Difference between revisions of "Paloalto general notes or best practices"
From Notes_Wiki
(Created page with "Home > Enterprise security devices or applications > Paloalto firewall > Paloalto general notes or best practices =Add /32 netmask for a single IP= Adding netmask eg /32 for a single IP is important. Without this the policy / rule may get accepted and committed but does not works unless we add /32 netmask. This should be followed for all address objects without fail. Home > Enterprise security devices or applications >...") |
m |
||
| Line 5: | Line 5: | ||
Adding netmask eg /32 for a single IP is important. Without this the policy / rule may get accepted and committed but does not works unless we add /32 netmask. This should be followed for all address objects without fail. | Adding netmask eg /32 for a single IP is important. Without this the policy / rule may get accepted and committed but does not works unless we add /32 netmask. This should be followed for all address objects without fail. | ||
=PA firewall interface MAC address= | |||
We cant get interface MAC via GUI. To know MAC of a firewall interface use: | |||
# SSH to firewall and use | |||
# Use show interface command. For example: | |||
#:<pre> | |||
#:: show interface ethernet1/3 | |||
#:</pre> | |||
#: The output would have MAC address such as: | |||
#::<pre> | |||
#::: MAC address: | |||
#::: Port MAC address c8:29:c8:97:b4:12 | |||
#::</pre> | |||
[[Main_Page|Home]] > [[Enterprise security devices or applications]] > [[Paloalto firewall]] > [[Paloalto general notes or best practices]] | [[Main_Page|Home]] > [[Enterprise security devices or applications]] > [[Paloalto firewall]] > [[Paloalto general notes or best practices]] | ||
Latest revision as of 06:21, 8 September 2023
Home > Enterprise security devices or applications > Paloalto firewall > [[Paloalto general notes or best practices]]
Add /32 netmask for a single IP
Adding netmask eg /32 for a single IP is important. Without this the policy / rule may get accepted and committed but does not works unless we add /32 netmask. This should be followed for all address objects without fail.
PA firewall interface MAC address
We cant get interface MAC via GUI. To know MAC of a firewall interface use:
- SSH to firewall and use
- Use show interface command. For example:
- show interface ethernet1/3
- The output would have MAC address such as:
- MAC address:
- Port MAC address c8:29:c8:97:b4:12
Home > Enterprise security devices or applications > Paloalto firewall > Paloalto general notes or best practices
