Helpful Palo Alto console commands

12/10/20241 min read

To unset xml output to general text output

set cli config-output-format set

Enter configuration mode

configure

Get all interface configurations while in config mode

run show interface all

Get specific interface configuration such as the management interface

run show interface management

Apply IP address, subnet mask and gateway configurations to the system

set deviceconfig system ip-address x.x.x.x

set deviceconfig system netmask 255.255.x.x

set deviceconfig system default-gateway x.x.x.x

commit

To view the device configurations

show | match deviceconfig

Also turn off DHCP so that the system uses the static IPs configured

delete deviceconfig system type dhcp-client

Commit

Clear sessions on data plane

debug dataplane packet-diag clear filter-marked-session all

Capture delta on traffic after setting up packet capture filter

show counter global filter packet-filter yes delta yes

View ARP table

show arp <choose interface e.g all or management>

Updating dynamic objects, first view the current configuration with this command

show object dynamic-address-group all

Then update the IP to the desired address using this command

debug object registered-ip test register tag <name of cloud tag> ip <IP address to use/32>

To remove a pre-existing registered IP use the unregister syntax

debug object registered-ip test unregister tag <name of cloud tag> ip <IP address to remove/32>