Using this technique, even MAC OS X, Apple iOS, Linux/UNIX client systems that don't directly authenticate to Microsoft Active Directory can be discovered and identified. Novell eDirectory: User-ID can query and monitor logon information to identify users and group memberships via standard LDAP queries on the Novell eDirectory servers.
Overview
This document describes how to display interface MAC addresses.
Details
The various CLI commands provided below, will display the MAC addresses of the Palo Alto Network interfaces including an HA cluster.
For example to display the MACs for all interfaces on the Palo Alto Networks:
> show interface all
total configured hardware interfaces: 15 name id speed/duplex/state mac address ------------------------------------------------------------------------------- ethernet1/1 16 1000/full/up 00:1b:17:05:2c:10 ethernet1/2 17 1000/full/up 00:1b:17:05:2c:11 ethernet1/3 18 unknown/unknown/down 00:1b:17:00:0b:12 ethernet1/4 19 unknown/unknown/down 00:1b:17:00:0b:13 ethernet1/5 20 1000/full/up 00:1b:17:00:0b:14 ethernet1/6 21 1000/full/up 00:1b:17:00:0b:15 ethernet1/7 22 unknown/unknown/down 00:1b:17:00:0b:16 ethernet1/8 23 100/full/up 00:1b:17:00:0b:17 ethernet1/9 24 100/full/up 00:1b:17:00:0b:18 ethernet1/10 25 100/full/up 00:1b:17:00:0b:19 ethernet1/11 26 unknown/unknown/down 00:1b:17:00:0b:1a ethernet1/12 27 unknown/unknown/down 00:1b:17:00:0b:1b vlan 1 [n/a]/[n/a]/up 00:1b:17:00:0b:01 loopback 3 [n/a]/[n/a]/up 00:1b:17:00:0b:03 tunnel 4 [n/a]/[n/a]/up 00:1b:17:00:0b:04
total configured logical interfaces: 21
To display an individual interface indicate the specific interface in the following command:
> show interface ethernet1/1
For example:
> show interface ethernet1/1
-------------------------------------------------------------------------------
Name: ethernet1/1, ID: 16 Link status: Runtime link speed/duplex/state: 1000/full/up Configured link speed/duplex/state: auto/auto/up MAC address: Port MAC address 00:1b:17:05:2c:10 Operation mode: ha ------------------------------------------------------------------------------- Name: ethernet1/1, ID: 16 Operation mode: ha Interface IP address: 2.2.2.2/24 Interface management profile: N/A Service configured: Zone: N/A, virtual system: N/A
-------------------------------------------------------------------------------
Physical port counters read from MAC: ------------------------------------------------------------------------------- rx-broadcast 0
The following command displays the MAC addresses of an HA cluster:
> show high-availability state
For example:
Mac Os X Palo Alto Send Portal Info For Reconnection Service
> show high-availability state
Group 1:
Local Information:
Version: 1
![]()
State: active
Priority: 200
Preemptive: False
Platform Model: PA-4050
Version information:
Build Release: 3.0.5
URL Database: 3233
Application Content: 160-463
Threat Content: 160-463
VPN Client Software: 1.0.2
Passive Hold Interval: 10 ms
Passive Link State: auto
Hello Message Interval: 1000 ms
Management IP Address: 10.30.14.7; netmask: 255.255.255.0
HA1 IP Address: 1.1.1.2; netmask: 255.255.255.0
HA1 MAC Address: 00:30:48:5d:45:f7
HA1 encryption enabled: False
HA2 MAC Address: 00:1b:17:01:18:06
Running Configuration: synchronized
State Synchronization: synchronized
Application Content Compatibility: Match
Threat Content Compatibility: Match
VPN Client Software Compatibility: Match
Peer Information:
Connection status: up
Version: 1
State: passive
Priority: 1
Preemptive: False
Platform Model: PA-4050
Version information:
Build Release: 3.0.5
URL Database: 3233
Application Content: 160-463
Threat Content: 160-463
VPN Client Software: 1.0.2
Management IP Address: 10.30.14.6
Mac Os X Palo Alto Send Portal Info For Reconnection Business
HA1 IP Address: 1.1.1.1
HA1 MAC Address: 00:30:48:5d:0c:c1
HA2 MAC Address: 00:1b:17:01:14:06
On the L3 interfaces, the MAC address listed for an interface using the command show interface all for an HA cluster are the VMAC.
The format of the virtual MAC is 00-1B-17:00: xx: yy where
The following CLI command displays VMAC and VIP for Active-Active HA cluster:
> show high-availability virtual-address
For example:
> show high-availability virtual-address
Total interfaces with virtual address configured: 2
Total virtual addresses configured: 2 -------------------------------------------------------------------------------- Interface: ethernet1/1 Virtual MAC: 00:1b:17:00:05:10 Virtual MAC from the peer: 00:1b:17:00:85:10 107.204.232.53 Active:yes Type:floating -------------------------------------------------------------------------------- Interface: ethernet1/6 Virtual MAC: 00:1b:17:00:05:15 Virtual MAC from the peer: 00:1b:17:00:85:15 192.168.90.1 Active:yes Type:floating --------------------------------------------------------------------------------
The following CLI command displays VMAC for Active-Passive HA cluster:
> show interface all
ethernet1/5 20 1000/full/up 00:1b:17:00:0b:14
In the above output example, HA Group ID = 0b Hex (11 Decimal) and Interface ID = 14 Hex (20 Decimal).
Note: The MAC addresses of the HA1 interfaces, which are on the control plane and synchronize the configuration of the devices are unique. The MAC addresses of the HA2 interfaces, which are on the data plane and synchronize the active sessions mirror each other.
Mac os x lion skin pack for windows 10. owner: gcapuno
Comments are closed.
|
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |