Show deviceconfig system dns-setting
dns-setting {
servers {
primary 192.168.11.1;
secondary 8.8.8.8;
}
}
[edit]
show deviceconfig
deviceconfig {
system {
ip-address 192.168.11.11;
netmask 255.255.255.0;
update-server updates.paloaltonetworks.com;
update-schedule {
threats {
recurring {
hourly {
at 5;
action download-and-install;
}
threshold 3;
}
}
anti-virus {
recurring {
hourly {
at 35;
action download-and-install;
}
threshold 3;
}
}
statistics-service {
threat-prevention-information yes;
}
}
timezone America/Chicago;
service {
disable-telnet yes;
disable-http yes;
}
hostname HSA-Firewall;
default-gateway 192.168.11.1;
dns-setting {
servers {
primary 192.168.11.1;
secondary 8.8.8.8;
}
}
ntp-servers {
primary-ntp-server {
ntp-server-address time-a-g.nist.gov;
authentication-type {
none;
}
}
secondary-ntp-server {
ntp-server-address ntp-d.nist.gov;
authentication-type {
none;
}
}
}
type {
static;
}
domain payroll;
route {
destination {
outside {
source {
interface ethernet1/1;
address 192.168.11.12/24;
}
}
}
service;
}
}
setting {
config {
rematch yes;
}
management {
hostname-type-in-syslog FQDN;
auto-acquire-commit-lock yes;
}
}
high-availability {
interface {
ha1 {
ip-address 192.168.10.1;
netmask 255.255.255.0;
}
ha1-backup;
ha2 {
ip-address 192.168.20.1;
netmask 255.255.255.0;
}
ha2-backup;
ha3;
}
group {
group-id 10;
description PA_850A;
peer-ip 192.168.10.2;
}
enabled yes;
}
}
[edit]
show session all filter application dns
ID Application State Type Flag Src[Sport]/Zone/Proto (translated
IP[Port])
Vsys Dst[Dport]/Zone (translated IP[Por
t])
863 dns ACTIVE FLOW 50.x.x.124[35735]/untrust/17
(50.x.x.124[35735])
vsys1 8.8.8.8[53]/untrust (8.8.8.8[53]
)
861 dns ACTIVE FLOW 50.x.x.124[60885]/untrust/17
(50.x.x.124[60885])
vsys1 8.8.8.8[53]/untrust (8.8.8.8[53]
)
865 dns ACTIVE FLOW 50.x.x.124[39112]/untrust/17
(50.x.x.124[39112])
vsys1 8.8.8.8[53]/untrust (8.8.8.8[53]
)
872 dns ACTIVE FLOW 50.x.x.124[42869]/untrust/17
(50.x.x.124[42869])
vsys1 8.8.8.8[53]/untrust (8.8.8.8[53]
)
lines 1-13
