12. Command Line Interface (CLI)

In UserGate, you can perform device configuration with the help of the command-line interface, or CLI. The administrator can use CLI to run diagnostic commands, such as ping, nslookup, or traceroute, configure the device's network settings and security policies, as well as reboot or shut down the device.

CLI can be useful for troubleshooting network problems or when access to the web console is lost, for example, due to an incorrectly set interface IP address or erroneous zone access control settings that block connections to the web interface.

You can connect to the CLI using the standard VGA/keyboard ports (if physically present on the UserGate equipment), via the serial port, or via SSH over the network.

To connect to the CLI using a monitor and keyboard, follow these steps:

Task	Description
Step 1. Connect a monitor and keyboard to UserGate.	Connect a monitor to a VGA (HDMI) port and a keyboard to a USB port.
Step 2. Log in to the CLI.	Log in to the CLI using the login name and password for a user with Full administrator permissions (the default is Admin). If the UserGate device has not undergone initial configuration, Admin should be used as the login name without a password in order to access the CLI.

To connect to the CLI using the serial port, follow these steps:

Task	Description
Step 1. Connect to UserGate.	Use a special serial cable or a USB-Serial adapter to connect your computer to UserGate.
Step 2. Launch a terminal.	Launch a terminal that supports serial port connection, such as Putty for Windows or minicom for Linux. Establish a serial port connection using 115200 8n1 as the connection parameters.
Step 3. Log in to the CLI.	Log in to the CLI using the login name and password for a user with Full administrator permissions (the default is Admin). If the UserGate device has not undergone initial configuration, Admin should be used as the login name without a password in order to access the CLI.

To connect to the CLI using the SSH protocol, follow these steps:

Task	Description
Step 1. Allow CLI (SSH) access for the selected zone.	Allow SSH access for the CLI protocol in the settings for the zone to which you want to connect for CLI management. The TCP port 2200 will be opened.
Step 2. Launch an SSH terminal.	Launch an SSH terminal on your computer, such as SSH for Linux or Putty for Windows. Specify the UserGate address as the IP address, 2200 as the connection port, and the name of a user with Full administrator permissions as the login name (the default is Admin). For Linux, the connection command should look like this: ssh Admin@IPUserGate -p 2200
Step 3. Log in to the CLI.	Log in to the CLI using the password for the user specified in the previous step. If the UserGate device has not undergone initial configuration, Admin should be used as the login name without a password in order to access the CLI.

Task

Description

Step 1. Allow CLI (SSH) access for the selected zone.

Allow SSH access for the CLI protocol in the settings for the zone to which you want to connect for CLI management. The TCP port 2200 will be opened.

Step 2. Launch an SSH terminal.

Launch an SSH terminal on your computer, such as SSH for Linux or Putty for Windows. Specify the UserGate address as the IP address, 2200 as the connection port, and the name of a user with Full administrator permissions as the login name (the default is Admin). For Linux, the connection command should look like this:

ssh Admin@IPUserGate -p 2200

Step 3. Log in to the CLI.

Log in to the CLI using the password for the user specified in the previous step. If the UserGate device has not undergone initial configuration, Admin should be used as the login name without a password in order to access the CLI.

Upon successful authorization for CLI access, a command prompt will be displayed (diagnostics and monitoring mode). To view the current available options or use autocomplete, press Tab or ?. The following commands are available:

traceroute: trace the connection route to a specific host.
shutdown: shut down the UserGate server.
show: view the network settings, perform traffic monitoring, and view LLDP information.
clear: update the OSPF and BGP information.
ping: ping a specific host.
reboot: reboot the UserGate server.
date: view the current server date and time.
exit: exit the command line.
netcheck: check the availability of a 3rd party HTTP/HTTPS server.
configure: switch to the configuration mode.
dig: check the DNS record for a domain.

These commands are available in the configuration mode. For more details, see the sections Execute Commands and Diagnostics and Monitoring Commands.

To abort the current command, press Ctrl+C; to view command history, use the ↑ and ↓ keys.

All CLI commands have the following structure:

<action> <level> <filter> <configuration_info>

where <action> is the action to be performed;

<level> is the configuration level corresponding to the UserGate web interface section;

<filter> is the identifier of the object being accessed; and

<configuration_info> is the set of parameter values to be applied to the <filter> object.

CLI supports multi-line command entry. To move to a new line, add "\" at the end of the current one. Starting from the second line, entering "\" is not required; to finish the entry, enter one empty line:

Admin@UGOS# set users user example \ 
... name username1 
... enabled on 
... groups [ "Default Group" ] 
... 
Admin@UGOS#

You are here

Search form

12. Command Line Interface (CLI)