How to test NAT translation on Palo Alto Firewalls

How to test NAT translation on Palo Alto Firewalls

Mar 22, 2022 Firewall, PaloAlto

Similar to firewall policy test on Palo Alto, use the following command to test which NAT translation policy is matched.

[email protected] vsys4(active)> test nat-policy-match
+ destination        destination IP address
+ destination-port   Destination port
+ from               from
+ ha-device-id       HA Active-Active device ID
+ protocol           IP protocol value
+ source             source IP address
+ source-port        Source port
+ to                 to
+ to-interface       Egress interface to use
  |                  Pipe through a command
  <Enter>            Finish input


No notes link to this note

comments powered by Disqus