cgnv6 lsn

Set Large-Scale NAT parameters

lsn Specification

Type Intermediate Resource
Element Name lsn
Element URI /axapi/v3/cgnv6/lsn
Element Attributes lsn_attributes
Schema lsn schema

Operations Allowed:

Operation Method URI Payload

Get Object

GET

/axapi/v3/cgnv6/lsn

lsn_attributes

lsn Attributes

alg

Description: alg is a JSON Block . Please see below for alg

Type: Object

Reference Object: /axapi/v3/cgnv6/lsn/alg

endpoint-independent-filtering

Description: endpoint-independent-filtering is a JSON Block . Please see below for endpoint-independent-filtering

Type: Object

Reference Object: /axapi/v3/cgnv6/lsn/endpoint-independent-filtering

endpoint-independent-mapping

Description: endpoint-independent-mapping is a JSON Block . Please see below for endpoint-independent-mapping

Type: Object

Reference Object: /axapi/v3/cgnv6/lsn/endpoint-independent-mapping

global

Description: global is a JSON Block . Please see below for global

Type: Object

Reference Object: /axapi/v3/cgnv6/lsn/global

health-check-gateway-list

Description: health-check-gateway-list is a JSON List . Please see below for health-check-gateway-list

Type: List

Reference Object: /axapi/v3/cgnv6/lsn/health-check-gateway/{ipv4-addr}+{ipv6-addr}

inside

Description: inside is a JSON Block . Please see below for inside

Type: Object

Reference Object: /axapi/v3/cgnv6/lsn/inside

performance

Description: performance is a JSON Block . Please see below for performance

Type: Object

Reference Object: /axapi/v3/cgnv6/lsn/performance

port-overloading

Description: port-overloading is a JSON Block . Please see below for port-overloading

Type: Object

Reference Object: /axapi/v3/cgnv6/lsn/port-overloading

port-reservation-list

Description: port-reservation-list is a JSON List . Please see below for port-reservation-list

Type: List

Reference Object: /axapi/v3/cgnv6/lsn/port-reservation/{inside}+{inside-port-start}+{inside-port-end}+{nat}+{nat-port-start}+{nat-port-end}

radius

Description: radius is a JSON Block . Please see below for radius

Type: Object

Reference Object: /axapi/v3/cgnv6/lsn/radius

stun-timeout

Description: stun-timeout is a JSON Block . Please see below for stun-timeout

Type: Object

Reference Object: /axapi/v3/cgnv6/lsn/stun-timeout

tcp

Description: tcp is a JSON Block . Please see below for tcp

Type: Object

Reference Object: /axapi/v3/cgnv6/lsn/tcp

radius

Specification
Type object

server

Description: server is a JSON Block . Please see below for l907_server

Type: Object

Reference Object: /axapi/v3/cgnv6/lsn/radius/server

radius.server

Specification
Type object

attribute

Description: attribute is a JSON List . Please see below for l907_attribute

Type: List

encrypted

Description: Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED secret string)

listen-port

Description: Specify the port number on which the external RADIUS server listens for Accounting requests.

Type: number

Range: 1024-65535

remote

Description: remote is a JSON Block . Please see below for l907_remote

Type: Object

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l907_sampling-enable

Type: List

secret

Description: Configure shared secret

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

secret-string

Description: Specify the password string the external RADIUS servers and ACOS device use to authenticate RADIUS traffic between them.

Type: string

Format: password

uuid

Description: uuid of the object

Type: string

vrid

Description: Join a VRRP-A failover group

Type: number

Range: 1-31

radius.server.remote

Specification
Type object

ipv4-list

Description: Specify the name of the IP list that contains the IPv4 addresses of the external RADIUS servers from which to obtain mobile numbers for traffic logging.

Type: string

Format: string-rlx

ipv6-list

Description: Specify the name of the IP list that contains the IPv6 addresses of the external RADIUS servers from which to obtain mobile numbers for traffic logging.

Type: string

Format: string-rlx

radius.server.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘msisdn-received’: MSISDN Received; ‘imei-received’: IMEI Received; ‘imsi-received’: IMSI Received; ‘custom-received’: Custom attribute Received; ‘radius-request-received’: RADIUS Request Received; ‘radius-request-dropped’: RADIUS Request Dropped (Malformed Packet); ‘radius-table-full’: RADIUS Request Dropped (Table Full); ‘ha-standby-dropped’: HA Standby Dropped; ‘smp-mem-allocated’: RADIUS SMP Memory Allocated; ‘smp-mem-alloc-failed’: RADIUS SMP Memory Allocation Failed; ‘smp-mem-freed’: RADIUS SMP Memory Freed; ‘smp-created’: RADIUS SMP Created; ‘smp-in-rml’: RADIUS SMP in RML; ‘smp-deleted’: RADIUS SMP Deleted; ‘mem-allocated’: RADIUS Memory Allocated; ‘mem-alloc-failed’: RADIUS Memory Allocation Failed; ‘mem-freed’: RADIUS Memory Freed; ‘ha-sync-create-sent’: HA Record Sync Create Sent; ‘ha-sync-delete-sent’: HA Record Sync Delete Sent; ‘ha-sync-create-recv’: HA Record Sync Create Received; ‘ha-sync-delete-recv’: HA Record Sync Delete Received;

Type: string

Supported Values: all, msisdn-received, imei-received, imsi-received, custom-received, radius-request-received, radius-request-dropped, radius-table-full, ha-standby-dropped, smp-mem-allocated, smp-mem-alloc-failed, smp-mem-freed, smp-created, smp-in-rml, smp-deleted, mem-allocated, mem-alloc-failed, mem-freed, ha-sync-create-sent, ha-sync-delete-sent, ha-sync-create-recv, ha-sync-delete-recv

radius.server.attribute

Specification
Type list
Block object keys

attribute-value

Description: ‘inside-ip’: Inside IP address; ‘inside-ipv6’: Inside IPv6 address; ‘imei’: International Mobile Equipment Identity (IMEI); ‘imsi’: International Mobile Subscriber Identity (IMSI); ‘msisdn’: Mobile Subscriber Integrated Services Digital Network-Number (MSISDN); ‘custom1’: Customized attribute 1; ‘custom2’: Customized attribute 2; ‘custom3’: Customized attribute 3;

Type: string

Supported Values: inside-ip, inside-ipv6, imei, imsi, msisdn, custom1, custom2, custom3

custom-number

Description: RADIUS attribute number

Type: number

Range: 1-255

custom-vendor

Description: RADIUS vendor attribute information (RADIUS vendor ID)

Type: number

Range: 1-65535

name

Description: Customized attribute name

Type: string

number

Description: RADIUS attribute number

Type: number

Range: 1-255

value

Description: ‘hexadecimal’: Type of attribute value is hexadecimal;

Type: string

Supported Values: hexadecimal

vendor

Description: RADIUS vendor attribute information (RADIUS vendor ID)

Type: number

Range: 1-65535

endpoint-independent-mapping

Specification
Type object

tcp

Description: tcp is a JSON Block . Please see below for tcp

Type: Object

Reference Object: /axapi/v3/cgnv6/lsn/endpoint-independent-mapping/tcp

udp

Description: udp is a JSON Block . Please see below for l907_udp

Type: Object

Reference Object: /axapi/v3/cgnv6/lsn/endpoint-independent-mapping/udp

endpoint-independent-mapping.udp

Specification
Type object

port-list

Description: port-list is a JSON List . Please see below for l907_port-list

Type: List

uuid

Description: uuid of the object

Type: string

endpoint-independent-mapping.udp.port-list

Specification
Type list
Block object keys

port

Description: Single Destination Port or Port Range Start

Type: number

port-end

Description: Port Range End

Type: number

endpoint-independent-mapping.tcp

Specification
Type object

port-list

Description: port-list is a JSON List . Please see below for l907_port-list

Type: List

uuid

Description: uuid of the object

Type: string

endpoint-independent-mapping.tcp.port-list

Specification
Type list
Block object keys

port

Description: Single Destination Port or Port Range Start

Type: number

port-end

Description: Port Range End

Type: number

port-overloading

Specification
Type object

global

Description: global is a JSON Block . Please see below for global

Type: Object

Reference Object: /axapi/v3/cgnv6/lsn/port-overloading/global

tcp

Description: tcp is a JSON Block . Please see below for tcp

Type: Object

Reference Object: /axapi/v3/cgnv6/lsn/port-overloading/tcp

udp

Description: udp is a JSON Block . Please see below for l907_udp

Type: Object

Reference Object: /axapi/v3/cgnv6/lsn/port-overloading/udp

port-overloading.udp

Specification
Type object

port-list

Description: port-list is a JSON List . Please see below for l907_port-list

Type: List

uuid

Description: uuid of the object

Type: string

port-overloading.udp.port-list

Specification
Type list
Block object keys

port

Description: Single Destination Port or Port Range Start

Type: number

port-end

Description: Port Range End

Type: number

port-overloading.global

Specification
Type object

allow-different-user

Description: Allow different users to overload the same port (default: disabled)

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

unique

Description: ‘destination-address’: Allow overloading when the destination addresses is unique; ‘destination-address-and-port’: Allow overloading when the destination address and port 2-tuple is unique (default);

Type: string

Supported Values: destination-address, destination-address-and-port

Default: destination-address-and-port

uuid

Description: uuid of the object

Type: string

port-overloading.tcp

Specification
Type object

port-list

Description: port-list is a JSON List . Please see below for l907_port-list

Type: List

uuid

Description: uuid of the object

Type: string

port-overloading.tcp.port-list

Specification
Type list
Block object keys

port

Description: Single Destination Port or Port Range Start

Type: number

port-end

Description: Port Range End

Type: number

health-check-gateway-list

Specification
Type list
Block object keys

ipv4-addr

Description: Specify IPv4 Gateway

Type: string

Format: ipv4-address

ipv6-addr

Description: Specify IPv6 Gateway

Type: string

Format: ipv6-address

uuid

Description: uuid of the object

Type: string

alg

Specification
Type object

esp

Description: esp is a JSON Block . Please see below for l907_esp

Type: Object

Reference Object: /axapi/v3/cgnv6/lsn/alg/esp

ftp

Description: ftp is a JSON Block . Please see below for l907_ftp

Type: Object

Reference Object: /axapi/v3/cgnv6/lsn/alg/ftp

pptp

Description: pptp is a JSON Block . Please see below for l907_pptp

Type: Object

Reference Object: /axapi/v3/cgnv6/lsn/alg/pptp

rtsp

Description: rtsp is a JSON Block . Please see below for l907_rtsp

Type: Object

Reference Object: /axapi/v3/cgnv6/lsn/alg/rtsp

sip

Description: sip is a JSON Block . Please see below for l907_sip

Type: Object

Reference Object: /axapi/v3/cgnv6/lsn/alg/sip

tftp

Description: tftp is a JSON Block . Please see below for l907_tftp

Type: Object

Reference Object: /axapi/v3/cgnv6/lsn/alg/tftp

alg.ftp

Specification
Type object

ftp-value

Description: disable : Disables LSN ALG support for File Transfer Protocol (FTP).

Type: string

Supported Values: disable

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l907_sampling-enable

Type: List

uuid

Description: uuid of the object

Type: string

alg.ftp.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘port-requests’: PORT Requests From Client; ‘eprt-requests’: EPRT Requests From Client; ‘lprt-requests’: LPRT Requests From Client; ‘pasv-replies’: PASV Replies From Server; ‘epsv-replies’: EPSV Replies From Server; ‘lpsv-replies’: LPSV Replies From Server; ‘port-retransmits’: Port Mode Request Retransmits; ‘pasv-retransmits’: Passive Mode Reply Retransmits; ‘port-helper-created’: Port Mode Helper Created; ‘pasv-helper-created’: Passive Mode Helper Created; ‘port-helper-freed’: Port Mode Helper Freed; ‘pasv-helper-freed’: Passive Mode Helper Freed; ‘port-helper-unused’: Port Mode Helper Unused; ‘pasv-helper-unused’: Passive Mode Helper Unused; ‘port-helper-creation-failure’: Port Helper Creation Failure; ‘pasv-helper-creation-failure’: Passive Helper Creation Failure; ‘get-conn-ext-failure’: Get Conn Extension Failure; ‘smp-app-type-mismatch’: SMP ALG App Type Mismatch;

Type: string

Supported Values: all, port-requests, eprt-requests, lprt-requests, pasv-replies, epsv-replies, lpsv-replies, port-retransmits, pasv-retransmits, port-helper-created, pasv-helper-created, port-helper-freed, pasv-helper-freed, port-helper-unused, pasv-helper-unused, port-helper-creation-failure, pasv-helper-creation-failure, get-conn-ext-failure, smp-app-type-mismatch

alg.sip

Specification
Type object

rtp-stun-timeout

Description: Set the Session Traversal Utilities for NAT (STUN) timeout for full-cone sessions.

Type: number

Range: 2-10

Default: 5

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l907_sampling-enable

Type: List

sip-value

Description: enable : Enables or disables LSN ALG support for Session Initiation Protocol (SIP).

Type: string

Supported Values: enable

uuid

Description: uuid of the object

Type: string

alg.sip.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘method-register’: SIP Method REGISTER; ‘method-invite’: SIP Method INVITE; ‘method-ack’: SIP Method ACK; ‘method-cancel’: SIP Method CANCEL; ‘method-bye’: SIP Method BYE; ‘method-options’: SIP Method OPTIONS; ‘method-prack’: SIP Method PRACK; ‘method-subscribe’: SIP Method SUBSCRIBE; ‘method-notify’: SIP Method NOTIFY; ‘method-publish’: SIP Method PUBLISH; ‘method-info’: SIP Method INFO; ‘method-refer’: SIP Method REFER; ‘method-message’: SIP Method MESSAGE; ‘method-update’: SIP Method UPDATE; ‘method-unknown’: SIP Method UNKNOWN; ‘parse-error’: SIP Message Parse Error; ‘req-uri-op-failrue’: SIP Operate Request Uri Failure; ‘via-hdr-op-failrue’: SIP Operate Via Header Failure; ‘contact-hdr-op-failrue’: SIP Operate Contact Header Failure; ‘from-hdr-op-failrue’: SIP Operate From Header Failure; ‘to-hdr-op-failrue’: SIP Operate To Header Failure; ‘route-hdr-op-failrue’: SIP Operate Route Header Failure; ‘record-route-hdr-op-failrue’: SIP Operate Record-Route Header Failure; ‘content-length-hdr-op-failrue’: SIP Operate Content-Length Failure; ‘third-party-registration’: SIP Third-Party Registration; ‘conn-ext-creation-failure’: SIP Create Connection Extension Failure; ‘alloc-contact-port-failure’: SIP Alloc Contact Port Failure; ‘outside-contact-port-mismatch’: SIP Outside Contact Port Mismatch NAT Port; ‘inside-contact-port-mismatch’: SIP Inside Contact Port Mismatch; ‘third-party-sdp’: SIP Third-Party SDP; ‘sdp-process-candidate-failure’: SIP Operate SDP Media Candidate Attribute Failure; ‘sdp-op-failure’: SIP Operate SDP Failure; ‘sdp-alloc-port-map-success’: SIP Alloc SDP Port Map Success; ‘sdp-alloc-port-map-failure’: SIP Alloc SDP Port Map Failure; ‘modify-failure’: SIP Message Modify Failure; ‘rewrite-failure’: SIP Message Rewrite Failure; ‘tcp-out-of-order-drop’: TCP Out-of-Order Drop;

Type: string

Supported Values: all, method-register, method-invite, method-ack, method-cancel, method-bye, method-options, method-prack, method-subscribe, method-notify, method-publish, method-info, method-refer, method-message, method-update, method-unknown, parse-error, req-uri-op-failrue, via-hdr-op-failrue, contact-hdr-op-failrue, from-hdr-op-failrue, to-hdr-op-failrue, route-hdr-op-failrue, record-route-hdr-op-failrue, content-length-hdr-op-failrue, third-party-registration, conn-ext-creation-failure, alloc-contact-port-failure, outside-contact-port-mismatch, inside-contact-port-mismatch, third-party-sdp, sdp-process-candidate-failure, sdp-op-failure, sdp-alloc-port-map-success, sdp-alloc-port-map-failure, modify-failure, rewrite-failure, tcp-out-of-order-drop

alg.esp

Specification
Type object

esp-value

Description: enable : Enables LSN ALG support for Encapsulating Security Payload (ESP).

Type: string

Supported Values: enable

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l907_sampling-enable

Type: List

uuid

Description: uuid of the object

Type: string

alg.esp.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘session-created’: ESP Sessions Created; ‘placeholder-debug’: Placeholder Debug;

Type: string

Supported Values: all, session-created, placeholder-debug

alg.pptp

Specification
Type object

pptp-value

Description: enable : Enables LSN ALG support for Point-to-Point Tunnelling Protocol (PPTP).

Type: string

Supported Values: enable

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l907_sampling-enable

Type: List

uuid

Description: uuid of the object

Type: string

alg.pptp.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘calls-established’: Calls Established; ‘mismatched-pns-call-id’: Mismatched PNS Call ID; ‘gre-sessions-created’: GRE Sessions Created; ‘gre-sessions-freed’: GRE Sessions Freed; ‘no-gre-session-match’: No Matching GRE Session; ‘smp-sessions-created’: SMP Sessions Created; ‘smp-sessions-freed’: SMP Sessions Freed; ‘smp-session-creation-failure’: SMP Session Creation Failures; ‘extension-creation-failure’: Extension Creation Failures; ‘ha-sent’: HA Info Sent; ‘ha-rcv’: HA Info Received; ‘ha-no-mem’: HA Memory Allocation Failure; ‘ha-conflict’: HA Call ID Conflicts; ‘ha-overwrite’: HA Call ID Overwrites; ‘ha-call-sent’: HA Call Sent; ‘ha-call-rcv’: HA Call Received; ‘ha-smp-conflict’: HA SMP Conflicts; ‘ha-smp-in-del-q’: HA SMP Deleted; ‘smp-app-type-mismatch’: SMP ALG App Type Mismatch; ‘quota-inc’: Quota Incremented; ‘quota-dec’: Quota Decremented; ‘quota-inc-not-found’: Quota Not Found on Increment; ‘quota-dec-not-found’: Quota Not Found on Decrement;

Type: string

Supported Values: all, calls-established, mismatched-pns-call-id, gre-sessions-created, gre-sessions-freed, no-gre-session-match, smp-sessions-created, smp-sessions-freed, smp-session-creation-failure, extension-creation-failure, ha-sent, ha-rcv, ha-no-mem, ha-conflict, ha-overwrite, ha-call-sent, ha-call-rcv, ha-smp-conflict, ha-smp-in-del-q, smp-app-type-mismatch, quota-inc, quota-dec, quota-inc-not-found, quota-dec-not-found

alg.rtsp

Specification
Type object

rtsp-value

Description: enable : Enables or disables LSN ALG support for Real Time Streaming Protocol (RTSP).

Type: string

Supported Values: enable

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l907_sampling-enable

Type: List

uuid

Description: uuid of the object

Type: string

alg.rtsp.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘streams-created’: Streams Created; ‘streams-freed’: Streams Freed; ‘stream-creation-failure’: Stream Creation Failures; ‘ports-allocated’: Stream Client Ports Allocated; ‘ports-freed’: Stream Client Ports Freed; ‘port-allocation-failure’: Stream Client Port Allocation Failures; ‘unknown-client-port-from-server’: Server Replies With Unknown Client Ports; ‘data-session-created’: Data Session Created; ‘data-session-freed’: Data Session Freed; ‘no-session-mem’: Data Session Creation Failures; ‘ha-sent’: HA Sent; ‘ha-rcv’: HA RCV; ‘smp-inserted’: SMP Session Inserted; ‘smp-removed’: SMP Session Removed; ‘smp-reused’: SMP Session Reused; ‘nat-pool-standby’: New Session NAT Pool Standby; ‘smp-deleted’: New Session SMP Already Deleted; ‘control-closed’: New Session Closed; ‘data-session-exists’: New Session Already Exists; ‘data-session-creation-failure’: New Data Session Creation Failure; ‘rtp-reversed’: RTP Reverse Creation; ‘rtcp-reversed’: RTCP Reverse Creation; ‘cross-cpu-sent’: Cross CPU Sent; ‘cross-cpu-rcv’: Cross CPU Received; ‘cross-cpu-no-session’: Cross CPU No Session Found; ‘cross-cpu-created’: Cross CPU Creation; ‘cross-cpu-rcv-failure’: Cross CPU Receive Failure; ‘data-free-smp-retry-lookup’: Data Session Free SMP Retry Lookup; ‘data-free-smp-not-found’: Data Session Free SMP Not Found; ‘ha-streams-sent’: HA Streams Sent; ‘ha-streams-rcv’: HA Streams Received; ‘ha-stream-incompatible’: HA Incompatible Streams Received; ‘ha-stream-exists’: HA Stream Already Exists; ‘ha-port-allocation-failure’: HA Stream Port Allocation Failure; ‘ha-data-session-sent’: HA Data Session Sent; ‘ha-data-session-rcv’: HA Data Session Received; ‘ha-data-no-smp’: HA Data Session SMP Not Found; ‘ha-control-closed’: HA New Data Control Session Closed; ‘ha-data-exists’: HA New Data Session Already Exists; ‘ha-extension-failure’: HA Conn Extension Failure; ‘ha-stream-smp-reused’: HA SMP Session Reused; ‘ha-stream-smp-acquire-failure’: HA SMP Session Acquire Failure; ‘smp-app-type-mismatch’: SMP ALG App Type Mismatch;

Type: string

Supported Values: all, streams-created, streams-freed, stream-creation-failure, ports-allocated, ports-freed, port-allocation-failure, unknown-client-port-from-server, data-session-created, data-session-freed, no-session-mem, ha-sent, ha-rcv, smp-inserted, smp-removed, smp-reused, nat-pool-standby, smp-deleted, control-closed, data-session-exists, data-session-creation-failure, rtp-reversed, rtcp-reversed, cross-cpu-sent, cross-cpu-rcv, cross-cpu-no-session, cross-cpu-created, cross-cpu-rcv-failure, data-free-smp-retry-lookup, data-free-smp-not-found, ha-streams-sent, ha-streams-rcv, ha-stream-incompatible, ha-stream-exists, ha-port-allocation-failure, ha-data-session-sent, ha-data-session-rcv, ha-data-no-smp, ha-control-closed, ha-data-exists, ha-extension-failure, ha-stream-smp-reused, ha-stream-smp-acquire-failure, smp-app-type-mismatch

alg.tftp

Specification
Type object

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l907_sampling-enable

Type: List

tftp-value

Description: enable : Enables LSN ALG support for Trivial File Transfer Protocol (TFTP).

Type: string

Supported Values: enable

uuid

Description: uuid of the object

Type: string

alg.tftp.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘session-created’: TFTP Client Sessions Created; ‘placeholder-debug’: Placeholder Debug;

Type: string

Supported Values: all, session-created, placeholder-debug

inside

Specification
Type object

source

Description: source is a JSON Block . Please see below for l907_source

Type: Object

Reference Object: /axapi/v3/cgnv6/lsn/inside/source

inside.source

Specification
Type object

class-list

Description: Bind an IP class list for use with LSN.

Type: string

Format: string-rlx

uuid

Description: uuid of the object

Type: string

global

Specification
Type object

attempt-port-preservation

Description: Port preservation attempts to use the same source protocol port for a client’s public address (NAT address) that is used in the client’s inside address.

  • disable : Don’t attempt port preservation for NAT allocation.

Type: string

Supported Values: disable

hairpinning

Description: Configure filtering for hairpinning.

  • filter-none : Allows for self-hairpinning for UDP packets only. This is the default behavior for UDP packets.
  • filter-self-ip : Drops packets that have the same inside client IP address for both the source and destination.
  • filter-self-ip-port : Drops packets that have the same inside client IP address and protocol port number for both the source and destination. This option may be needed if double NAT is used. This is the default behaivor for TCP packets.

Type: string

Supported Values: filter-none, filter-self-ip, filter-self-ip-port

Default: filter-none

half-close-timeout

Description: Set LSN Half close timeout (Half close timeout in seconds (default not set))

Type: number

Range: 2-3000

icmp

Description: icmp is a JSON Block . Please see below for l907_icmp

Type: Object

inbound-refresh

Description: Session aging time for NAT translation.

  • disable : Disables the resetting of the age-out time for NAT translation when inbound packets are received.

Type: string

Supported Values: disable

ip-selection

Description: Specify the method for LSN to use to select IP addresses within a pool.

  • random : Selects addresses randomly, instead of using any of the other methods.
  • round-robin : Selects addresses sequentially.
  • least-used-strict : Selects the address with the fewest NAT ports of any type (TCP or UDP) used. This option is not applicable to ICMP.
  • least-udp-used-strict : Selects the address with the fewest UDP NAT ports used.
  • least-tcp-used-strict : Selects the address with the fewest TCP NAT ports used.
  • least-reserved-strict : Selects the address with the fewest TCP or UDP NAT ports reserved.
  • least-udp-reserved-strict : Selects the address with the fewest UDP NAT ports reserved.
  • least-tcp-reserved-strict : Selects the address with the fewest TCP NAT ports reserved.
  • least-users-strict : Selects the address with the fewest users.

Type: string

Supported Values: random, round-robin, least-used-strict, least-udp-used-strict, least-tcp-used-strict, least-reserved-strict, least-udp-reserved-strict, least-tcp-reserved-strict, least-users-strict

Default: random

logging

Description: logging is a JSON Block . Please see below for l907_logging

Type: Object

port-batching

Description: port-batching is a JSON Block . Please see below for l907_port-batching

Type: Object

syn-timeout

Description: Configure the SYN idle timeout for LSN.

Type: number

Range: 2-30

Default: 4

uuid

Description: uuid of the object

Type: string

global.logging

Specification
Type object

default-template

Description: Bind an existing default NAT logging template to an LSN pool.

Type: string

Format: string-rlx

Reference Object: /axapi/v3/cgnv6/template/logging

pool

Description: pool is a JSON List . Please see below for l907_pool

Type: List

global.logging.pool

Specification
Type list
Block object keys

pool-name

Description: NAT pool

Type: string

Format: string-rlx

template

Description: Bind a NAT logging template

Type: string

Format: string-rlx

Reference Object: /axapi/v3/cgnv6/template/logging

global.port-batching

Specification
Type object

size

Description: Specify the number of ports to allocate in each batch.

  • 1 : Allocate 1 port at a time. 8 : Allocate 8 ports at a time.
  • 16 : Allocate 16 ports at a time.
  • 32 : Allocate 32 ports at a time.
  • 64 : Allocate 64 ports at a time.
  • 128 : Allocate 128 ports at a time.
  • 256 : Allocate 256 ports at a time.
  • 512 : Allocate 512 ports at a time.
  • 1024 : Allocate 1024 ports at a time.

Type: string

Supported Values: 1, 8, 16, 32, 64, 128, 256, 512

Default: 1

tcp-time-wait-interval

Description: Configure the timeout interval before TCP NAT ports can be reused after they have been released.

Type: number

Range: 0-10

Default: 2

global.icmp

Specification
Type object

send-on-port-unavailable

Description: Sends ICMP Destination Unreachable message when a port is unavailable.

  • host-unreachable : Send ICMP destination host unreachable code type 3 code 1 for IPv4, and type 1 code 3 for IPv6.
  • admin-filtered : Send ICMP admin filtered code type 3 code 13 administratively filtered.
  • disable : Disable ICMP Unreachable messages for the specified event.

Type: string

Supported Values: host-unreachable, admin-filtered

send-on-user-quota-exceeded

Description: Sends ICMP Destination Unreachable message when a user quota is exceeded.

  • host-unreachable : Send ICMP destination host unreachable code type 3 code 1 for IPv4, and type 1 code 3 for IPv6.
  • admin-filtered : Send ICMP admin filtered code type 3 code 13 administratively filtered.
  • disable : Disable ICMP Unreachable messages for the specified event.

Type: string

Supported Values: host-unreachable, disable

tcp

Specification
Type object

mss-clamp

Description: mss-clamp is a JSON Block . Please see below for l907_mss-clamp

Type: Object

Reference Object: /axapi/v3/cgnv6/lsn/tcp/mss-clamp

reset-on-error

Description: reset-on-error is a JSON Block . Please see below for l907_reset-on-error

Type: Object

Reference Object: /axapi/v3/cgnv6/lsn/tcp/reset-on-error

tcp.mss-clamp

Specification
Type object

min

Description: Specify the min value allowed for the TCP MSS (Specify the min value allowed for the TCP MSS (default: ((576 - 60 - 60))))

Type: number

Range: 0-1460

Default: 456

mss-clamp-type

Description: ‘fixed’: Specify a fixed max value for the TCP MSS; ‘subtract’: Specify the value to subtract from the TCP MSS; ‘none’: No TCP MSS clamping (default);

Type: string

Supported Values: fixed, subtract, none

Default: none

mss-subtract

Description: Specify the value to subtract from the TCP MSS (default: not configured)

Type: number

Range: 0-1460

mss-value

Description: The max value allowed for the TCP MSS (default: not configured)},

Type: number

Range: 0-1460

uuid

Description: uuid of the object

Type: string

tcp.reset-on-error

Specification
Type object

outbound

Description: ‘disable’: Disable send TCP reset on error;

Type: string

Supported Values: disable

uuid

Description: uuid of the object

Type: string

port-reservation-list

Specification
Type list
Block object keys

inside

Description: Inside User Address and Port Range (Inside User IP address)

Type: string

Format: ipv4-address

inside-port-end

Description: Inside End Port

Type: number

Range: 1-65535

inside-port-start

Description: Inside Start Port

Type: number

Range: 1-65535

nat

Description: NAT IP address

Type: string

Format: ipv4-address

nat-port-end

Description: NAT End Port

Type: number

Range: 1-65535

nat-port-start

Description: NAT Start Port

Type: number

Range: 1-65535

uuid

Description: uuid of the object

Type: string

stun-timeout

Specification
Type object

tcp-list

Description: tcp-list is a JSON List . Please see below for l907_tcp-list

Type: List

Reference Object: /axapi/v3/cgnv6/lsn/stun-timeout/tcp/{port-start}+{port-end}

udp-list

Description: udp-list is a JSON List . Please see below for l907_udp-list

Type: List

Reference Object: /axapi/v3/cgnv6/lsn/stun-timeout/udp/{port-start}+{port-end}

stun-timeout.udp-list

Specification
Type list
Block object keys

port-end

Description: Port Range (Port Range End)

Type: number

Range: 1-65535

port-start

Description: Port Range (Port Range Start)

Type: number

Range: 1-65535

timeout

Description: STUN timeout in minutes (default: 2 minutes)

Type: number

Range: 0-60

uuid

Description: uuid of the object

Type: string

stun-timeout.tcp-list

Specification
Type list
Block object keys

port-end

Description: Port Range (Port Range End)

Type: number

Range: 1-65535

port-start

Description: Port Range (Port Range Start)

Type: number

Range: 1-65535

timeout

Description: STUN timeout in minutes (default: 2 minutes)

Type: number

Range: 0-60

uuid

Description: uuid of the object

Type: string

performance

Specification
Type object

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l907_sampling-enable

Type: List

uuid

Description: uuid of the object

Type: string

performance.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘data-sessions-current-epoch’: data-sessions-current-epoch; ‘fullcone-created-current-epoch’: fullcone-created-current-epoch; ‘user-quote-created-current-epoch’: user-quote-created-current-epoch; ‘data-sessions-previous-epoch-first’: data-sessions-previous-epoch-first; ‘fullcone-created-previous-epoch-first’: fullcone-created-previous-epoch-first; ‘user-quote-created-previous-epoch-first’: user-quote-created-previous-epoch-first; ‘data-sessions-previous-epoch-last’: data-sessions-previous-epoch-last; ‘fullcone-created-previous-epoch-last’: fullcone-created-previous-epoch-last; ‘user-quote-created-previous-epoch-last’: user-quote-created-previous-epoch-last;

Type: string

Supported Values: all, data-sessions-current-epoch, fullcone-created-current-epoch, user-quote-created-current-epoch, data-sessions-previous-epoch-first, fullcone-created-previous-epoch-first, user-quote-created-previous-epoch-first, data-sessions-previous-epoch-last, fullcone-created-previous-epoch-last, user-quote-created-previous-epoch-last

endpoint-independent-filtering

Specification
Type object

tcp

Description: tcp is a JSON Block . Please see below for tcp

Type: Object

Reference Object: /axapi/v3/cgnv6/lsn/endpoint-independent-filtering/tcp

udp

Description: udp is a JSON Block . Please see below for l907_udp

Type: Object

Reference Object: /axapi/v3/cgnv6/lsn/endpoint-independent-filtering/udp

endpoint-independent-filtering.udp

Specification
Type object

port-list

Description: port-list is a JSON List . Please see below for l907_port-list

Type: List

session-limit

Description: Limit number of EIF sessions that can be created per port

Type: number

Range: 1-65535

Default: 65535

uuid

Description: uuid of the object

Type: string

endpoint-independent-filtering.udp.port-list

Specification
Type list
Block object keys

port

Description: Single Destination Port or Port Range Start

Type: number

port-end

Description: Port Range End

Type: number

endpoint-independent-filtering.tcp

Specification
Type object

port-list

Description: port-list is a JSON List . Please see below for l907_port-list

Type: List

session-limit

Description: Limit number of EIF sessions that can be created per port

Type: number

Range: 1-65535

Default: 65535

uuid

Description: uuid of the object

Type: string

endpoint-independent-filtering.tcp.port-list

Specification
Type list
Block object keys

port

Description: Single Destination Port or Port Range Start

Type: number

port-end

Description: Port Range End

Type: number