How to map drop-packet-capture zone ID to GUI zone name

Hi All,

Hopefully a simple question. I'm trying to troubleshoot a firewall issue and I'm trying to make sure the traffic is being identified under the correct zone. When using the drop-packet-capture command I see the following (snipped):

 in_dev=ipsec0 out_dev=XG_TO_CORE inzone_id=5 outzone_id=1

How does one align the zone ID's above with the zones that you configure in the GUI (ie LAN, DMZ, VPN etc)? Is there a way to spit out the name:id mappings?

  • Hi  

    I am sharing advanced shell command for your query.

    SFVH_VM01_SFOS 17.5.8 MR-8# psql -U nobody -d corporate -c "select * from tblnetworkzone"
     zoneid | zonename | zonetype | description | system_zone | displaystatus | moveable
    --------+----------+----------+-------------+-------------+---------------+----------
          1 | LAN      |        1 |             |           1 |             1 |        1
          2 | WAN      |        2 |             |           1 |             1 |        1
          3 | DMZ      |        3 |             |           1 |             1 |        1
          5 | VPN      |        5 |             |           1 |             1 |        1
          6 | Discover |        6 |             |           1 |             0 |        1
          7 | WiFi     |        1 |             |           1 |             1 |        1
          4 | LOCAL    |        4 |             |           1 |             0 |        1
    (7 rows)

    NOTE: Any modification to this will void the warranty, please be careful with it.