728x90
admin@PA-VM>configure
admin@PA-VM#set deviceconfig system ip-address 192.168.200.63 netmask 255.255.255.0 default-gateway 192.168.200.254 dns-setting servers primary 8.8.8.8
If you have every worked on any
Juniper Box with JUNOS CLI, you will feel at home when working on Palo
Alto Firewall Appliance....
Operational Mode and Configuration Modes
username@hostname> (Operational mode)
username@hostname> configure
Entering configuration mode
[edit]
username@hostname# (Configuration mode)
Moving between Modes
up—changes the context to one level up in the hierarchy.
Example:
[edit network interface] (network level)
@abce# up
[edit network]
username@hostname# (now at the network level)
top—changes context to the top level of the hierarchy.
Example:
[edit network interface vlan] (network vlan level)
username@hostname# top
[edit]
username@hostname# (now at network vlan level)
Changing modes
username@hostname# exit
Software Version, Mgmt Address etc.
dmin@PA-VM> show system info
Grep/Match
admin@PA-VM> show system info | match model
model: PA-VM
Find commands with following keyword
username@hostname# find command keyword hsm
Restart Appliance
>request restart system
Show Configuration Hierarchy
username@hostname# show network interface ethernet
ethernet {
ethernet1/1 {
virtual-wire;
}
ethernet1/2 {
virtual-wire;
}
ethernet1/3 {
layer2 {
units {
ethernet1/3.1;
}
}
}
ethernet1/4;
}
[edit]
username@hostname#
Configure IP Address to a given Port
IP address/netmask 10.1.1.12/24 to the Layer 3 interface for the Ethernet port ethernet1/4:
[edit]
username@hostname# set network interface ethernet ethernet1/4 layer3 ip10.1.1.12/24
Check pending changes (uncommitted)
username@hostname# check pending-changes
Saves a snapshot of the firewall configuration or the device state files
username@hostname# save config to savefile
Get Hw Address of Interfaces
show system state | match hwaddr
Routing Table
> show routing route
Show running-configuration
admin@PA-VM#show
Logs
admin@PA-VM> less mp-log ? (you will see all possible logs)
Packet Capture:-
admin@PA-VM> debug dataplane packet-diag set log on
admin@PA-VM> debug dataplane packet-diag set filter on
admin@PA-VM> debug dataplane packet-diag set filter match source <ip Address>
Removing Filters
If setting command shows two filters configured and we want to remove on of them, then we can use
admin@PA-VM> debug dataplane packet-diag clear filter <filter number>
Export pcap file
scp export filter-pcap from <file> to <SCP_serv>
Viewing Packet Hitting Filter in live mode
admin@PA-VM> view-pcap follow yes filter-pcap test1_capture
Show Packet Capture Setting
admin@PA-VM> debug dataplane packet-diag show setting
Management Traffic Capture:-
Their Mgmt Interface is eth0
admin@PA-VM> tcpdump filter "dst 49.0.0.254"
Press Ctrl-C to stop capturing
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
^C
11 packets captured
22 packets received by filter
0 packets dropped by kernel
admin@PA-VM> tcpdump filter "dst 49.0.0.254"
admin@PA-VM> view-pcap mgmt-pcap mgmt.pcap
Show all Sessions
>show session all
728x90
'업무이야기 > Security' 카테고리의 다른 글
Juniper Firewall Transparent mode config (Example) (0) | 2018.05.08 |
---|---|
SRX Syslog config (0) | 2018.05.08 |
FortiGate FGSP (0) | 2018.05.08 |
FortiAnalyzer CLI (0) | 2018.05.08 |
fortigate File reached uncompressed size limit (0) | 2018.05.08 |