Monday, August 3, 2015

Palo Alto: Testing NAT Via CLI

I like how Palo put in testing commands for troubleshooting.  Cisco does the same thing on the ASA.  Very cool stuff.  Below, Im testing a NAT policy, to make sure my NAT'ing is done correctly.  Here is a command for doing that. is my public address, and is just a random IP I pulled out of my head. is my internal server.

skillen@Primary-PA-3050(active)> test nat-policy-match destination source protocol 6 destination-port 80

Destination-NAT: Rule matched: Rule45 NAT =>


No comments:

Post a Comment

Your comment will be reviewed for approval. Thank you for submitting your comments.