Cisco Cisco Security Manager 4.11 Guia De Especificaciones
Cisco Security Manager 4.4 API Specification (Version 1.1)
OL- 29074-01
Page 77
3.1.5.8 InterfaceNATDynamicRulesRouterPolicy
An InterfaceNATDynamicRulesRouterPolicy extends from the base BasePolicy class and inherits all its attributes.
An instance of a InterfaceNATDynamicRulesRouterPolicy specifies NAT dynamic rules.
An instance of a InterfaceNATDynamicRulesRouterPolicy specifies NAT dynamic rules.
The InterfaceNATDynamicRulesRouterPolicy can reference an ACL PolicyObject and an InterfaceRole Policy
Object. The base orderId attribute defines the ordering of the dynaimc rules
Object. The base orderId attribute defines the ordering of the dynaimc rules
The following table defines the contents of an InterfaceNATDynamicRulesRouterPolicy:
Element. Sub Element
Type
Comment
trafficFlowAclObjectGID
ObjectIdentifier
References an access control list (ACL) Policy object GID whose
entries define the addresses requiring dynamic translation.
entries define the addresses requiring dynamic translation.
translatedAddress
Complex Type
A complex type element that specifies the method and
address(es) used for dynamic translation. Contains either an
interface role object or address pool. If the interface role policy
object is referenced then the globally registered IP address
assigned to a particular interface will be used as the translated
address.
address(es) used for dynamic translation. Contains either an
interface role object or address pool. If the interface role policy
object is referenced then the globally registered IP address
assigned to a particular interface will be used as the translated
address.
translatedAddress.interfac
eGID
eGID
Object identifier
An ObjectIdentifier ID that references an InterfaceRole Policy
Object.
Object.
translatedAddress.address
Pool
Pool
String
One or more address ranges, including the prefix, using the
format min1-max1/prefix (in CIDR notation), where “prefix”
represents a valid netmask. For example, 172.16.0.0-
172.31.0.223/12.
format min1-max1/prefix (in CIDR notation), where “prefix”
represents a valid netmask. For example, 172.16.0.0-
172.31.0.223/12.
settings
Complex Type
A complex type element that includes optional settings.
settings.enablePortTrans
Boolean
If true, the router uses port addressing (PAT) if supply of global
addresses in the address pool is depleted; when false, PAT is not
used.
addresses in the address pool is depleted; when false, PAT is not
used.
settings.noTransVPN
Boolean
If true, address translation is not performed on VPN traffic.
When false, the router performs address translation on VPN
traffic in cases of overlapping addresses between the NAT ACL
and the crypto ACL.
When false, the router performs address translation on VPN
traffic in cases of overlapping addresses between the NAT ACL
and the crypto ACL.
Table 39: InterfaceNATDynamicRulesRouterPolicy Class Definition