Schema for NAT Configuration

The schema for NAT configuration contains elements to configure NAT rules.

For an example of the data structure for the NAT object, see Example: Request and Response to Get NAT Configuration.

NAT CONFIGURATION

Element

Type

Required

Description

featureType

String

Yes

Identifies the Advanced Networking Services feature

Note

This element is set as "featureType" : "nat". This value is required. Do not change it.

version

Number

Yes

The current version of the NAT configuration

Note

The system will auto-generate a version number for the configuration; do not change it.

enabled

Boolean

Enables NAT configuration

RULES (rules – Array)

ruleId

Number

Yes

NAT rule ID

ruleTag

Number

Tag for tracing NAT rules in the system log

action

String

Yes

Specifies the type of rule:

■

snat

An SNAT rule changes the source IP address and, optionally, port of outgoing packets.

■

dnat

A DNAT rule changes the destination IP address and, optionally, port of inbound packets.

vnic

String

Yes

The interface on which to apply the rule

originalAddress

String

Yes

Destination NAT (DNAT) (outside -> inside)

The destination IP address to which the rule applies

This address is always the public IP address of the edge gateway for which you are configuring the DNAT rule. Specify the required IP address.

Source NAT (SNAT) (inside -> outside)

The original IP address or range of IP addresses to apply to this rule

These addresses are the IP addresses of the virtual machine (or machines) for which you are configuring SNAT so that they can send traffic to the external network.

translatedAddress

String

Yes

Destination NAT (DNAT) (outside -> inside)

The IP address or a range of IP addresses to which destination addresses on inbound packets will be translated

These addresses are the IP addresses of the virtual machine (or machines) for which you are configuring DNAT so that they can receive traffic from the external network.

Source NAT (SNAT) (inside -> outside)

The required IP address

Specifies the IP address to which source addresses (the virtual machines) on outbound packets are translated to when they send traffic to the external network.

This address is always the public IP address of the edge gateway for which you are configuring the SNAT rule.

loggingEnabled

Boolean

Enables logging

enabled

Boolean

Enables the NAT rule

description

String

Description of the NAT rule

protocol

String

Yes

The protocol to which the NAT rule applies

By default, the protocol is set to any.

icmpType

String

ICMP type of the protocol

When you specify ICMP (an error reporting and a diagnostic utility used between devices to communicate error information) in the protocol element, specify the ICMP type. ICMP messages are identified by the “type” field.

By default, the icmpType is set to any.

Setting icmpType is not required unless the protocol is ICMP.

originalPort

String

Destination NAT (DNAT) only (outside -> inside)

The port or port range that the incoming traffic uses on the edge gateway to connect to the internal network on which the virtual machines are connected

translatedPort

String

Destination NAT (DNAT) only (outside -> inside)

The port or port range that traffic connects to on the virtual machines on the internal network