How do you debug policy match issues using the CLI in palo alto firewall

Paloalto Firewall

Last Post by kajal 18 hours ago

1 Posts

1 Users

0 Reactions

11 Views

RSS

kajal

(@kajal)

Posts: 312

Reputable Member

Topic starter

test security-policy-match

This command simulates traffic (without generating real packets) and tells you exactly which policy rule would match that traffic, along with the action taken.

test security-policy-match source <source-ip> destination <destination-ip> protocol <protocol> destination-port <port>


Optional Parameters

from <zone> – Source zone

to <zone> – Destination zone

application <app-name> – Optional

category <url-category> – Optional

Posted : 27/10/2025 10:59 pm

Forum Icons: Forum contains no unread posts Forum contains unread posts

Topic Icons: Not Replied Replied Active Hot Sticky Unapproved Solved Private Closed