Firewall

How to test NAT translation on Palo Alto Firewalls

Mar 22, 2022 Firewall, PaloAlto

Similar to firewall policy test on Palo Alto, use the following command to test which NAT translation policy is matched. [email protected] vsys4(active)> test nat-policy-match + destination destination IP address + destination-port Destination port + from from + ha-device-id HA Active-Active device ID + protocol IP protocol value + source source IP address + source-port Source port + to to + to-interface Egress interface to use | Pipe through a command <Enter> Finish input

NO-NAT configuration on Cisco ASA Firewall

Mar 16, 2022 Firewall, ASA, Cisco

Cisco ASA firewall has upgraded its command line at the version 8.3 and changed a lot of configurations from their previous style. I recently faced two cases about NO-NAT in both version and want to leave a quick note here. Example details: inside IP address: 1.1.1.0/24 outside IP address: 2.2.2.0/24 traffic go through from inside interface to outside interface Before 8.3 An access-list is needed to filter the interested traffic. ...