• Home
  • Palo Alto Networks, PCNSE
  • Which two items must the NAT policy contain to allow users in the Untrust-L3 zone to access the web server?

Which two items must the NAT policy contain to allow users in the Untrust-L3 zone to access the web server?

Posted by: Pdfprep Category: PCNSE Tags: , , Post Date: May 30, 2021

A company hosts a publicly accessible web server behind a Palo Alto Networks next-generation firewall with the following configuration information:

* Users outside the company are in the "Untrust-L3" zone.

* The web server physically resides in the "Trust-L3" zone.

* Web server public IP address: 23.54.6.10

* Web server private IP address: 192.168.1.10

Which two items must the NAT policy contain to allow users in the Untrust-L3 zone to access the web server? (Choose two.)
A . Destination IPof 23.54.6.10
B . UntrustL3 for both Source and Destination Zone
C . Destination IP of 192.168.1.10
D . UntrustL3 for Source Zone and Trust-L3 for Destination Zone

Answer: A,B

Author

Leave a Reply

Your email address will not be published.