ip nat

Configure NAT

nat Specification

Type Intermediate Resource
Element Name nat
Element URI /axapi/v3/ip/nat
Element Attributes nat_attributes
Schema nat schema

Operations Allowed:

Operation Method URI Payload

Get Object

GET

/axapi/v3/ip/nat

nat_attributes

nat Attributes

alg

Description: alg is a JSON Block . Please see below for alg

Type: Object

Reference Object: /axapi/v3/ip/nat/alg

icmp

Description: icmp is a JSON Block . Please see below for icmp

Type: Object

Reference Object: /axapi/v3/ip/nat/icmp

inside

Description: inside is a JSON Block . Please see below for inside

Type: Object

Reference Object: /axapi/v3/ip/nat/inside

nat-global

Description: nat-global is a JSON Block . Please see below for nat-global

Type: Object

Reference Object: /axapi/v3/ip/nat/nat-global

pool-group-list

Description: pool-group-list is a JSON List . Please see below for pool-group-list

Type: List

Reference Object: /axapi/v3/ip/nat/pool-group/{pool-group-name}

pool-list

Description: pool-list is a JSON List . Please see below for pool-list

Type: List

Reference Object: /axapi/v3/ip/nat/pool/{pool-name}

range-list-list

Description: range-list-list is a JSON List . Please see below for range-list-list

Type: List

Reference Object: /axapi/v3/ip/nat/range-list/{name}

template

Description: template is a JSON Block . Please see below for template

Type: Object

Reference Object: /axapi/v3/ip/nat/template

translation

Description: translation is a JSON Block . Please see below for translation

Type: Object

Reference Object: /axapi/v3/ip/nat/translation

range-list-list

Specification
Type list
Block object keys

global-netmaskv4

Description: Mask for this Address range

Type: string

Format: ipv4-netmask

global-start-ipv4-addr

Description: Global Start IPv4 Address of this list

Type: string

Format: ipv4-address

global-start-ipv6-addr

Description: Global Start IPv6 Address of this list

Type: string

Format: ipv6-address-plen

local-netmaskv4

Description: Mask for this Address range

Type: string

Format: ipv4-netmask

local-start-ipv4-addr

Description: Local Start IPv4 Address of this list

Type: string

Format: ipv4-address

local-start-ipv6-addr

Description: Local Start IPv6 Address of this list

Type: string

Format: ipv6-address-plen

name

Description: Name for this Static List

Type: string

uuid

Description: uuid of the object

Type: string

v4-count

Description: Number of addresses to be translated in this range

Type: number

Range: 1-200000

v4-vrid

Description: VRRP-A vrid (Specify ha VRRP-A vrid)

Type: number

Range: 1-31

Reference Object: /axapi/v3/vrrp-a/vrid

v6-count

Description: Number of addresses to be translated in this range

Type: number

Range: 1-200000

v6-vrid

Description: VRRP-A vrid (Specify ha VRRP-A vrid)

Type: number

Range: 1-31

Reference Object: /axapi/v3/vrrp-a/vrid

alg

Specification
Type object

pptp

Description: pptp is a JSON Block . Please see below for l556_pptp

Type: Object

Reference Object: /axapi/v3/ip/nat/alg/pptp

alg.pptp

Specification
Type object

pptp

Description: ‘disable’: Disable PPTP NAT ALG; ‘enable’: Enable PPTP NAT ALG;

Type: string

Supported Values: disable, enable

Default: disable

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l556_sampling-enable

Type: List

uuid

Description: uuid of the object

Type: string

alg.pptp.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘current-smp-sessions’: current-smp-sessions; ‘current-gre-sessions’: current-gre-sessions; ‘smp-session-creation-failure’: smp-session-creation-failure; ‘truncated-pns-message’: truncated-pns-message; ‘truncated-pac-message’: truncated-pac-message; ‘mismatched-pns-call-id’: mismatched-pns-call-id; ‘mismatched-pac-call-id’: mismatched-pac-call-id; ‘retransmitted-pns-message’: retransmitted-pns-message; ‘retransmitted-pac-message’: retransmitted-pac-message; ‘truncated-gre-packet’: truncated-gre-packet; ‘unknown-gre-version’: unknown-gre-version; ‘no-matching-gre-session’: no-matching-gre-session;

Type: string

Supported Values: all, current-smp-sessions, current-gre-sessions, smp-session-creation-failure, truncated-pns-message, truncated-pac-message, mismatched-pns-call-id, mismatched-pac-call-id, retransmitted-pns-message, retransmitted-pac-message, truncated-gre-packet, unknown-gre-version, no-matching-gre-session

pool-group-list

Specification
Type list
Block object keys

member-list

Description: member-list is a JSON List . Please see below for l556_member-list

Type: List

Reference Object: /axapi/v3/ip/nat/pool-group/{pool-group-name}/member/{pool-name}

pool-group-name

Description: Specify pool group name

Type: string

Format: string-rlx

user-tag

Description: Customized tag

Type: string

Format: string-rlx

uuid

Description: uuid of the object

Type: string

vrid

Description: Specify VRRP-A vrid (Specify ha VRRP-A vrid)

Type: number

Range: 1-31

Reference Object: /axapi/v3/vrrp-a/vrid

pool-group-list.member-list

Specification
Type list
Block object keys

pool-name

Description: Specify NAT pool name

Type: string

Format: string-rlx

uuid

Description: uuid of the object

Type: string

nat-global

Specification
Type object

sampling-enable

Description: sampling-enable is a JSON List . Please see below for l556_sampling-enable

Type: List

uuid

Description: uuid of the object

Type: string

nat-global.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘cross_cpu_helper_created’: Cross CPU Helper Created; ‘cross_cpu_helper_free’: Cross CPU Helper Free; ‘cross_cpu_sent’: Cross CPU Helper Packets Sent; ‘cross_cpu_rcv’: Cross CPU Helper Packets Received; ‘cross_cpu_helper_nat_pool_standby’: Cross CPU Helper Standby; ‘cross_cpu_helper_cpu_mismatch’: Cross CPU Helper CPU Mismatch; ‘cross_cpu_bad_l3’: Cross CPU Unsupported L3; ‘cross_cpu_bad_l4’: Cross CPU Unsupported L4; ‘cross_cpu_no_session’: Cross CPU No Session Found; ‘cross_cpu_helper_deleted’: Cross CPU Helper Deleted; ‘cross_cpu_helper_free_retry_lookup’: Cross CPU Helper Free Retry Lookup; ‘cross_cpu_helper_free_not_found’: Cross CPU Helper Free Not Found;

Type: string

Supported Values: all, cross_cpu_helper_created, cross_cpu_helper_free, cross_cpu_sent, cross_cpu_rcv, cross_cpu_helper_nat_pool_standby, cross_cpu_helper_cpu_mismatch, cross_cpu_bad_l3, cross_cpu_bad_l4, cross_cpu_no_session, cross_cpu_helper_deleted, cross_cpu_helper_free_retry_lookup, cross_cpu_helper_free_not_found

template

Specification
Type object

logging-list

Description: logging-list is a JSON List . Please see below for l556_logging-list

Type: List

Reference Object: /axapi/v3/ip/nat/template/logging/{name}

template.logging-list

Specification
Type list
Block object keys

facility

Description: ‘kernel’: 0: Kernel; ‘user’: 1: User-level; ‘mail’: 2: Mail; ‘daemon’: 3: System daemons; ‘security-authorization’: 4: Security/authorization; ‘syslog’: 5: Syslog internal; ‘line-printer’: 6: Line printer; ‘news’: 7: Network news; ‘uucp’: 8: UUCP subsystem; ‘cron’: 9: Time-related; ‘security-authorization-private’: 10: Private security/authorization; ‘ftp’: 11: FTP; ‘ntp’: 12: NTP; ‘audit’: 13: Audit; ‘alert’: 14: Alert; ‘clock’: 15: Clock-related; ‘local0’: 16: Local use 0; ‘local1’: 17: Local use 1; ‘local2’: 18: Local use 2; ‘local3’: 19: Local use 3; ‘local4’: 20: Local use 4; ‘local5’: 21: Local use 5; ‘local6’: 22: Local use 6; ‘local7’: 23: Local use 7;

Type: string

Supported Values: kernel, user, mail, daemon, security-authorization, syslog, line-printer, news, uucp, cron, security-authorization-private, ftp, ntp, audit, alert, clock, local0, local1, local2, local3, local4, local5, local6, local7

Default: local0

include-destination

Description: Include the destination IP and port in logs

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

include-rip-rport

Description: Include the IP and port of real server in logs

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

log

Description: log is a JSON Block . Please see below for l556_log

Type: Object

name

Description: NAT logging template name

Type: string

Format: string-rlx

service-group

Description: Set NAT logging service-group

Type: string

Format: string-rlx

Reference Object: /axapi/v3/slb/service-group

severity

Description: severity is a JSON Block . Please see below for l556_severity

Type: Object

source-port

Description: source-port is a JSON Block . Please see below for l556_source-port

Type: Object

user-tag

Description: Customized tag

Type: string

Format: string-rlx

uuid

Description: uuid of the object

Type: string

template.logging-list.severity

Specification
Type object

severity-string

Description: ‘emergency’: 0: Emergency; ‘alert’: 1: Alert; ‘critical’: 2: Critical; ‘error’: 3: Error; ‘warning’: 4: Warning; ‘notice’: 5: Notice; ‘informational’: 6: Informational; ‘debug’: 7: Debug;

Type: string

Supported Values: emergency, alert, critical, error, warning, notice, informational, debug

Default: debug

Mutual Exclusion: severity-string and severity-val are mutually exclusive

severity-val

Description: Logging severity level

Type: number

Range: 0-7

Default: 7

Mutual Exclusion: severity-val and severity-string are mutually exclusive

template.logging-list.log

Specification
Type object

port-mappings

Description: ‘creation’: Log creation of NAT mappgins; ‘disable’: Disable Log creation and deletion of NAT mappings;

Type: string

Supported Values: creation, disable

template.logging-list.source-port

Specification
Type object

any

Description: Use any source port

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: any and source-port-num are mutually exclusive

source-port-num

Description: Set source port for sending NAT syslogs (default: 514)

Type: number

Range: 1-65535

Default: 514

Mutual Exclusion: source-port-num and any are mutually exclusive

translation

Specification
Type object

icmp-timeout

Description: icmp-timeout is a JSON Block . Please see below for l556_icmp-timeout

Type: Object

service-timeout-list

Description: service-timeout-list is a JSON List . Please see below for l556_service-timeout-list

Type: List

Reference Object: /axapi/v3/ip/nat/translation/service-timeout/{service-type}+{port}

tcp-timeout

Description: TCP protocol extended translations (Timeout in seconds (Interval of 60 seconds), default is 300 seconds (5 minutes))

Type: number

Range: 2-15000

Default: 300

udp-timeout

Description: UDP protocol extended translations (Timeout in seconds (Interval of 60 seconds), default is 300 seconds (5 minutes))

Type: number

Range: 2-15000

Default: 300

uuid

Description: uuid of the object

Type: string

translation.service-timeout-list

Specification
Type list
Block object keys

port

Description: Port Number

Type: number

Range: 1-65535

service-type

Description: ‘tcp’: TCP Protocol; ‘udp’: UDP Protocol;

Type: string

Supported Values: tcp, udp

timeout-type

Description: ‘age’: Expiration time; ‘fast’: Use Fast aging;

Type: string

Supported Values: age, fast

timeout-val

Description: Timeout in seconds (Interval of 60 seconds)

Type: number

Range: 2-15000

uuid

Description: uuid of the object

Type: string

translation.icmp-timeout

Specification
Type object

icmp-timeout

Description: ‘age’: Expiration time; ‘fast’: Use Fast aging;

Type: string

Supported Values: age, fast

Default: fast

icmp-timeout-val

Description: Timeout in seconds (Interval of 60 seconds)

Type: number

Range: 2-15000

icmp

Specification
Type object

always-source-nat-errors

Description: Source NAT intermediate routers’ IPs for ICMP errors (default: disabled)

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

respond-to-ping

Description: Respond to ICMP echo requests to NAT pool IPs (default: disabled)

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

uuid

Description: uuid of the object

Type: string

inside

Specification
Type object

source

Description: source is a JSON Block . Please see below for l556_source

Type: Object

Reference Object: /axapi/v3/ip/nat/inside/source

inside.source

Specification
Type object

class-list

Description: class-list is a JSON Block . Please see below for l556_class-list

Type: Object

Reference Object: /axapi/v3/ip/nat/inside/source/class-list

list

Description: list is a JSON Block . Please see below for l556_list

Type: Object

Reference Object: /axapi/v3/ip/nat/inside/source/list

static-list

Description: static-list is a JSON List . Please see below for l556_static-list

Type: List

Reference Object: /axapi/v3/ip/nat/inside/source/static/{src-address}+{nat-address}

inside.source.static-list

Specification
Type list
Block object keys

nat-address

Description: NAT Address

Type: string

Format: ipv4-address

src-address

Description: Original Source Address

Type: string

Format: ipv4-address

uuid

Description: uuid of the object

Type: string

vrid

Description: VRRP-A vrid (Specify ha VRRP-A vrid)

Type: number

Range: 1-31

Reference Object: /axapi/v3/vrrp-a/vrid

inside.source.list

Specification
Type object

acl-id-list-list

Description: acl-id-list-list is a JSON List . Please see below for l556_acl-id-list-list

Type: List

Reference Object: /axapi/v3/ip/nat/inside/source/list/acl-id-list/{acl-id}

acl-name-list-list

Description: acl-name-list-list is a JSON List . Please see below for l556_acl-name-list-list

Type: List

Reference Object: /axapi/v3/ip/nat/inside/source/list/acl-name-list/{name}

inside.source.list.acl-id-list-list

Specification
Type list
Block object keys

acl-id

Description: Acl id

Type: number

Range: 1-199

Reference Object: /axapi/v3/access-list/standard

msl

Description: Maximum Session Life Value

Type: number

Range: 1-1800

pool

Description: Pool or Pool Group (Pool or Pool Group Name)

Type: string

Format: string-rlx

Reference Object: /axapi/v3/ip/nat/pool

uuid

Description: uuid of the object

Type: string

inside.source.list.acl-name-list-list

Specification
Type list
Block object keys

msl

Description: Maximum Session Life Value

Type: number

Range: 1-1800

name

Description: Apply an access list

Type: string

Reference Object: /axapi/v3/ip/access-list

pool

Description: Pool or Pool Group (Pool or Pool Group Nam)

Type: string

Format: string-rlx

Reference Object: /axapi/v3/ip/nat/pool

uuid

Description: uuid of the object

Type: string

inside.source.class-list

Specification
Type object

name

Description: Class List Name

Type: string

uuid

Description: uuid of the object

Type: string

pool-list

Specification
Type list
Block object keys

end-address

Description: Configure end IP address of NAT pool

Type: string

Format: ipv4-address

ethernet

Description: Ethernet interface

Type: number

Format: interface

gateway

Description: Configure gateway IP

Type: string

Format: ipv4-address

ip-rr

Description: Use IP address round-robin behavior

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

netmask

Description: Configure mask for pool

Type: string

Format: ipv4-netmask-brief

pool-name

Description: Specify pool name or pool group

Type: string

Format: string-rlx

scaleout-device-id

Description: Configure Scaleout device id to which this NAT pool is to be bound (Specify Scaleout device id)

Type: number

Range: 1-64

start-address

Description: Configure start IP address of NAT pool

Type: string

Format: ipv4-address

Mutual Exclusion: start-address and use-if-ip are mutually exclusive

use-if-ip

Description: Use Interface IP

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: use-if-ip and start-address are mutually exclusive

uuid

Description: uuid of the object

Type: string

vrid

Description: Configure VRRP-A vrid (Specify ha VRRP-A vrid)

Type: number

Range: 1-31

Reference Object: /axapi/v3/vrrp-a/vrid