09-04-2011 09:20 PM
Hi All,
Having a few UI issues at the moment. One being the fact that I have a subnet that I need to find some available/unused IPs to allocate. I go via Objects->Addresses and search via the subnet 10.10.10.x. This then shows me a list of used IPs but they don't seem to be in a specific order and I can't seem to find a way to sort these IPs numerically.
Am I missing something here ? Shouldn't something this basic be straighforward or am I having a cause of Mondayitis ?
09-04-2011 09:26 PM
perhaps you could use the traffic log to search for (addr in 10.10.10.0/24). export the result and then sort it in excel.
or better yet use grep/awk/sed/perl to pull each unique IP and the number of times that IP is seen.
-Benjamin
09-04-2011 09:42 PM
Hi Benjamin, thanks for the feedback.
Surely there must be a simplier approach than what you have described ? I should have specified that the subnet that I want to check availabiltiy for is a external facing subnet ( public IPs ) that are all NATed on our firewall. i.e. Website hosted behind our firewall.
Why must I examine the traffic logs for this and NOT looking at the actual address objects ? Seems a bit counter-intutive to me.
09-04-2011 09:46 PM
@dpenhall:
I was just suggesting one possible approach to solving the problem after taking a quick look at the parameters you laid out.
I agree that my approach is certainly a workaround for solving the problem that you describe. I'm going to re-read your two postings to this thread and see if I can find a proper solution in our lab.
Benjamin
09-04-2011 10:47 PM
I hate to say this, but it appears that the list is sorted alphabetically and you cannot modify the sort order (tested on PAN-OS 4.0.4).
I would suggest talking to your sales team and have them file a feature request to allow the sorting of IP address objects based upon name or IP address
-Benjamin
09-04-2011 10:55 PM
Another solution in the short term:
on the command line to get a list of address objects sorted by IP address:
set cli config-output-format set
configure
show address
This will give you a list sorted by IP address:
set address test11 ip-netmask 1.1.1.2
set address abcd ip-netmask 1.1.1.3
-Benjamin
09-04-2011 11:15 PM
Hi Ben,
Excellent, thanks for that. Exactly the work around I need. I will forward the suggestion on via the correct channels.
Daniel
Edit: No actually. That doesnt work.Used on Panorama version 4.x
u318125@PA-Panorama-UAT> set cli config-output-format set
u318125@PA-Panorama-UAT> configure
Entering configuration mode
[edit]
u318125@PA-Panorama-UAT# show shared address
set shared address Gbl_nfwtn01 ip-netmask 10.49.254.242/32
set shared address Gbl_nfwtx01 ip-netmask 10.254.6.242/32
set shared address Gbl_srv-dmzn-msecdrf01 ip-netmask 192.168.125.201/32
set shared address Gbl_srv-dmzn-msecprd01 ip-netmask 192.168.125.200/32
set shared address PBNEPLKAPP4001 ip-netmask 10.70.169.161/32
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
