Palo Alto Networks Knowledgebase: How to Create and View NAT Rules on the CLI
How to Create and View NAT Rules on the CLI
Created On 02/07/19 23:54 PM - Last Updated 02/07/19 23:55 PM
This document describes how to create and view NAT rules on the CLI (command line interface).
Use the following command to create a NAT rule on the CLI:
# set rulebase nat rules <NAT Rule Name> description <Description of NAT rule> from <Source Zone> to <Destination Zone> service <Service Type> source <Source IP Address> destination <Destination IP address> source-translation <Type of Source Translation> interface-address interface <Interface Port number>
The example below create static NAT translation with dynamic IP and port and uses interface ethernet1/4.
# set rulebase nat rules StaticNAT description staticNAT from DMZ to L3-Untrust service any source any destination any source-translation dynamic-ip-and-port interface-address interface ethernet1/4
Once committed, use the following command to confirm creation of the NAT rule.