I like how Palo put in testing commands for troubleshooting. Cisco does the same thing on the ASA. Very cool stuff. Below, Im testing a NAT policy, to make sure my NAT'ing is done correctly. Here is a command for doing that. 220.127.116.11 is my public address, and 18.104.22.168 is just a random IP I pulled out of my head. 10.10.10.1 is my internal server.
skillen@Primary-PA-3050(active)> test nat-policy-match destination 22.214.171.124 source 126.96.36.199 protocol 6 destination-port 80
Destination-NAT: Rule matched: Rule45 NAT
188.8.131.52:80 => 10.10.10.1:80
Post a Comment
Your comment will be reviewed for approval. Thank you for submitting your comments.