Policy > Networking > Network Services > NAT > Rules > Tier-0 Gateways

Create or update NAT Rule

Create or update NAT Rule on Tier-0 denoted by Tier-0 ID, under NAT section
denoted by <nat-id>.
Under tier-0 there will be 3 different NATs(sections).
(INTERNAL, USER and DEFAULT)
For more details related to NAT section please refer to PolicyNAT schema.
Note:
IPSecVpnSession as Scope: Please note that old IPSecVpnSession policy path deprecated. If user specifiy old IPSecVpnSession path in the
scope property in the PUT API, the path returned in the PUT/GET response payload will be a new path instead of the deprecated IPSecVpnSession path
Both old and new IPSecVpnSession path refer to same resource. there is no functional impact.
This API is available when using VMware Cloud (AWS, Dell-EMC, Outpost, Hyperscalers) or VMware NSX.

Request:

Method:
PUT
URI Path(s):
/policy/api/v1/infra/tier-0s/{tier-0-id}/nat/{nat-id}/nat-rules/{nat-rule-id}
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PolicyNatRule+

Example Request:

PUT https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_provider-demo/nat/USER/nat-rules/MyNATRuleDemo { "display_name" : "MyNATRuleDemo", "description" : "Example of a NAT rule", "action" : "DNAT", "destination_network" : "10.117.5.19", "service": "/infra/services/AD_Server", "translated_network" : "192.168.1.1", "translated_ports" : "80-82", "sequence_number" : 10, "scope" : ["infra/tier-0s/provider1/local-services/localService1/interfaces/internet"], "enabled": true, "logging" : false, "firewall_match" : "MATCH_EXTERNAL_ADDRESS", "_revision" : 0 }

Successful Response:

Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyNatRule+

Example Response:

{ "resource_type": "PolicyNatRule", "description": "Example of a NAT rule", "id": "MyNATRuleDemo", "display_name": "MyNATRuleDemo", "path": "/infra/tier-0s/vmc_provider-demo/nat/USER/nat-rules/MyNATRuleDemo", "parent_path": "/infra/tier-0s/vmc_provider-demo/nat/USER", "relative_path": "MyNATRuleDemo", "sequence_number": 10, "service": "/infra/services/AD_Server", "scope": [ "infra/tier-0s/provider1/local-services/localService1/interfaces/internet" ], "action": "DNAT", "translated_ports": "80-82", "destination_network": "10.117.5.19", "translated_network": "192.168.1.1", "enabled" : true, "logging" : false, "firewall_match" : "MATCH_EXTERNAL_ADDRESS", "_create_user": "admin", "_create_time": 1516181809835, "_last_modified_user": "admin", "_last_modified_time": 1516181809835, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 }

Required Permissions:

crud

Feature:

policy_nat_rules

Additional Errors: