Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
89
Views
0
Helpful
1
Replies

IR1101 Policy Firewall

Daniel Smith
Level 1
Level 1

‎11-05-2024 06:46 AM

We have 1000's of CGR 2010s in service, but now seeing the IR1101 in some roles. We have policy-firewall on both platforms.

To see sessions on CGR, I use:  show policy-firewall session | inc Session  <to filter out the uptime and bytes details.

On the IR1101, the same 'show policy-firewall' command is there, but deviate quickly from that used on the CGR.

txduartedgsub#show policy-firewall sessions platform ?
all detailed information
destination-port Destination Port Number
detail detail on or off
icmp Protocol Type ICMP
imprecise imprecise information
session session information
source-port Source Port
source-vrf Source Vrf ID
standby standby information
tcp Protocol Type TCP
udp Protocol Type UDP
v4-destination-address IPv4 Desination Address
v4-source-address IPv4 Source Address
v6-destination-address IPv6 Desination Address
v6-source-address IPv6 Source Address
| Output modifiers
<cr>

 

Just looking for all sessions up between all zones....thanks in advance.

Labels:
0 Helpful
1 Reply 1

rose987monor
Level 1
Level 1

‎11-13-2024 03:36 AM - edited ‎11-13-2024 08:10 PM

Hello,

The show policy-firewall command syntax differences you're seeing on the IR1101 are due to platform-specific variations in the command structure and available filtering options.

On the IR1101, the show policy-firewall sessions command provides extended filtering options. To view only session details and filter out unnecessary information like uptime and byte details, you can try the following commands:

Basic Session Information:

bash
txduartedgsub# show policy-firewall sessions platform session
This focuses on session details without the extra information.

Further Filtering Using Output Modifiers: If you only want to see specific details, such as session numbers or summary data, you can use | include to filter for keywords. For example:

bash
txduartedgsub# show policy-firewall sessions platform session | include Session
This should narrow down the output to lines containing "Session."

Detail Level Adjustment: If the basic session information still includes too much detail, try adjusting the detail level with detail on or detail off. You might also use specific options like source-port or destination-port if       Securly Loginyou're looking to filter by certain connection criteria.

By using these command options on the IR1101, you should be able to approximate the session data view you're used to on the CGR 2010. Let me know if you need further filtering tips!
Best Regards
rose987monor

0 Helpful
Customers Also Viewed These Support Documents