Knowledge Search


×
 

[ScreenOS] What Is the Difference Between CLI Command 'Set Firewall Log-Self Exclude IKE' and 'Unset Firewall Log-Self IKE'?

  [KB4415] Show Article Properties


Summary:
What Is the Difference Between CLI Command 'Set Firewall Log-Self Exclude IKE' and 'Unset Firewall Log-Self IKE'?
Symptoms:

Solution:

Note: This article applies to ScreenOS 4.0 and higher.

The CLI commands 'set firewall log-self exclude IKE' and 'unset firewall log-self IKE' perform the same function. They will both disable the 'Firewall Log Self for IKE' setting by removing the 'set firewall log-self IKE' line from the NetScreen device's configuration.

For example:

ns5xt-> set firewall log-self IKE
ns5xt-> get firewall
Log Self for IKE : On
Log Self for SNMP: Off
Log Self for ICMP: Off
Log Self Deny: Off
Log Self Deny exclude Multicast: Off
ns5xt->

ns5xt-> set firewall log-self exclude IKE
ns5xt->
ns5xt-> get firewall
Log Self for IKE : Off
Log Self for SNMP: Off
Log Self for ICMP: Off
Log Self Deny: Off
Log Self Deny exclude Multicast: Off
ns5xt->
ns5xt-> get firewall
Log Self for IKE : On
Log Self for SNMP: Off
Log Self for ICMP: Off
Log Self Deny: Off
Log Self Deny exclude Multicast: Off
ns5xt->
ns5xt->
ns5xt-> unset firewall log-self IKE
ns5xt->
ns5xt-> get firewall
Log Self for IKE : Off
Log Self for SNMP: Off
Log Self for ICMP: Off
Log Self Deny: Off
Log Self Deny exclude Multicast: Off
ns5xt->

 



Related Links: