Test Policy Rules
Table of Contents
Expand All
|
Collapse All
Next-Generation Firewall Docs
-
-
- Cloud Management of NGFWs
- PAN-OS 10.0 (EoL)
- PAN-OS 10.1
- PAN-OS 10.2
- PAN-OS 11.0 (EoL)
- PAN-OS 11.1 & Later
- PAN-OS 9.1 (EoL)
-
- PAN-OS 10.1
- PAN-OS 10.2
- PAN-OS 11.0 (EoL)
- PAN-OS 11.1 & Later
-
-
- Cloud Management and AIOps for NGFW
- PAN-OS 10.0 (EoL)
- PAN-OS 10.1
- PAN-OS 10.2
- PAN-OS 11.0 (EoL)
- PAN-OS 11.1
- PAN-OS 11.2
- PAN-OS 8.1 (EoL)
- PAN-OS 9.0 (EoL)
- PAN-OS 9.1 (EoL)
Test Policy Rules
Test the traffic policy matches of the running firewall
configuration.
Test the policy rules in your running configuration
to ensure that your policies appropriately allow and deny traffic
and access to applications and websites in compliance with your
business needs and requirements. You can test and verify that your
policy rules are allowing and denying the correct traffic by executing
policy match tests for your firewalls directly from the web interface.
- Launch the Web Interface.Select DeviceTroubleshooting to perform a policy match or connectivity test.Enter the required information to perform the policy match test. In this example, we run a NAT policy match test.
- Select Test—Select NAT Policy Match.From—Select the zone traffic is originating from.To—Select the target zone of the traffic.Source—Enter the IP address from which traffic originated.Destination—Enter the IP address of the target device for the traffic.Destination Port—Enter the port used for the traffic. This port varies depending on the IP protocol used in the following step.Protocol—Enter the IP protocol used for the traffic.If necessary, enter any additional information relevant for your NAT policy rule testing.Execute the NAT policy match test.Review the NAT Policy Match Result to see the policy rules that match the test criteria.