How do you debug policy match issues using the CLI in palo alto firewall - Paloalto Firewall https://www.hacktheforum.com/paloalto-firewall/how-do-you-debug-policy-match-issues-using-the-cli-in-palo-alto-firewall/ Hack The Forum Discussion Board en Sun, 17 May 2026 00:25:06 +0000 wpForo 60 How do you debug policy match issues using the CLI in palo alto firewall https://www.hacktheforum.com/paloalto-firewall/how-do-you-debug-policy-match-issues-using-the-cli-in-palo-alto-firewall/#post-19902 Mon, 27 Oct 2025 17:29:36 +0000 test security-policy-match

This command simulates traffic (without generating real packets) and tells you exactly which policy rule would match that traffic, along with the action taken.

test security-policy-match source <source-ip> destination <destination-ip> protocol <protocol> destination-port <port>


Optional Parameters

from <zone> – Source zone

to <zone> – Destination zone

application <app-name> – Optional

category <url-category> – Optional

 

]]> Paloalto Firewall kajal https://www.hacktheforum.com/paloalto-firewall/how-do-you-debug-policy-match-issues-using-the-cli-in-palo-alto-firewall/#post-19902