execute vpn

vpn

This topic includes the following commands:

execute vpn certificate ca export tftp
execute vpn certificate ca import auto
execute vpn certificate ca import bundle
execute vpn certificate ca import tftp
execute vpn certificate crl import auto
execute vpn certificate ems_ca import tftp
execute vpn certificate hsm primus generate ec
execute vpn certificate hsm primus generate rsa
execute vpn certificate hsm primus load-key
execute vpn certificate hsm safenet generate rsa
execute vpn certificate local export tftp
execute vpn certificate local generate cmp
execute vpn certificate local generate default-gui-mgmt-cert
execute vpn certificate local generate default-ssl-ca
execute vpn certificate local generate default-ssl-ca-untrusted
execute vpn certificate local generate default-ssl-key-certs
execute vpn certificate local generate default-ssl-serv-key
execute vpn certificate local generate ec
execute vpn certificate local generate rsa
execute vpn certificate local import tftp
execute vpn certificate local verify
execute vpn certificate remote export tftp
execute vpn certificate remote import tftp
execute vpn ipsec tunnel down
execute vpn ipsec tunnel up

execute vpn certificate ca export tftp

Export CA certificate to a TFTP server.

execute vpn certificate ca export tftp <string>

Parameter	Description	Type	Size
<string>	CA certificate name.	string

execute vpn certificate ca import auto

Import CA certificate via SCEP.

execute vpn certificate ca import auto <string>

Parameter	Description	Type	Size
<string>	URL of the CA server.	string

execute vpn certificate ca import bundle

Import certificate bundle from a TFTP server.

execute vpn certificate ca import bundle <string> <ip>

Parameter	Description	Type	Size
<string>	File name on the TFTP server.	string
<ip>	IP address of TFTP server.	string

execute vpn certificate ca import tftp

Import CA certificate from a TFTP server.

execute vpn certificate ca import tftp <string> <tftp server>

Parameter	Description	Type	Size
<string>	File name on the TFTP server.	string
<tftp server>	TFTP server IPv4, IPv6, or FQDN.	string

execute vpn certificate crl import auto

Update CRL.

execute vpn certificate crl import auto <string>

Parameter	Description	Type	Size
<string>	CRL name.	string

execute vpn certificate ems_ca import tftp

Import Testing EMS CA certificate from a TFTP server.

execute vpn certificate ems_ca import tftp <string> <tftp server>

Parameter	Description	Type	Size
<string>	File name on the TFTP server.	string
<tftp server>	TFTP server IPv4, IPv6, or FQDN.	string

execute vpn certificate hsm primus generate ec

Generate a Primus HSM elliptic curve certificate request.

execute vpn certificate hsm primus generate ec <string>

Parameter	Description	Type	Size
<string>	Hardware Security Module partition name.	string

execute vpn certificate hsm primus generate rsa

Generate a Primus HSM RSA certificate request.

execute vpn certificate hsm primus generate rsa <string>

Parameter	Description	Type	Size
<string>	Hardware Security Module partition name.	string

execute vpn certificate hsm primus load-key

Try to load in a certificate from the Primus HSM.

execute vpn certificate hsm primus load-key <string>

Parameter	Description	Type	Size
<string>	Local and Hardware Security Module key name.	string

execute vpn certificate hsm safenet generate rsa

Generate a SafeNet HSM RSA certificate request.

execute vpn certificate hsm safenet generate rsa <string>

Parameter	Description	Type	Size
<string>	HSM slot name.	string

execute vpn certificate local export tftp

Export local certificate or certificate request to a TFTP server.

execute vpn certificate local export tftp <string>

Parameter	Description	Type	Size
<string>	Local certificate name.	string

execute vpn certificate local generate cmp

Generate a certificate request over CMPv2.

execute vpn certificate local generate cmp <string> <number> <string>

Parameter	Description	Type
<string>	Local certificate name.	string
<number>	Key size: 1024, 1536, 2048, 4096.	string
<string>	Server ('ADDRESS:PORT' for CMP server, add 'https://' before address to enable ssl/tls).	string

execute vpn certificate local generate default-gui-mgmt-cert

Generate the default GUI mgmt admin-server certificate.

execute vpn certificate local generate default-gui-mgmt-cert

execute vpn certificate local generate default-ssl-ca

Generate the default CA certificate used by SSL Inspection.

execute vpn certificate local generate default-ssl-ca

execute vpn certificate local generate default-ssl-ca-untrusted

Generate the default untrusted CA certificate used by SSL Inspection.

execute vpn certificate local generate default-ssl-ca-untrusted

execute vpn certificate local generate default-ssl-key-certs

Generate the default RSA, DSA and ECDSA key certs for ssl resign.

execute vpn certificate local generate default-ssl-key-certs

execute vpn certificate local generate default-ssl-serv-key

Generate the default server key used by SSL Inspection.

execute vpn certificate local generate default-ssl-serv-key

execute vpn certificate local generate ec

Generate an elliptic curve certificate request.

execute vpn certificate local generate ec <string>

Parameter	Description	Type	Size
<string>	Local certificate name.	string

execute vpn certificate local generate rsa

Generate a RSA certificate request.

execute vpn certificate local generate rsa <string> <number> <string>

Parameter	Description	Type
<string>	Local certificate name.	string
<number>	Key size: 1024, 1536, 2048, 4096.	string
<string>	Subject (Host IP/Domain Name/E-Mail).	string

execute vpn certificate local import tftp

Import the signed certificate from a TFTP server.

execute vpn certificate local import tftp <string> <tftp server> <string> <Enter>|<passwd>

Parameter	Description	Type
<string>	File name on the TFTP server.	string
<tftp server>	TFTP server IPv4, IPv6, or FQDN.	string
<string>	Certificate file type ('cer'\|'p12').	string
<Enter>\|<passwd>	Password for PKCS12 file.	string

execute vpn certificate local verify

Verify certificate and private key files match and regenerate if mismatched.

execute vpn certificate local verify <string>

Parameter	Description	Type	Size
<string>	Local certificate name.	string

execute vpn certificate remote export tftp

Export REMOTE certificate to a TFTP server.

execute vpn certificate remote export tftp <string>

Parameter	Description	Type	Size
<string>	REMOTE certificate name.	string

execute vpn certificate remote import tftp

Import REMOTE certificate from a TFTP server.

execute vpn certificate remote import tftp <string> <tftp server>

Parameter	Description	Type	Size
<string>	File name on the TFTP server.	string
<tftp server>	TFTP server IPv4, IPv6, or FQDN.	string

execute vpn ipsec tunnel down

Shut down the specified IPsec tunnel.

execute vpn ipsec tunnel down <phase1>

Parameter	Description	Type	Size
<phase1>	Phase1 name.	string

execute vpn ipsec tunnel up

Activate the specified IPsec tunnel.

execute vpn ipsec tunnel up <phase1>

Parameter	Description	Type	Size
<phase1>	Phase1 name.	string

execute vpn

vpn

This topic includes the following commands:

execute vpn certificate ca export tftp
execute vpn certificate ca import auto
execute vpn certificate ca import bundle
execute vpn certificate ca import tftp
execute vpn certificate crl import auto
execute vpn certificate ems_ca import tftp
execute vpn certificate hsm primus generate ec
execute vpn certificate hsm primus generate rsa
execute vpn certificate hsm primus load-key
execute vpn certificate hsm safenet generate rsa
execute vpn certificate local export tftp
execute vpn certificate local generate cmp
execute vpn certificate local generate default-gui-mgmt-cert
execute vpn certificate local generate default-ssl-ca
execute vpn certificate local generate default-ssl-ca-untrusted
execute vpn certificate local generate default-ssl-key-certs
execute vpn certificate local generate default-ssl-serv-key
execute vpn certificate local generate ec
execute vpn certificate local generate rsa
execute vpn certificate local import tftp
execute vpn certificate local verify
execute vpn certificate remote export tftp
execute vpn certificate remote import tftp
execute vpn ipsec tunnel down
execute vpn ipsec tunnel up

execute vpn certificate ca export tftp

Export CA certificate to a TFTP server.

execute vpn certificate ca export tftp <string>

Parameter	Description	Type	Size
<string>	CA certificate name.	string

execute vpn certificate ca import auto

Import CA certificate via SCEP.

execute vpn certificate ca import auto <string>

Parameter	Description	Type	Size
<string>	URL of the CA server.	string

execute vpn certificate ca import bundle

Import certificate bundle from a TFTP server.

execute vpn certificate ca import bundle <string> <ip>

Parameter	Description	Type	Size
<string>	File name on the TFTP server.	string
<ip>	IP address of TFTP server.	string

execute vpn certificate ca import tftp

Import CA certificate from a TFTP server.

execute vpn certificate ca import tftp <string> <tftp server>

Parameter	Description	Type	Size
<string>	File name on the TFTP server.	string
<tftp server>	TFTP server IPv4, IPv6, or FQDN.	string

execute vpn certificate crl import auto

Update CRL.

execute vpn certificate crl import auto <string>

Parameter	Description	Type	Size
<string>	CRL name.	string

execute vpn certificate ems_ca import tftp

Import Testing EMS CA certificate from a TFTP server.

execute vpn certificate ems_ca import tftp <string> <tftp server>

Parameter	Description	Type	Size
<string>	File name on the TFTP server.	string
<tftp server>	TFTP server IPv4, IPv6, or FQDN.	string

execute vpn certificate hsm primus generate ec

Generate a Primus HSM elliptic curve certificate request.

execute vpn certificate hsm primus generate ec <string>

Parameter	Description	Type	Size
<string>	Hardware Security Module partition name.	string

execute vpn certificate hsm primus generate rsa

Generate a Primus HSM RSA certificate request.

execute vpn certificate hsm primus generate rsa <string>

Parameter	Description	Type	Size
<string>	Hardware Security Module partition name.	string

execute vpn certificate hsm primus load-key

Try to load in a certificate from the Primus HSM.

execute vpn certificate hsm primus load-key <string>

Parameter	Description	Type	Size
<string>	Local and Hardware Security Module key name.	string

execute vpn certificate hsm safenet generate rsa

Generate a SafeNet HSM RSA certificate request.

execute vpn certificate hsm safenet generate rsa <string>

Parameter	Description	Type	Size
<string>	HSM slot name.	string

execute vpn certificate local export tftp

Export local certificate or certificate request to a TFTP server.

execute vpn certificate local export tftp <string>

Parameter	Description	Type	Size
<string>	Local certificate name.	string

execute vpn certificate local generate cmp

Generate a certificate request over CMPv2.

execute vpn certificate local generate cmp <string> <number> <string>

Parameter	Description	Type
<string>	Local certificate name.	string
<number>	Key size: 1024, 1536, 2048, 4096.	string
<string>	Server ('ADDRESS:PORT' for CMP server, add 'https://' before address to enable ssl/tls).	string

execute vpn certificate local generate default-gui-mgmt-cert

Generate the default GUI mgmt admin-server certificate.

execute vpn certificate local generate default-gui-mgmt-cert

execute vpn certificate local generate default-ssl-ca

Generate the default CA certificate used by SSL Inspection.

execute vpn certificate local generate default-ssl-ca

execute vpn certificate local generate default-ssl-ca-untrusted

Generate the default untrusted CA certificate used by SSL Inspection.

execute vpn certificate local generate default-ssl-ca-untrusted

execute vpn certificate local generate default-ssl-key-certs

Generate the default RSA, DSA and ECDSA key certs for ssl resign.

execute vpn certificate local generate default-ssl-key-certs

execute vpn certificate local generate default-ssl-serv-key

Generate the default server key used by SSL Inspection.

execute vpn certificate local generate default-ssl-serv-key

execute vpn certificate local generate ec

Generate an elliptic curve certificate request.

execute vpn certificate local generate ec <string>

Parameter	Description	Type	Size
<string>	Local certificate name.	string

execute vpn certificate local generate rsa

Generate a RSA certificate request.

execute vpn certificate local generate rsa <string> <number> <string>

Parameter	Description	Type
<string>	Local certificate name.	string
<number>	Key size: 1024, 1536, 2048, 4096.	string
<string>	Subject (Host IP/Domain Name/E-Mail).	string

execute vpn certificate local import tftp

Import the signed certificate from a TFTP server.

execute vpn certificate local import tftp <string> <tftp server> <string> <Enter>|<passwd>

Parameter	Description	Type
<string>	File name on the TFTP server.	string
<tftp server>	TFTP server IPv4, IPv6, or FQDN.	string
<string>	Certificate file type ('cer'\|'p12').	string
<Enter>\|<passwd>	Password for PKCS12 file.	string

execute vpn certificate local verify

Verify certificate and private key files match and regenerate if mismatched.

execute vpn certificate local verify <string>

Parameter	Description	Type	Size
<string>	Local certificate name.	string

execute vpn certificate remote export tftp

Export REMOTE certificate to a TFTP server.

execute vpn certificate remote export tftp <string>

Parameter	Description	Type	Size
<string>	REMOTE certificate name.	string

execute vpn certificate remote import tftp

Import REMOTE certificate from a TFTP server.

execute vpn certificate remote import tftp <string> <tftp server>

Parameter	Description	Type	Size
<string>	File name on the TFTP server.	string
<tftp server>	TFTP server IPv4, IPv6, or FQDN.	string

execute vpn ipsec tunnel down

Shut down the specified IPsec tunnel.

execute vpn ipsec tunnel down <phase1>

Parameter	Description	Type	Size
<phase1>	Phase1 name.	string

execute vpn ipsec tunnel up

Activate the specified IPsec tunnel.

execute vpn ipsec tunnel up <phase1>

Parameter	Description	Type	Size
<phase1>	Phase1 name.	string

Secure Networking

Hybrid Mesh Firewall

NOC Management

LAN

WAN

Unified SASE

Single Vendor SASE

Cloud Network Security

Secure Endpoint Connectivity

Web Application / API Protection

Security Operations

Security Operations Automation

Identity

Early Detection & Prevention

Secure Networking

Hybrid Mesh Firewall

NOC Management

LAN

WAN

Communication & Surveillance

Unified SASE

Single Vendor SASE

Secure Endpoint Connectivity

Cloud Network Security

Cloud-Native Security

Web Application / API Protection

Security Operations

Security Operations Automation

Endpoint

Data Protection

Identity

Email

Early Detection & Prevention

Expert Services

Edge Firewall

Orchestration & management

SD Branch

Application Delivery

Single Vendor SASE

Secure Endpoint Connectivity

Secure Private Access

Thin Edge

Identity

Application Gateway

Enterprise Asset Management

Endpoint Agent

Agentless Security Posture

Identity

Wireless

Switching

Identity

Privilege Acccess Management

Next Generation Firewall

Orchestration & management

Expert Services

All

All

Account Management

SAAS Management

SAAS Application Security

Managed Services

Platform as a service (PAAS)

Other SAAS Services

4D Pillars

Cloud

Popular Solutions

CLI Reference

execute vpn

execute vpn

execute vpn certificate ca export tftp

execute vpn certificate ca import auto

execute vpn certificate ca import bundle

execute vpn certificate ca import tftp

execute vpn certificate crl import auto

execute vpn certificate ems_ca import tftp

execute vpn certificate hsm primus generate ec

execute vpn certificate hsm primus generate rsa

execute vpn certificate hsm primus load-key

execute vpn certificate hsm safenet generate rsa

execute vpn certificate local export tftp