FTD NAT Policy
Location in GUI:
Devices » NAT
Diagram
Classes
policies (fmc.domains)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| ftd_nat_policies | List | [ftd_nat_policies] | No |
ftd_nat_policies (fmc.domains.policies)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| name | String | Regex: ^[a-zA-Z0-9_ -]{1,64}$ | Yes | |
| description | String | max: 255 | No | |
| ftd_auto_nat_rules | List | [ftd_auto_nat_rules] | No | |
| ftd_manual_nat_rules | List | [ftd_manual_nat_rules] | No |
ftd_auto_nat_rules (fmc.domains.policies.ftd_nat_policies)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| name | String | Regex: ^[a-zA-Z0-9_ -]{1,64}$ | Yes | |
| nat_type | Choice | STATIC, DYNAMIC | Yes | |
| description | String | No | ||
| destination_interface | String | No | ||
| fall_through | Boolean | true, false | No | false |
| ipv6 | Boolean | true, false | No | false |
| net_to_net | Boolean | true, false | No | false |
| no_proxy_arp | Boolean | true, false | No | false |
| original_network | String | No | ||
| original_port | Class | [original_port] | No | |
| pat_options | Class | [pat_options] | No | |
| perform_route_lookup | Boolean | true, false | No | false |
| source_interface | String | No | ||
| translate_dns | Boolean | true, false | No | false |
| translated_network | String | No | ||
| translated_network_is_destination_interface | Boolean | true, false | No | true |
| translated_port | Integer | min: 1, max: 65535 | No |
ftd_manual_nat_rules (fmc.domains.policies.ftd_nat_policies)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| name | String | Regex: ^[a-zA-Z0-9_.+ -]{1,64}$ | Yes | |
| nat_type | Choice | STATIC, DYNAIMC | Yes | |
| original_source | String | No | ||
| description | String | No | ||
| destination_interface | String | No | ||
| enabled | Boolean | true, false | No | true |
| fall_through | Boolean | true, false | No | false |
| interface_in_original_destination | Boolean | true, false | No | false |
| interface_in_translated_source | Boolean | true, false | No | true |
| ipv6 | Boolean | true, false | No | false |
| net_to_net | Boolean | true, false | No | false |
| no_proxy_arp | Boolean | true, false | No | false |
| original_destination | String | No | ||
| original_destination_port | String | No | ||
| original_source_port | String | No | ||
| perform_route_lookup | Boolean | true, false | No | false |
| section | Choice | after_auto, before_auto | No | |
| source_interface | String | No | ||
| target_index | String | No | ||
| translate_dns | Boolean | true, false | No | false |
| translated_destination | String | No | ||
| translated_destination_port | String | No | ||
| translated_source | String | No | ||
| translated_source_port | String | No | ||
| unidirectional | Boolean | true, false | No | false |
original_port (fmc.domains.policies.ftd_nat_policies.ftd_auto_nat_rules)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| port | Integer | Yes | ||
| protocol | Choice | TCP, UDP | Yes |
pat_options (fmc.domains.policies.ftd_nat_policies.ftd_auto_nat_rules)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| extended_pat_table | Boolean | true, false | No | |
| include_reserve_ports | Boolean | true, false | No | |
| interface_pat | Boolean | true, false | No | |
| pat_pool_address | String | No | ||
| round_robin | Boolean | true, false | No |
Examples
fmc:
domains:
- name: Global
policies:
ftd_nat_policies:
- name: MyFTDNatPolicyName1
ftd_auto_nat_rules:
- name: MyAutoNATRule1
nat_type: DYNAMIC
source_interface: inside
destination_interface: outside
original_network: LAN
ftd_manual_nat_rules:
- name: MyManualNATRule1
nat_type: STATIC
original_source: Server_1
source_interface: inside
destination_interface: outside
original_source_port: HTTP
translated_source_port: API-HTTP