A firewall administrator needs to check which egress interface the firewall will use to route the IP 10.2.5.3.
Which command should they use?
A firewall administrator needs to check which egress interface the firewall will use to route the IP 10.2.5.3.
Which command should they use?
To check which egress interface the firewall will use to route a specified IP, the appropriate command should be designed to perform a routing information base (RIB) lookup or forwarding information base (FIB) lookup. The command 'test routing fib-lookup ip 10.2.5.3 virtual-router default' directly tests the routing lookup for the specific IP address (10.2.5.3) within the context of the virtual-router named 'default'. This provides the necessary information about the egress interface used for routing the given IP address.
admin@FWS> test routing fib-lookup ip 192.168.5.0 virtual-router default -------------------------------------------------------------------------------- runtime route lookup -------------------------------------------------------------------------------- virtual-router: default destination: 192.168.5.0 result: via x.x.x.x interface ae<z.b>, sourcey.y.y.y, metric 10 -------------------------------------------------------------------------------- admin@FWS> Correct is D
Option D test routing fib-lookup ip <ip/netmask> virtual-router <value> ecmp source-ip <ip/netmask> source-port <1-65535> destination-ip <ip/ netmask> destination-port <1-65535> https://docs.paloaltonetworks.com/content/dam/techdocs/en_US/pdf/pan-os/10-2/pan-os-cli-quick-start/pan-os-cli-quick-start.pdf
D. 100%
Reference: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClYJCA0
D is correct
https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-cli-quick-start/cli-cheat-sheets/cli-cheat-sheet-networking None of these commands really seem to follow the correct command syntax described in this doc.