Use the Device Toolkit
Table of Contents
Expand all | Collapse all
-
- IPSec Termination Nodes Within Prisma
- IPSec Termination Node Logic (Panorama Managed)
- Determine Region Bandwidth Utilization
- Determine IPSec Termination Nodes Method #1 (Remote Networking On-Boarding)
- Determine IPSec Termination Nodes Method #2 (Panorama API Method)
- IPSec Termination Node Conventions and Tag Nomenclature
-
- Understand Prisma SD-WAN and Prisma Access for Networks Integration
- Access the Integration Run Logs
- Correlate Objects between Prisma SD-WAN and Panorama
- View Standard VPNs at a Site Level
- View Alerts and Alarms
- View Activity Charts
- Use the Device Toolkit
- Check Tunnel Status on Panorama
- Common Errors and Syntax Output
- Successful Integration Run Log Output
Use the Device Toolkit
Let us see how to use the device CLI commands (toolkit).
The following device toolkit commands
provide Standard VPN status and statistics.
dump servicelink summary
NJ-3K-1# dump servicelink summary -------------- SERVICE LINKS ---------------------------------- Total : 1 TotalUP : 1 TotalDown : 0 --------------------------------------------------------------- SlDev SlName Status ParentDev LocalIP PeerIpsecProfile ------------------------------------------------------------------------------------------- sl1 Prisma Access-US-East-1 up eth5 10.0.0.54 18.206.130.18Prisma Access
dump interface config interface=<SL Name>
NJ-3K-1# dump interface config interface=Prisma Access-US-East-1 Interface : Prisma Access-US-East-1 Description :ID : 15271797519640022 Type : service_link Admin State : up Alarms: enabled MTU : 1400 IP : static Address : 192.168.23.1/30 Parent Device : eth5 Peer : 18.206.130.18 IPSec Profile : Prisma Access Authentication Type: psk Remote ID : Prisma Access@cloudgenix.com Local ID Type : customLocal ID : cgx@cloudgenix.com Key Exchange : ikev2 IKE Reauth : no IKE Lifetime : 8 hours IKE Remote Port : 500 IKE DH Group/Encryption/Hash : ecp384/aes256/sha512 ESP Lifetime : 1 hours ESP Encapsulation : Auto ESP DH Group/Encryption/Hash : ecp384/aes256/sha512 DPD Enabled : yes DPD Delay : 1 DPD Timeout : 5
dump servicelink status
NJ-3K-1# dump servicelink status slname=PrismaAccess-US-East-1 ServiceLink : sl1 IkeSa: Version :2 State :Up Local IP :10.0.0.54 Local ID :cgx@cloudgenix.com Remote IP :18.206.130.18 Remote ID :Prisma Access@cloudgenix.com Encryption Algo :AES_CBC_256 Integrity Algo :HMAC_SHA2_512_256 Rekey Time :2018-05-26 04:12:39.268471663 +0000 UTC (26274s) Dhgroup :ECP_384 ChildSa: SPI In :74fc94ae SPI Out :ce6db561 Encryption Algo :AES_CBC_256 Integrity Algo :HMAC_SHA2_512_256 Dhgroup :ECP_384 Rekey Time :2018-05-25 21:03:49.26851536 +0000 UTC (544s) Life Time :2018-05-25 21:15:12.268520133 +0000 UTC (1227s) Install Time:2018-05-25 20:15:12.268524131 +0000 UTC (2373s)
dump servicelink stats
NJ-3K-1# dump servicelink stats slname=Prisma Access-US-East-1 No of times IkeRekeyed : 4 No of times ChildRekeyed: 32 No of times HoldDown : 0 No of times TunnelUp : 1 No of times TunnelDown : 2 No of Incoming Bytes : 0 No of Outgoing Bytes : 0 No of Incoming Packets : 0 No of Outgoing Packets : 0
For more information on device toolkit commands, refer to the Prisma SD-WAN ION Device CLI
Reference.