The following CLI commands could be used instead of the WebUI for configuring cOS Core communication with NetEye. It is assumed that the HTTP/HTTPS clients are located on the network called lan_net which is connected to the firewall interface lan.

A. Configure an FQDN Address Object for the Tunnel Endpoint

Device:/> add Address FQDNAddress my_neteye_fqdn
			Address=<NetEye-fqdn>

B. Configure an IPsec Tunnel

First, configure the pre-shared key object for the tunnel:

Device:/> add PSK my_neteye_psk Type=HEX PSKHex=<paste key here>

Next, configure the tunnel:

Device:/> add Interface LANtoLANVPN my_neteye_tunnel
			RemoteEndpoint=my_neteye_fqdn
			LocalNetwork=all-nets
			RemoteNetwork=all-nets
			PSK=my_neteye_psk
			AutoInterfaceNetworkRoute=No

C. Create a New Routing Table

Device:/> add RoutingTable my_neteye_rt

D. Add an all-nets Route

Device:/> cc RoutingTable my_neteye_rt
Device:/rt> add Route Network=all-nets Interface=my_neteye_tunnel

E. Configure a Policy-based Routing Rule

Device:/> add RoutingRule
			ForwardRoutingTable=my_neteye_rt
			ReturnRoutingTable=main
			SourceInterface=lan
			SourceNetwork=lan_net
			DestinationInterface=any
			DestinationNetwork=all-nets
			Service=http-all

F. Configure an IP Policy

Finally, configure an IP policy to allow traffic to flow into the tunnel:

Device:/> add IPPolicy Name=my_neteye_policy
			SourceInterface=lan
			SourceNetwork=lan_net
			DestinationInterface=my_neteye_tunnel
			DestinationNetwork=all-nets
			Service=http-all
			Action=Allow

A CLI activate/commit command sequence can now be applied to make the configuration changes permanent.