This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About Eric.Nelson
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About Eric.Nelson
08-29-2016
3Posts
0Likes
0Solutions
Aug 29, 2016Last Visited
User
Activity
User
Profile
Latest posts by Eric.Nelson
| Subject | Views | Posted |
|---|---|---|
| 2928 | 07-05-2016 09:50 AM | |
| 2943 | 07-01-2016 08:02 AM | |
| 2951 | 06-30-2016 01:00 PM |
Posts I Liked
| Subject | Likes | Author | Latest Post |
|---|---|---|---|
| 3 Likes |
User Badges
Community Statistics
| Member Since | 06-30-2016 12:36 PM |
| Date Last Visited | 08-29-2016 11:09 AM |
| Posts | 3 |
07-05-2016
09:50 AM
Bug confirmed for this behavor. Bug 99349 - VPN test\reset command no longer produces an error when an invalid tunnel is specified I'll update the thread as I get more informaiton.
... View more
07-01-2016
08:02 AM
Thanks for confirming! I'll open a case. And thanks for panxapi!
... View more
06-30-2016
01:00 PM
I have a need to automate issuing test and clear commands to IPSEC vpn tunnels and gateways. This seems very straight forward using panxapi or curl. The concern I have is that there does not seem to be any checking that the tunnel exists. When you issue the command to test/clear from the CLI and you specify a bad name it errors out. When you do the same with panxapi or curl you get a success no matter what. My concerns: Is this a bug or expected behavior? If you issue test/clear without specifying a name on the CLI it will issue the command to ALL tunnels (this seems broken to me) , if I issue an api call with a bad tunnel name what is the behavior? Reset everything? error out on the back end? Example calls : panxapi: C:\Users\me>panxapi -h <IP> -K "<key>" -xr -o "<test><vpn><ipsec-sa><tunnel>GOOD_NAME</tunnel></ipsec-sa></vpn></test>" op: success <member>Initiate 0 IPSec SA for tunnel GOOD_NAME. </member> C:\Users\me>panxapi -h <IP> -K "<key>" -xr -o "<test><vpn><ipsec-sa><tunnel>BAD_NAME</tunnel></ipsec-sa></vpn></test>" op: success <member>Initiate 0 IPSec SA for tunnel BAD_NAME. </member> curl: curl 'https://<IP>/api/?type=op&cmd=<clear><vpn><ipsec-sa><tunnel>GOOD_NAME</tunnel></ipsec-sa></vpn></clear>&key=<KEY> <response status="success"><result> <member>Clear IPSec SA for tunnel GOOD_NAME: 0 IKEv1 SA, 0 IKEv2 SA. </member> curl 'https://<IP>/api/?type=op&cmd=<clear><vpn><ipsec-sa><tunnel>BAD_NAME</tunnel></ipsec-sa></vpn></clear>&key=<KEY> <response status="success"><result> <member>Clear IPSec SA for tunnel BAD_NAME: 0 IKEv1 SA, 0 IKEv2 SA. </member> Lastly, where can I find the logs for all this stuff? Thanks !
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
08-29-2016
11:09 AM
|
Latest Tags
No tags yet
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks