Prisma SD-WAN ION CLI Reference
    : dump security-policy config policy-rules
    Focus
    Download PDF
    Focus
    1. Home
    2. Prisma
    3. Prisma SD-WAN
    4. Prisma SD-WAN ION CLI Reference
    5. Use CLI Commands
    6. Dump Commands
    7. dump security-policy config policy-rules
    Download PDF

    Prisma SD-WAN ION CLI Reference

    dump security-policy config policy-rules

    Table of Contents

    dump security-policy config policy-rules

    Use the
    dump security-policy config policy-rules
     command to display the security policy rule configuration for a device.
    Information displayed includes the security policy rule name, action, state, source zone ids, destination zone ids, and application definition ids.

    Command

    dump security-policy config policy-rules ( all | policy-rule=
				
    policy-rule name
     | application=
				
    application definition name
     | source-zone=
				
    source zone name
     | dest-zone=
				
    destination zone name
     | action= (allow | deny | reject) | state=( enabled | disabled ))+ ]

    Options

    all
    Enter all to display configuration of all security policy rules on the device.
    application
    Enter an application name to display policy rules for the application.
    source-zone
    Enter the source zone to display configuration of security policy rules for the source zone.
    dest-zone
    Enter the destination zone to display configuration of security policy rules for the destination zone.
    action
    Enter allow to display configuration for those security policy rules where the action is set to allow.
    Enter deny to display configuration for those security policy rules where the action is set to deny.
    Enter reject to display configuration for those security policy rules where the action is set to reject.
    policy-rule
    Enter an application definition policy rule name to display information for the policy rule.
    state
    Enter enabled to display configuration for those security policy rules where the state is set to enabled.
    Enter disabled to display configuration for those security policy rules where the state is set to disabled.

    Command Notes

    Role
    Super, Read Only, Monitor
    Related Commands
    dump security-policy config policy-sets
    Introduced in
    Release 4.5.1

    Example

    dump security-policy config policy-rules policy-rule=branch-zbfw_rule1

Security Policy Rule ID		: 1675995765132024696
Security Policy Rule Name	: branch-zbfw_rule1
Action				: allow
Rule-Type			: custom
Enabled				: true
Source Zones :
     1675995054995018796: branch1_lan_zone
Destination Zones :
     1675995069171003096: branch1_vpn_zone
Applications :
        ANY
Source Prefix Filters :
     1675995350736002196: branch_lan1
Destination Prefix Filters :
     1675995723718016196: branch_hub_prefix
Users :
        ANY
UserGroups :
        ANY
Services :
        ANY
    dump security-policy config policy-rules user="1674636535551002128"
 
Security Policy Rule ID     	: 1675969523166013128
Security Policy Rule Name   	: Test 1
Action                      	: allow
Rule-Type                   	: custom
Enabled                     	: true
Source Zones :
        ANY
Destination Zones :
        ANY
Applications :
        ANY
Source Prefix Filters :
        ANY
Destination Prefix Filters :
        ANY
Users :
     1674636535551002128: None
UserGroups :
        NONE
Services :
        ANY

    Recommended For You

    © 2024 Palo Alto Networks, Inc. All rights reserved.