Virtual Engines. You can configure the Engine properties, activate optional features, and configure advanced Engine settings.
Use the Management Client to configure static or dynamic routing, and use a Multi-Link configuration to manage and distribute inbound and outbound connections.
Policies are key elements that contain rules for allowing or blocking network traffic and inspecting the content of traffic.
User accounts are stored in internal databases or external directory servers. You can use Engine in the Firewall/VPN role or external authentication servers to authenticate users.
Engine supports both policy-based and route-based VPN (virtual private network) tunnels between VPN gateways. For full remote access, Engine supports both IPsec and SSL VPN tunnels for VPN clients.
Maintenance includes procedures that you do not typically need to do frequently.
Troubleshooting helps you resolve common problems in the Engine and Secure SD-WAN Manager.
Secure SD-WAN Manager commands include commands for the Management Server, Log Server, and Web Portal Server.
There are commands that can be run on the command line on Firewall, Layer 2 Firewall, IPS engines, or Master Engines.
You can test and monitor the Server Pool Monitoring Agents on the command line.
There are default ports used in connections between Secure SD-WAN Manager components and default ports that Secure SD-WAN Manager components use with external components.
Expressions are elements that allow you to create simple definitions for representing complex sets of IP addresses by using logical operands.
Predefined Aliases are used in the default policies. Some of them might be useful when you create your own rules.
There are parameters you can define for Situation Contexts.
The Secure SD-WAN Manager has its own regular expression syntax. Regular expressions are used in Situations for matching network traffic. Situations are used in the Inspection rules on Engines.
There are Secure SD-WAN Manager-specific LDAP classes and attributes that you add to the schema of external LDAP servers.
For descriptions of all log fields, see the following reference.
For a list of available shortcut keys in the Management Client, see Knowledge Base article 38538.
The multicasting reference describes the general principles of multicasting and how it can be used with CVIs (cluster virtual IP addresses) in Firewall Clusters.