>
    inspect network-policy conflicts
    Focus
    Download PDF
    Focus
    1. Home
    2. Prisma
    3. Prisma SD-WAN
    4. Use CLI Commands
    5. Inspect Commands
    6. inspect network-policy conflicts
    Download PDF

    inspect network-policy conflicts

    Table of Contents

    inspect network-policy conflicts

    Use the inspect network-policy conflict command to inspect the conflicting network policy rules. A configuration conflict occurs when multiple rules have the same classification criteria in common such that it is ambiguous as to which rule should be chosen.

    Command

    inspect network-policy conflicts

    Options

    None

    Command Notes

    RoleSuper, Read Only
    Related Commands
    Introduced in Release 5.0.1

    Example

    inspect network-policy conflicts
				       Network Policy Rule : 15311157630600173 : C-1
				       Policy Set : 15282771307010195 : Policy Set-1
				       Stack Index | Order Number: 0 | 1024
				       Source Prefix : 15272331126400047 : EnterpriseGlobalPrefix
				       Destination Prefix : 15311156874260255 :
				       Application Id : 15186805682900053 : adobeconnect
				       Network_Context Id : none
				       Source :          Destination :     Conflicting Policy
				       192.168.0.0/16 :  0.0.0.0/0 :       15311158615700214 : C-2
				       172.16.0.0/12 :   0.0.0.0/0 :       15311158615700214 : C-2
				       10.0.0.0/8 :      0.0.0.0/0 :       15311158615700214 : C-2
				
				       Network Policy Rule : 15311158615700214 : C-2
				       Policy Set : 15282771307010195 : Policy Set-1
				       Stack Index | Order Number: 0 | 1024
				       Source Prefix : 15272331126400047 : EnterpriseGlobalPrefix
				       Destination Prefix : 15311158461310162 :
				       Application Id : 15186805682900053 : adobeconnect
				       Network_Context Id : none
				       Source :         Destination :   Conflicting Policy
				       192.168.0.0/16 : 0.0.0.0/0 :     15311157630600173 : C-1
				       172.16.0.0/12 :  0.0.0.0/0 :     15311157630600173 : C-1
				       10.0.0.0/8 :     0.0.0.0/0 :     15311157630600173 : C-1
    inspect network-policy conflicts
Network Policy Rule 	:   1664343200310006628 : match icmp                   
  Policy Set        	:   1662009498094024828 : test user-id                 
  Stack Index | Order Number:  0 | 1024
  Source Prefix     	:   1658477619909015028 : Branch 1 Lan client          
  Destination Prefix	:  none
  Users             	: UserGroups        	:
                        : CN=engineering,DC=sdwanamsteltest,DC=onmicrosoft,DC=com           :
                        : CN=sales,DC=sdwanamsteltest,DC=onmicrosoft,DC=com                 :
  Application Id    	:   1658139887050014528 : icmp                         
  Network_Context Id	:  none
  Source            	: Destination       	: Conflicting Policy 
  10.1.1.2/32       	: 0.0.0.0/0         	: 1664346696667006328   : match icmp duplicate         
 
Network Policy Rule 	:   1664346696667006328 : match icmp duplicate         
  Policy Set        	:   1662009498094024828 : test user-id                 
  Stack Index | Order Number:  0 | 1024
  Source Prefix     	:   1664346663085024328 : Branch 1 Lan client duplicate
  Destination Prefix	:  none
  Application Id    	:   1658139887050014528 : icmp                         
  Network_Context Id	:  none
  Source            	: Destination       	: Conflicting Policy 
  10.1.1.2/32       	: 0.0.0.0/0         	: 1664343200310006628   : match icmp

    © 2024 Palo Alto Networks, Inc. All rights reserved.