I am trying to find a range by DMZ. For example in ASA we can show-
show route | inc 10.10.10
and it will show the DMZ where that route belong.
Is there a way to find that in PAN OS 7.1?
Solved! Go to Solution.
The Palo Alto Networks firewall is zone based, this means routes are subordinate to zones and not directly related
so the first thing you could do is
> show routing route | match 10.0.0
to find the interface associated to the subnet you are looking for, then do
> show interface ethernet1/X | match Zone (capital Z)
reaper@myNGFW> show routing route | match 10.0.0 10.0.0.0/24 10.0.0.1 0 A C ethernet1/11 reaper@myNGFW> show interface ethernet1/11 | match Zone Zone: trust, virtual system: vsys3
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!