I like how Palo put in testing commands for troubleshooting. Cisco does the same thing on the ASA. Very cool stuff. Below, Im testing a NAT policy, to make sure my NAT'ing is done correctly. Here is a command for doing that. 4.4.4.34 is my public address, and 7.7.7.125 is just a random IP I pulled out of my head. 10.10.10.1 is my internal server.
skillen@Primary-PA-3050(active)> test nat-policy-match destination 4.4.4.34 source 7.7.7.125 protocol 6 destination-port 80
Destination-NAT: Rule matched: Rule45 NAT
4.4.4.34:80 => 10.10.10.1:80
skillen@Primary-PA-3050(active)>
No comments:
Post a Comment
Your comment will be reviewed for approval. Thank you for submitting your comments.