Check Point firewall commands

List of useful Check Point firewalls commands.

Firewall Commands

  • fw unloadlocal – removes the current policy on the firewall *** This will stop traffic from being forwarded ***
  • fw stat – shows the currently installed policy

VPN Commands

  • vpn tu – Runs the VPN TunnelUtil to view and delete VPN IKE and IPSEC SAs.
  • vpn debug ikeon – Enables IKE debugging. Logs are saved to $FWDIR/log/ike.elg
    • vpn debug ikeoff – Disables IKE debugging.
  • vpn debug on – Enables VPN debugging. Logs are saved to $FWDIR/log/vpnd.elg
    • vpn debug ikeoff – Disables VPN debugging.
  • vpn debug trunc – Enabled both IKE and VPN debugging at the same time.
    • vpn debug truncoff – Disables IKE and VPN debugging.