Latest

Prisma SD-WAN ION CLI Command Reference

Prisma SD-WAN ION CLI Command Reference

There are useful commands for the Palo Alto Prisma SDWAN ION CLI devices. As you already knew that Palo Alto Networks Prisma SD-WAN solution which was formerly knows as CloudGenix SD-WAN solution has key components and these key components are Controller, ION Devices and ION Fabric.

Fig 1.1- Prisma SDWAN

Purpose of the controller
With the help of the Prisma SDWAN controller, you can centralizes routing policies and builds a network with multiple WAN paths. The path use various kind of links like MPLS, VPLS, Internet and so on.

Automation is the main game changer in SDWAN solution, So with the controller, we can push WAN configuration to ION devices at a branch or data center through APIs. It gives you a centralized point of administration for policy as well as application with rich network analytics.

Third main parameter is security, so with this controller, so it enables secure, automated virtual private network (VPN) tunnels through zero touch provisioning.

ION Fabric
ION Fabric is the overlay mesh of ION devices in an hybrid WAN environment. The traffic flow within the ION fabric across ION devices are IPSEC traffic encrypted with AES-256.

ION Devices
Prisma SDWAN which was earlier known as CloudGenix SDWAN has the customer edge device named as "ION device". These ION devices capable of adding WAN networks such as MPLS, LTE and internet links into a single high-performance hybrid WAN infrastructure. ION device can be a physical or virtual device that serves as a forwarding x86 commodity-based element at a branch.

Prisma SDWAN ION Clear commands

  • clear app-engine
  • clear app-map dynamic
  • clear app-probe prefix
  • clear connection
  • clear dhcplease
  • clear dhcprelay stat
  • clear flow
  • clear flow-arp
  • clear qos-bwc queue-snapshot
  • clear routing multicast statistics
  • clear routing peer-ip
Prisma SDWAN config Commands

  • config banner
  • config bypass pair interface delete
  • config cellular modem
  • config controller cipher
  • config interface
  • config static host

Prisma SDWAN ION interface commands

  • dump dpdk interface
  • dump interface config
  • dump interface status
  • dump interface status interface details
  • dump interface status interface module
  • dump routing multicast interface
  • dump waninterface config
  • dump waninterface summary 

Prisma SDWAN ION routing commands

  • dump routing aspath-list
  • dump routing cache
  • dump routing communitylist
  • dump routing multicast config
  • dump routing multicast igmp
  • dump routing multicast interface
  • dump routing multicast internal vif-entries
  • dump routing multicast mroute
  • dump routing multicast pim
  • dump routing multicast sources
  • dump routing multicast statistics
  • dump routing multicast status
  • dump routing peer advertised routes
  • dump routing peer config
  • dump routing peer received-routes
  • dump routing peer route-json
  • dump routing peer routes
  • dump routing peer status
  • dump routing prefixlist
  • dump routing prefix-reachability
  • dump routing route
  • dump routing routemap
  • dump routing running-config
  • dump routing summary
  • dump routing static-route reachability-status
  • dump routing static-route config

Other Commands for Prisma ION devices

  • dump security-policy config policy-rules
  • dump security-policy config policy-set-stack
  • dump security-policy config policy-set
  • dump security-policy config prefix-filters
  • dump security-policy config zones
  • dump sensor type
  • dump sensor type summarize
  • dump serviceendpoints
  • dump servicelink summary
  • dump servicelink stats
  • dump servicelink status
  • dump site config
  • dump snmpagent config
  • dump snmpagent status
  • dump software status
  • dump spoke-ha config
  • dump spoke-ha status
  • dump standing alarms
  • dump static-arp config
  • dump static host config
  • dump static routes
  • dump support details
  • dump syslog config
  • dump syslog-rtr stats
  • dump syslog status
  • dump time config
  • dump time log
  • dump time status
  • dump troubleshoot message
  • dump vpn count
  • dump vpn ka all
  • dump vpn ka summary
  • dump vpn ka VpnID
  • dump vpn status
  • dump vpn summary
  • dump ipfix config collector-contexts
  • dump ipfix config filter-contexts
  • dump ipfix config derived-exporters
  • dump ipfix config templates
  • dump ipfix config ipfix-overrides
  • dump ipfix config profiles
  • dump ipfix config prefix-filters
  • dump lldp
  • dump nat counters
  • dump nat summary
  • dump network-policy config policy-rules
  • dump network-policy config policy-sets
  • dump network-policy config policy-stacks
  • dump network-policy config prefix-filters
  • dump overview
  • dump priority-policy config policy-rules
  • dump priority-policy config policy-sets
  • dump priority-policy config policy-stacks
  • dump priority-policy config prefix-filters
  • dump qos-bwc config
  • dump reachability-probe config
  • dump reachability-probe status
  • dump appdef config
  • dump appdef version
  • dump app-engine
  • dump app-l4-prefix table
  • dump app-probe config
  • dump app-probe flow
  • dump app-probe prefix
  • dump app-probe status
  • dump auth config
  • dump auth status
  • dump banner config
  • dump bfd status
  • dump bypass-pair config
  • dump cellular config
  • dump cellular stats
  • dump cellular status
  • dump cgnxinfra status
  • dump cgnxinfra status live
  • dump cgnxinfra status store
  • dump config network
  • dump config security
  • dump controller cipher
  • dump controller status
  • dump device accessconfig
  • dump device conntrack count
  • dump device date
  • dump device info
  • dump device status
  • dump dhcp-relay config
  • dump dhcprelay stat
  • dump dhcp-server config
  • dump dhcp-server status
  • dump dhcpstat
  • dump dnsservice config all
  • dump dpdk cpu
  • dump dpdk interface
  • dump dpdk port status
  • dump dpdk stats
  • dump flow count-summary
  • dump interface config
  • dump interface status
  • dump interface status interface details
  • dump interface status interface module
  • dump ipfix config collector-contexts
  • dump ipfix config filter-contexts
  • dump ipfix config derived-exporters
  • dump ipfix config templates
  • dump ipfix config ipfix-overrides
  • dump ipfix config profiles
  • dump ipfix config prefix-filters
  • dump lldp
  • dump nat counters
  • dump nat summary
  • dump network-policy config policy-rules
  • dump network-policy config policy-sets
  • dump network-policy config policy-stacks
  • dump network-policy config prefix-filters
  • dump overview
  • dump priority-policy config policy-rules
  • dump priority-policy config policy-sets
  • dump priority-policy config policy-stacks
  • dump priority-policy config prefix-filters
  • dump qos-bwc config
  • dump reachability-probe config
  • dump reachability-probe status
Prisma SDWAN ION Debug Commands
  • arping interface
  • curl
  • ping
  • ping6
  • debug bounce interface
  • debug bw-test src-interface
  • debug cellular stats
  • debug controller reachability
  • debug dnsservice logqueries
  • debug flow
  • debug ipfix
  • debug logging facility
  • debug logs dump
  • debug logs follow
  • debug logs tail
  • debug process
  • debug reboot
  • debug routing multicast log
  • debug routing multicast pimd
  • debug servicelink logging
  • debug tcpproxy
  • debug time sync
  • dig dns
  • file export capture
  • file remove
  • file space available
  • file tailf log
  • file view log
  • ssh interface
  • ssh6 interface
  • tcpdump
  • tcpping
  • traceroute
  • traceroute6