network_stuff:palo_alto
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| network_stuff:palo_alto [2023/03/24 20:11] – jotasandoku | network_stuff:palo_alto [2023/11/02 14:38] (current) – external edit 127.0.0.1 | ||
|---|---|---|---|
| Line 3: | Line 3: | ||
| ---- | ---- | ||
| - | IU: | + | UI: |
| \\ | \\ | ||
| * Contexts | * Contexts | ||
| - | * Commit from panorame. We can stage multiple changes and stage OOH, | + | * Commit from panorama. We can stage multiple changes and stage OOH, |
| * Policies (pre and post rules) | * Policies (pre and post rules) | ||
| Line 191: | Line 191: | ||
| show running resource-monitor | show running resource-monitor | ||
| show system resources | show system resources | ||
| - | \\ | + | |
| - | tftp export configuration from running-config.xml to ip-addr | + | |
| - | to save running-config to tftp server at ip-addr | + | |
| - | \\ | + | |
| - | tftp export stats-dump to ip-addr | + | |
| - | to save data for AVR report to tftp server at ip-addr | + | |
| \\ | \\ | ||
| ---- | ---- | ||
| Line 208: | Line 203: | ||
| ---- | ---- | ||
| - | Generate traffic and then: | ||
| - | debug dataplane packet-diag set capture off | ||
| - | view-pcap filter-pcap mypcapfile.pcap | ||
| - | tftp export filter-pcap from mypcapfile.pcap to 10.10.10.10 | ||
| - | \\ | ||
| - | Clean up: | ||
| - | debug dataplane packet-diag set capture off | ||
| - | debug dataplane packet-diag set filter off | ||
| - | debug dataplane packet-diag clear filter all | ||
| - | debug dataplane packet-diag clear capture stage receive | ||
| - | delete debug-filter file mypcapfile.pcap | ||
| - | \\ | ||
| - | Check settings: | ||
| - | debug dataplane packet-diag show setting | ||
| - | \\ | ||
| - | Check Users in AD groups | ||
| - | show user group list | match trax-information | ||
| - | show user group name " | ||
| - | match the group name in AD | ||
| - | |||
| - | then use group name command which will list all the users in the group | ||
| - | |||
| - | USEFUL FILTER EXPRESSION | ||
| MONITOR | MONITOR | ||
| Line 239: | Line 211: | ||
| ---- | ---- | ||
| - | **To verify POLICY (from the gateways)** | ||
| - | |||
| - | test security-policy-match protocol 6 from OUTSIDE to INSIDE source 207.82.215.170 destination 204.128.53.8 destination-port 5046 | ||
| - | |||
| - | > show user user-ids match-user atelesford | ||
| - | |||
| - | test security-policy-match protocol 6 from OUTSIDE to INSIDE source 10.30.162.81 destination 10.35.56.40 destination-port 443 source-user corporate\gphillip | ||
| - | | ||
| | | ||
network_stuff/palo_alto.1679688670.txt.gz · Last modified: (external edit)
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
