Cisco Cisco Security Manager 4.7 Guia De Especificaciones
Cisco Security Manager 4.4 API Specification (Version 1.1)
OL- 29074-01
Page 90
3.1.5.15
InterfaceNATStaticRulesFirewallPolicy
An InterfaceNATStaticRulesFirewallPolicy extends from the base BasePolicy class and inherits all its attributes. An
instance of an InterfaceNATStaticRulesFirewallPolicy specifies static translation rules for a security appliance.
Rules are evaluated sequentially in the order listed.
This policy is applicable for PIX, FWSM and pre-ASA 8.3.
The following table defines the contents of an InterfaceNATStaticRulesFirewallPolicy:
Element. Sub Element
Type
Comment
isRuleEnabled
boolean
If true, the rule is enabled and false indicates that the rule is
disabled.
disabled.
translationType
Enumeration
Type of translation for the rule - “NAT” or “PAT”.
realInterfaceGID
ObjectIdentifier
Maps to the the device interface role policy object to which the
rule applies.
rule applies.
mappedInterfaceGID
Object
identifier
Maps to the interface role policy object interface on which the
translated addresses are to be used.
translated addresses are to be used.
original
Complex Type
Complex type containing IP addresses for the source hosts and
network objects to which the rule applies. Can contain multiple
literal IP addresses and/or reference to network policy objects
network objects to which the rule applies. Can contain multiple
literal IP addresses and/or reference to network policy objects
original.ipv4Data
String
A literal IP Address.
original.
networkObjectGIDs
networkObjectGIDs
Object
identifier
identifier
An ObjectIdentifier ID that references a Network Policy Object.
translated
Complex Type
A complex type element containing the translated addresses.
translated.ipv4Data
String
A literal IP address.
translated.
networkObjectGID
networkObjectGID
Object
identifier
identifier
An ObjectIdentifier ID that references a Network Policy Object.
translated.interfaceKeyword
String
A value of “interface” specifies that this keyword is present in the
NAT rule
NAT rule
policyNAT
Complex Type
Complex Type containing Policy NAT details only if Policy
NAT is enabled for this rule
NAT is enabled for this rule
policyNAT.destAddress
Complex Type
Complex Type containing the destination addresses.
policyNAT.destAddress.ipv
4Data
4Data
String
A literal IP Address.
policyNAT.destAddress.
networkObjectGIDs
networkObjectGIDs
Object
identifier
identifier
An ObjectIdentifier ID that references a Network Policy Object.
policyNAT.services
Complex Type
Complex Type that specifies the services to which the rule
applies. This can be a combination of service information in the
format protocol/source-port/destination-port and/or references to
Service Policy object
applies. This can be a combination of service information in the
format protocol/source-port/destination-port and/or references to
Service Policy object