I am looking for cli command to see all the details related to ipsec tunnels configured on the gateway. I need information related to tunnel id, peer ip and their status. Is there any command available ? I can see details under gui but i cant see tunnel id.
Please help on this. Thank you.
One of the best think I love with Palo Alto is the "find command".
If you know what you want to execute, but not sure what is the full correct command you can always run find:
> find command keyword <value> CLI keyword > find command keyword vpn <shortened> show vpn gateway name <value> show vpn gateway match <value> show vpn tunnel name <value> show vpn tunnel match <value> show vpn ike-sa gateway <value> show vpn ike-sa match <value> show vpn ike-sa detail gateway <value> show vpn ike-hashurl show vpn ipsec-sa tunnel <value> show vpn ipsec-sa match <value> show vpn ipsec-sa summary show vpn flow name <value> show vpn flow tunnel-id <1-65535> <shortened>
You can use the find command in user and configure mode. If you run it in configure mode it will show you the set commands that contain your keyword
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!