CLI Cheat Sheet: Networking
Table of Contents
Expand all | Collapse all
CLI Cheat Sheet: Networking
Use the following table to quickly locate commands for
common networking tasks:
If you want to .
. . | Use . . . |
|---|---|
|
General Routing Commands
| |
|
> show routing route
|
|
> show routing fib virtual-router <name> | match <x.x.x.x/Y>
|
|
> set system setting arp-cache-timeout <60-65536>
|
|
> show system setting arp-cache-timeout
|
|
AE Interfaces
| |
|
> set ae-frag redistribution-policy hash
|
|
NAT
| |
|
> show running nat-policy
|
|
> test nat-policy-match
|
|
> show running ippool > show running global-ippool |
|
IPSec
| |
|
> show vpn flow
|
|
> show vpn gateway
|
|
> show vpn ike-sa
|
|
> show vpn ipsec-sa
|
|
> show vpn tunnel
|
|
> set network tunnel ipsec <name_of_tunnel> ipsec-mode [tunnel | transport]
|
|
LSVPN (PAN-OS 11.0.1 and later releases)
| |
|
> request global-protect-portal set-satellite-cookie-expiration value <0-5>
|
|
> show global-protect-portal satellite-cookie-expiration
|
|
> show global-protect-satellite satellite
|
|
BFD
| |
|
> show routing bfd active-profile [<name>]
|
|
> show routing bfd details [interface <name>] [local-ip <ip>] [multihop][peer-ip <ip>] [session-id] [virtual-router <name>]
|
|
> show routing bfd drop-counters session-id <session-id>
|
|
> show counter global | match bfd
|
|
> clear routing bfd counters session-id all | <1-1024>
|
|
> clear routing bfd session-state session-id all | <1-1024>
|
|
PVST+
| |
|
> set session pvst-native-vlan-id <vid>
|
|
> set session drop-stp-packet
|
|
> show vlan all
|
| > show counter globalLook
at the flow_pvid_inconsistent
counter. |
|
Troubleshooting
| |
|
> ping host <destination-ip-address>
|
|
> ping source <ip-address-on-dataplane> host <destination-ip-address>
|
|
> show netstat statistics yes
|
|
Advanced Routing
| |
|
> show advanced-routing fib
> show advanced-routing fib afi <ipv4|ipv6|both>
> show advanced-routing fib ecmp <no|yes>
|
|
> show advanced-routing route
> show advanced-routing route afi <ipv4|ipv6|both>
> show advanced-routing route destination <ip/netmask>
> show advanced-routing route logical-router <logical-router-name>
> show advanced-routing route type <bgp|connect|ospf|ospfv3|static>
|
|
> show advanced-routing logical-router <logical-router-name>
|
|
> show advanced-routing resource logical-router <logical-router-name>
|
|
> show advanced-routing static-route-path-monitor
|
|
> show advanced-routing ospf area
> show advanced-routing ospf dumplsdb
> show advanced-routing ospf graceful-restart
> show advanced-routing ospf interface
> show advanced-routing ospf lsdb
> show advanced-routing ospf neighbor
> show advanced-routing ospf summary
> show advanced-routing ospf virt-link
> show advanced-routing ospf virt-neighbor
|
|
> show advanced-routing ospfv3 area
> show advanced-routing ospfv3 dumplsdb
> show advanced-routing ospfv3 graceful-restart
> show advanced-routing ospfv3 interface
> show advanced-routing ospfv3 lsdb
> show advanced-routing ospfv3 neighbor
> show advanced-routing ospfv3 summary
> show advanced-routing ospfv3 virt-link
> show advanced-routing ospfv3 virt-neighbor
|
|
> show advanced-routing bgp summary logical-router <logical-router-name>
> show advanced-routing bgp peer detail peer-name <peer-name> logical-router <logical-router-name>
> show advanced-routing bgp peer received-routes peer-name <peer-name> afi <ipv4|ipv6|both> logical-router <logical-router-name>
> show advanced-routing bgp peer filtered-routes peer-name <peer-name> afi <ipv4|ipv6|both> logical-router <logical-router-name>
> show advanced-routing bgp peer advertised-routes peer-name <peer-name> afi <ipv4|ipv6|both> logical-router <logical-router-name>
> show advanced-routing bgp peer dampened-routes peer-name <peer-name> afi <ipv4|ipv6|both> logical-router <logical-router-name>
> show advanced-routing bgp peer status peer-name <peer-name> logical-router <logical-router-name>
> show advanced-routing bgp peer-groups group-name <group-name> logical-router <logical-router-name>
> show advanced-routing bgp filters route-map logical-router <logical-router-name> [ipv4|ipv6] name <route-map-name>
|
|
> show advanced-routing bgp filters access-list logical-router <logical-router-name> [ipv4|ipv6] name <access-list-name>
> show advanced-routing bgp filters prefix-list logical-router <logical-router-name> [ipv4|ipv6] name <prefix-list-name>
> show advanced-routing bgp route afi <ipv4|ipv6|both> logical-router <logical-router-name>
> show advanced-routing bgp peer advertised-routes peer-name <peer-name> afi <ipv4|ipv6|both> logical-router <logical-router-name>
|
|
QoS (PAN-OS 11.0.3 and later 11.0 releases)
| |
|
> set lockless-qos yes
|
|
> set lockless-qos no
|
|
> show lockless-qos enable
|
|
> show lockless-qos if-core-mapping
|