How to View Maximum Limit of NAT Rules

How to View Maximum Limit of NAT Rules

18076
Created On 09/25/18 19:24 PM - Last Modified 06/13/23 13:39 PM


Resolution


Details

In order to view the max limit for NAT rules on a Palo Alto Networks firewall, issue following CLI command:

> show system state filter cfg.general.max* | match nat-policy

 

cfg.general.max-di-nat-policy-rule: 125    <--Max number of dynamic IP rules

cfg.general.max-dip-nat-policy-rule: 125   <--Max number of dynamic IP and port rules

cfg.general.max-nat-policy-rule: 125       <--Max number of NAT rules

cfg.general.max-si-nat-policy-rule: 125    <-- Max number of static NAT rules

 

owner: ashaikh
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClXQCA0&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language