Paloalto general notes or best practices
From Notes_Wiki
Home > Enterprise security devices or applications > Paloalto firewall > [[Paloalto general notes or best practices]]
Add /32 netmask for a single IP
Adding netmask eg /32 for a single IP is important. Without this the policy / rule may get accepted and committed but does not works unless we add /32 netmask. This should be followed for all address objects without fail.
PA firewall interface MAC address
We cant get interface MAC via GUI. To know MAC of a firewall interface use:
- SSH to firewall and use
- Use show interface command. For example:
- show interface ethernet1/3
- The output would have MAC address such as:
- MAC address:
- Port MAC address c8:29:c8:97:b4:12
Home > Enterprise security devices or applications > Paloalto firewall > Paloalto general notes or best practices
