Question 1mediummultiple choice
Read the full VPN explanation →PCNSE Troubleshoot • Complete Question Bank
Complete PCNSE Troubleshoot question bank — all 0 questions with answers and detailed explanations.
admin@PA-5000> show session id 12345 Session ID: 12345 Source IP: 10.1.1.100 Destination IP: 203.0.113.50 Application: web-browsing State: ESTABLISHED From Zone: trust To Zone: untrust Rule: allow-web
2025/03/15 10:30:45,drop,203.0.113.10,10.1.1.200,https,443,trust,untrust,deny-rule,any,any,any,any,any,any,any,any,any,any,any,any,any,any,any,any,any,any,any,any,any,any,any,any,any,any,any,any,any,any,any,any,any,any,any,any,any,any,any,any,any,any,any,any,any,any,any,any
Refer to the exhibit. --- > show session id 12345 Session ID: 12345 Source IP: 10.1.1.100 Destination IP: 192.168.2.50 Source Port: 34567 Destination Port: 80 Protocol: TCP State: FIN_WAIT Application: ssl NAT Source: 10.1.1.100 NAT Destination: 192.168.2.50 ---
show session id 12345 Session 12345: 10.1.1.10:50000 -> 203.0.113.5:443 (10.1.1.10:50000 -> 203.0.113.5:443) Application: ssl State: DROP Type: FLOW Reason: policy-deny Flags: 0x40000000 NAT: source 10.1.1.10:50000 (no NAT)
config shared security-rulebase security-rules rule "Allow-SSL" from [ "Trust-L3" ] to [ "Untrust-L3" ] source [ "10.0.0.0/8" ] destination [ "any" ] application [ "ssl" ] service [ "application-default" ] action allow log-start no log-end yes log-setting "Profile1" end-rule rule "Block-HTTP" from [ "Trust-L3" ] to [ "Untrust-L3" ] source [ "10.0.0.0/8" ] destination [ "any" ] application [ "web-browsing" ] service [ "application-default" ] action deny log-start no log-end yes end-rule end config shared application-group "Web-Apps" members [ "ssl" "web-browsing" ] end-application-group end
system log: 2019-03-15 14:23:45, severity: critical, module: license, description: License for URL Filtering has expired.
Refer to the exhibit. ``` admin@PA-5250> show session id 12345 Session ID: 12345 Source IP: 10.10.1.100 Destination IP: 203.0.113.50 Source port: 34567 Destination port: 443 Ingress interface: ethernet1/2 Egress interface: ethernet1/3 NAT source IP: 192.0.2.100 NAT destination IP: 203.0.113.50 Protocol: TCP State: ACTIVE Type: FLOW Policy ID: 4 Application: ssl Rule: allow-ssl User: unknown ```