• NetExtender for Secure Mobile Access 10.2
• NetExtender Overview
  • What is NetExtender
  • NetExtender Concepts
    • Stand-Alone Client
    • NetExtender Supports Network logon (PreLogon)
    • NetExtender Supports Always On VPN (AOV)
    • Multiple Ranges and Routes
    • IP Address User Segmentation
    • Client Routes
    • Tunnel All Mode
    • Proxy Configuration
  • Supported Platforms
    • NetExtender Client Versions
    • Supported Clients
    • Supported SonicWall Appliances
  • What's New in NetExtender
  • Feature Support in NetExtender
  • Deprecated Feature
• Configuring NetExtender for Windows Client
  • Prerequisites
  • Support Enhancement
  • Installing NetExtender on Windows
  • Enabling Network Logon (PreLogon) Feature on NetExtender
  • Enabling Always-On VPN Connection
  • Installing NetExtender through Microsoft Installer
  • Auto-Run NetExtender
• Configuring NetExtender for Linux Client
  • Prerequisites
  • Installing NetExtender on Linux
• Using NetExtender
  • Adding Connection Profile Management
  • Editing Connection Profile Management
  • Connect with Connection Profile
  • Connect with Specific Protocol
  • Multiple Factor Authentication
    • TOTP Authentication
    • Client Certificate Authentication
    • Smart Card Authentication
    • DUO Security Authentication Support for NetExtender
      • DUO Security Authentication with NetExtender Windows
      • DUO Security Authentication with NetExtender Linux
  • Configuring NetExtender Properties
    • NetExtender Properties for Windows Client
      • Configuring Settings
      • Configuring Connection Settings
      • Configuring Connection Script
      • Configuring Proxy
      • Configuring Packet Capture
    • NetExtender Properties for Linux Client
      • Configuring Proxy
      • Configuring Certificate Settings
      • Configuring Settings
  • Viewing the NetExtender Log
  • Disconnecting NetExtender
  • Upgrading NetExtender
  • Uninstalling NetExtender
• Using the NetExtender Command Line Interface
  • Launching the NetExtender CLI for Windows
  • Launching the NetExtender CLI for Linux
• NetExtender Troubleshooting
• NetExtender FAQ
• Use Case
  • Adding Connection Profile
  • Editing Connection Profile
  • OTP Authentication
  • Certificate Authentication
  • Authentication with Smart Card
• SonicWall Support
  • About This Document

Launching the NetExtender CLI for Linux

To launch the NetExtender CLI for Linux

1. Open the Terminal, and type nxcli.

2. Change directory to where NetExtender is installed. Type cd Program Files\SonicWall\SSL-VPN\NetExtender.

   The specific command directory could be different on your computer. Use Windows Explorer to find the directory path where NetExtender is located.

   NetExtender CLI commands and options

   Usage	Available Commands	flags	Description
   nxcli [server[:port]] [flags]	about		About Sonicwall NetExtender
   	cert		Use the 'cert' command to manage your client certificates
   	connect		Connect to the VPN server
   	connection		Create, delete or list connections
   	disconnect		Disconnect current VPN connection
   	help		Help with any command
   	log		Use the'log' command to manage NetExtender logs
   	Proxy		Use the 'proxy' command to Manage the http proxy
   	status		Check the VPN connection status
   		-d, --domain string	Domain Name
   		-h, --help	Help for nxcli
   		-p, -- password string	Password
   		-u, -- username string	Username
   nxcli connect [connection-name] [flags]			To connect to server
   		-h, --help	Help for connect
   		-p, -- password string	User Password
   nxcli connect	add		To connect to the default connection
   	del		To add the connection
   	detail		To delete the connection
   	edit		To edit the connection
   	list		To list the connection list
   		-h, --help	Help for connect
   		-l, --loss	connection loss
   nxcli connect [connection-name]
   nxcli status			To make sure the connected status
   nxcli status		-f	To get status with JSON format
   nxcli disconnect			To disconnect the connected connection
   nxcli cert [command]	add		To append a p12 certificate
   	list		To list all client certificates
   	del		To delete a certificate with id
   	forceTls12only		To Use forceTls12only to control the TLS version
   nxcli cert [flags]		-h, --help	Help for cert.
   nxcli log [command]	debug		To control the log level
   	export		To export logs
   		on	To enable debug log
   		off	To disable debug log
   nxcli log [flags]		-h, -- help	Help for log
   		-p, --path string	To export logs in the default path
   nxcli proxy [command]	disable		To disable the http proxy
   	enable		To set the http proxy
   	list		To view the http proxy
   nxcli proxy [flags]		-h, --help	Help for proxy
   nxcli proxy enable [flags]		-b, --bypass string	To ignore the hosts or servers
   		-h, --help	Help for proxy enable
   		-p, --password string	Password for proxy authentication if required
   		-s, --server string	Proxy server
   		-u --user name string	Username for proxy authentication if required
   If the user enables the OTP authentication, the CLI gives menu for the user to select the methods like OTP authentication or bind TOTP.
   If the user enable the PDA authentication, the CLI ask you the confirmation to proceed.
   nxcli connect			If the user wants to change the OTP method.
   	d. Do you want to proceed?
   		A: Accept
   		D: Decline
   If the user use Certificate, CLI shows the list of certificates to select the certificate to login.
   nxcli connect
   	Please select a client cert id	Please input your select: -1 to quit
   If user use Smart Card, CLI ask user to input PIN after user select the certificate.
   NetExtender will do an EPC check automatically
   If a user needs to change their password, the CLI asks them to input their old password and new password. The CLI will auto-reconnect after the password change is successful.