Focus

Prisma SD-WAN ION CLI Reference

inspect network-policy conflicts

Table of Contents

inspect network-policy conflicts

Use the inspect network-policy conflict command to inspect the conflicting network policy rules. A configuration conflict occurs when multiple rules have the same classification criteria in common such that it is ambiguous as to which rule should be chosen.

Command

inspect network-policy conflicts

Options

None

Command Notes

Role	Super, Read Only
Related Commands
Introduced in	Release 5.0.1

Example

inspect network-policy conflicts
Network Policy Rule 	:   1664343200310006628 : match icmp                   
  Policy Set        	:   1662009498094024828 : test user-id                 
  Stack Index | Order Number:  0 | 1024
  Source Prefix     	:   1658477619909015028 : Branch 1 Lan client          
  Destination Prefix	:  none
  Users             	: UserGroups        	:
                        : CN=engineering,DC=sdwanamsteltest,DC=onmicrosoft,DC=com           :
                        : CN=sales,DC=sdwanamsteltest,DC=onmicrosoft,DC=com                 :
  Application Id    	:   1658139887050014528 : icmp                         
  Network_Context Id	:  none
  Source            	: Destination       	: Conflicting Policy 
  10.1.1.2/32       	: 0.0.0.0/0         	: 1664346696667006328   : match icmp duplicate         
 
Network Policy Rule 	:   1664346696667006328 : match icmp duplicate         
  Policy Set        	:   1662009498094024828 : test user-id                 
  Stack Index | Order Number:  0 | 1024
  Source Prefix     	:   1664346663085024328 : Branch 1 Lan client duplicate
  Destination Prefix	:  none
  Application Id    	:   1658139887050014528 : icmp                         
  Network_Context Id	:  none
  Source            	: Destination       	: Conflicting Policy 
  10.1.1.2/32       	: 0.0.0.0/0         	: 1664343200310006628   : match icmp

inspect memory summary

inspect network-policy dropped