Palo Alto Networks Certified Network Security Engineer (PCNSE) — Question 472
A firewall administrator wants to be able to see all NAT sessions that are going through a firewall with source NAT.
Which CLI command can the administrator use?
Answer options
- A. show session all filter nat source
- B. show running nat-rule-ippool rule “rule_name”
- C. show running nat-policy
- D. show session all filter nat-rule-source
Correct answer: A
Explanation
The correct command is 'show session all filter nat source' as it specifically filters the sessions for source NAT. The other options either pertain to NAT rules, policies, or different aspects of NAT configuration, and do not provide the session details that the administrator is seeking.