Output: port 17 or interface 17
Resolve: show interfaces all and check the coloum “id”
Example:
admin@firewall-a> show interface all
total configured hardware interfaces: 8
name id speed/duplex/state mac address
--------------------------------------------------------------------------------
ethernet1/1 16 10000/full/up 00:50:56:bb:73:01
ethernet1/2 17 10000/full/up 00:50:56:bb:73:02
ethernet1/3 18 10000/full/up 00:50:56:bb:73:03
ethernet1/4 19 10000/full/up 00:50:56:bb:73:04
ethernet1/5 20 10000/full/up 00:50:56:bb:73:05
ethernet1/6 21 10000/full/up 00:50:56:bb:73:06
ethernet1/7 22 10000/full/up 00:50:56:bb:73:07
tunnel 4 [n/a]/[n/a]/up 7c:89:c2:20:81:04Output: zone 3
Resolve: debug device-server dump idmgr type zone all and check the coloum “ID”
Example:
admin@firewall-a> debug device-server dump idmgr type zone all
ID Version Name
---------- ---------- --------------------
1 4 vsys1+outside
2 4 vsys1+inside
3 4 vsys1+dmz
4 4 vsys1+danger
5 6 vsys1+Internet
6 6 vsys1+Users_Net
7 6 vsys1+DataCentre
8 6 vsys1+Acquisition
9 6 vsys1+Guest_Wifi
10 6 vsys1+DC-VPN
Type: 12 Last id: 11 Current Version: 6 Mismatch cnt: 0Output: Policy lookup, matched rule index 0,
Resolve: show running security-policy | match “\{“ . The debug output starts with 0 and the webui with 1!
Example:
admin@firewall-a> show running security-policy | match "\{"
"Block-from-Known-Bad-Addresses; index: 1" { <-- 0
"Internet_to_DC_Webserver; index: 2" {. <-- 1
"Block-to-Known-Bad-Addresses; index: 3" {. <-- 2
"Block-Bad-Apps; index: 4" { <-- 3
"Allow-PANW-Apps; index: 5" { <-- 4
"Software_Updates; index: 6" { <-- 5
"Real-time-Protocols_to_Internet; index: 7" {. <-- 6