Create NAT Policy Rule (v2.0)
POST/sdwan/v2.0/api/natpolicysets/:nat_policy_set_id/natpolicyrules
Create a new NAT policy rule.
Request
Path Parameters
ID of the NAT policy set.
- application/json
Body
Details of NAT Policy Rule to be created
- Array [
- ]
- Array [
- ]
- Array [
- ]
- Array [
- ]
actions NATAction[]required
The actions for the configured NAT policy rule/set. A maximum 4 actions can be specified in a NAT policy rule/set.
The ID of the the NAT pool used in policy rules and bound to interfaces.
The port range of the action in the NAT policy rule.
The protocol of the action for the NAT policy rule. Supports max 4 protocols.
Possible values: [NO_NAT
, SOURCE_NAT_DYNAMIC
, SOURCE_NAT_STATIC
, DESTINATION_NAT_DYNAMIC
, DESTINATION_NAT_STATIC
, ALG_DISABLE
]
The type of action for NAT policy.
The description of the NAT policy rule/set. Max size = 256.
destination_ports PortRange[]
The start and end port for Port Ranges. A maximum of 16 port ranges is allowed, and port ranges can only be added for TCP or UDP protocols.
The start port of the destination/source port range.
The end port of the destination/source port range.
destination_prefixes BasePolicyPrefixS
Lists the details of the destination prefixes.
The description for the source/destination prefixes.
The ID of the source/destination prefix.
Lists the IP prefixes.
Ipv6 Prefixes
The name of the source/destination prefix.
A information field that can be added to identify the source/destination prefix.
The ID of the destination prefix.
destination_zone NATPolicyZone
List the details of the destination zone.
The default source/destination zone for public interfaces.
The description for the source/destination zone. Max size = 128.
Lists if the source/destination zone set is disabled.
Reason the source/destination zone is disabled.
The ID of the source/destination zone.
Lists if the source/destination zone is inactive.
Reason the source/destination zone is inactive.
The name of the source/destination zone.
The region of the site.
A information field that can be added to identify the source/destination zone.
The ID of the destination zone. Destination zone is based on the direction of the traffic with respect to the ION device.
Lists if the NAT policy rule/set is disabled.
Reason the NAT policy rule/set is disabled.
Lists if the NAT policy rule/set is enabled.
The ID of the policy rule/set.
Lists if the NAT policy rule/set is inactive.
Reason the NAT policy rule/set is inactive.
The name of the NAT policy rule/set.
natpolicypools NATPolicyPool[]
Lists the details of the NAT policy pools.
The description for the NAT policy pool. Max size = 256.
The ID of the NAT policy pool.
The name of the NAT policy pool. Max size = 128.
A information field that can be added to identify the NAT policy pool. Maximum 10 unique tags of length 1024 each are allowed.
The ID of the NAT policy set. NAT policy sets contain policy rules and are a part of NAT policy set stacks.
The protocol for the NAT policy set. TCP or UDP.
Region
source_ports PortRange[]
List the details of the source port range. A maximum of 16 port ranges are allowed, and port ranges can only be added for TCP or UDP protocols.
The start port of the destination/source port range.
The end port of the destination/source port range.
source_prefixes BasePolicyPrefixS
List the details of the source prefixes.
The description for the source/destination prefixes.
The ID of the source/destination prefix.
Lists the IP prefixes.
Ipv6 Prefixes
The name of the source/destination prefix.
A information field that can be added to identify the source/destination prefix.
The ID of the source prefixes.
source_zone NATPolicyZone
Lists the details of the source zone used in policy rules and bound to interfaces.
The default source/destination zone for public interfaces.
The description for the source/destination zone. Max size = 128.
Lists if the source/destination zone set is disabled.
Reason the source/destination zone is disabled.
The ID of the source/destination zone.
Lists if the source/destination zone is inactive.
Reason the source/destination zone is inactive.
The name of the source/destination zone.
The region of the site.
A information field that can be added to identify the source/destination zone.
The ID of the NAT policy source zone. Source zones identify traffic that is sourced from a zone.
A information field that can be added to identify the NAT policy rule/set. Maximum 10 unique tags of length 1024 each are allowed.
Responses
- 200
- 400
Successful Operation
- application/json
- Schema
- Example (from schema)
Schema
- Array [
- ]
- Array [
- ]
- Array [
- ]
- Array [
- ]
actions NATAction[]required
The actions for the configured NAT policy rule/set. A maximum 4 actions can be specified in a NAT policy rule/set.
The ID of the the NAT pool used in policy rules and bound to interfaces.
The port range of the action in the NAT policy rule.
The protocol of the action for the NAT policy rule. Supports max 4 protocols.
Possible values: [NO_NAT
, SOURCE_NAT_DYNAMIC
, SOURCE_NAT_STATIC
, DESTINATION_NAT_DYNAMIC
, DESTINATION_NAT_STATIC
, ALG_DISABLE
]
The type of action for NAT policy.
The description of the NAT policy rule/set. Max size = 256.
destination_ports PortRange[]
The start and end port for Port Ranges. A maximum of 16 port ranges is allowed, and port ranges can only be added for TCP or UDP protocols.
The start port of the destination/source port range.
The end port of the destination/source port range.
destination_prefixes BasePolicyPrefixS
Lists the details of the destination prefixes.
The description for the source/destination prefixes.
The ID of the source/destination prefix.
Lists the IP prefixes.
Ipv6 Prefixes
The name of the source/destination prefix.
A information field that can be added to identify the source/destination prefix.
The ID of the destination prefix.
destination_zone NATPolicyZone
List the details of the destination zone.
The default source/destination zone for public interfaces.
The description for the source/destination zone. Max size = 128.
Lists if the source/destination zone set is disabled.
Reason the source/destination zone is disabled.
The ID of the source/destination zone.
Lists if the source/destination zone is inactive.
Reason the source/destination zone is inactive.
The name of the source/destination zone.
The region of the site.
A information field that can be added to identify the source/destination zone.
The ID of the destination zone. Destination zone is based on the direction of the traffic with respect to the ION device.
Lists if the NAT policy rule/set is disabled.
Reason the NAT policy rule/set is disabled.
Lists if the NAT policy rule/set is enabled.
The ID of the policy rule/set.
Lists if the NAT policy rule/set is inactive.
Reason the NAT policy rule/set is inactive.
The name of the NAT policy rule/set.
natpolicypools NATPolicyPool[]
Lists the details of the NAT policy pools.
The description for the NAT policy pool. Max size = 256.
The ID of the NAT policy pool.
The name of the NAT policy pool. Max size = 128.
A information field that can be added to identify the NAT policy pool. Maximum 10 unique tags of length 1024 each are allowed.
The ID of the NAT policy set. NAT policy sets contain policy rules and are a part of NAT policy set stacks.
The protocol for the NAT policy set. TCP or UDP.
Region
source_ports PortRange[]
List the details of the source port range. A maximum of 16 port ranges are allowed, and port ranges can only be added for TCP or UDP protocols.
The start port of the destination/source port range.
The end port of the destination/source port range.
source_prefixes BasePolicyPrefixS
List the details of the source prefixes.
The description for the source/destination prefixes.
The ID of the source/destination prefix.
Lists the IP prefixes.
Ipv6 Prefixes
The name of the source/destination prefix.
A information field that can be added to identify the source/destination prefix.
The ID of the source prefixes.
source_zone NATPolicyZone
Lists the details of the source zone used in policy rules and bound to interfaces.
The default source/destination zone for public interfaces.
The description for the source/destination zone. Max size = 128.
Lists if the source/destination zone set is disabled.
Reason the source/destination zone is disabled.
The ID of the source/destination zone.
Lists if the source/destination zone is inactive.
Reason the source/destination zone is inactive.
The name of the source/destination zone.
The region of the site.
A information field that can be added to identify the source/destination zone.
The ID of the NAT policy source zone. Source zones identify traffic that is sourced from a zone.
A information field that can be added to identify the NAT policy rule/set. Maximum 10 unique tags of length 1024 each are allowed.
{
"actions": [
{
"nat_pool_id": "string",
"port": 0,
"protocols": [
"string"
],
"type": "NO_NAT"
}
],
"destination_ports": [
{
"from": 0,
"to": 0
}
],
"destination_prefixes": {
"id": "string",
"ipv4_prefixes": [
"string"
],
"ipv6_prefixes": [
"string"
],
"name": "string",
"tags": [
"string"
]
},
"destination_prefixes_id": "string",
"destination_zone": {
"default_for_public_interfaces": true,
"disabled": true,
"disabled_reason": "string",
"id": "string",
"inactive": true,
"inactive_reason": "string",
"name": "string",
"region": "string",
"tags": [
"string"
]
},
"destination_zone_id": "string",
"disabled": true,
"disabled_reason": "string",
"enabled": true,
"id": "string",
"inactive": true,
"inactive_reason": "string",
"name": "string",
"natpolicypools": [
{
"id": "string",
"name": "string",
"tags": [
"string"
]
}
],
"policyset_id": "string",
"protocol": 0,
"region": "string",
"source_ports": [
{
"from": 0,
"to": 0
}
],
"source_prefixes": {
"id": "string",
"ipv4_prefixes": [
"string"
],
"ipv6_prefixes": [
"string"
],
"name": "string",
"tags": [
"string"
]
},
"source_prefixes_id": "string",
"source_zone": {
"default_for_public_interfaces": true,
"disabled": true,
"disabled_reason": "string",
"id": "string",
"inactive": true,
"inactive_reason": "string",
"name": "string",
"region": "string",
"tags": [
"string"
]
},
"source_zone_id": "string",
"tags": [
"string"
]
}
Bad Request
- application/json
- Schema
- Example (from schema)
- Example
Schema
- Array [
- ]
_error ErrorResponse[]
The error code.
The error message.
{
"_error": [
{
"code": "string",
"message": "string"
}
]
}
{
"value": {
"_error": [
{
"code": "INVALID_REQUEST_DUPLICATE_KEY"
},
{
"code": "NAT_POLICY_SET_NOT_PRESENT"
},
{
"code": "INVALID_JSON_EXTRA_ATTRIBUTE"
},
{
"code": "NAT_POLICY_RULE_INVALID"
},
{
"code": "NAT_POLICY_RULE_NAME_REQD"
},
{
"code": "NAT_POLICY_RULE_NAME_EXCEEDS_LIMIT"
},
{
"code": "NAT_POLICY_RULE_DESCRIPTION_EXCEEDS_LIMIT"
},
{
"code": "NAT_RULE_INVALID_PROTOCOL"
},
{
"code": "NAT_RULE_SOURCE_PORTS_EXCEEDS_LIMIT"
},
{
"code": "NAT_RULE_INVALID_SOURCE_ZONE_ID"
},
{
"code": "NAT_RULE_INVALID_DESTINATION_ZONE_ID"
},
{
"code": "NAT_RULE_INVALID_DESTINATION_PREFIXES_ID"
},
{
"code": "NAT_RULE_DESTINATION_PORTS_EXCEEDS_LIMIT"
},
{
"code": "NAT_RULE_ACTIONS_MISSING"
},
{
"code": "NAT_RULE_INVALID_SOURCE_PREFIXES_ID"
},
{
"code": "NAT_RULE_INVALID_ACTION_LIMIT"
}
]
}
}