Cisco Cisco Security Manager 4.7 ユーザーガイド
Cisco Security Manager 4.7 API Specification (Version 2.0)
OL- 32164-01
Page 86
3.1.5.12
DeviceNATTransOptionsFirewallPolicy
A DeviceNATTransOptionsFirewallPolicy extends from the base BasePolicy class and inherits all its attributes. An
instance of a DeviceNATTransOptionsFirewallPolicy manages the options that affect network address translation
for the selected security appliance. These settings apply to all interfaces on the device.
instance of a DeviceNATTransOptionsFirewallPolicy manages the options that affect network address translation
for the selected security appliance. These settings apply to all interfaces on the device.
This policy is applicable for PIX, FWSM and ASA.
The following table defines the contents of a DeviceNATTransOptionsFirewallPolicy:
Element. Sub Element
Type
Comment
isEnableTrafficWithout
Trans
Trans
boolean
It true, lets traffic pass through the security appliance without
address translation. If this option is false, any traffic that does not
match a translation rule will be dropped.
address translation. If this option is false, any traffic that does not
match a translation rule will be dropped.
Note This option is available only on PIX 7.x, FWSM 3.x,
and ASA devices.
isXlateByPass
boolean
If true, NAT session for imtranslated traffic are disabled.
Note This option is available only on FWSM 3.2 and higher
Table 43: DeviceNATTransOptionsFirewallPolicy Class Definition
Figure 45: DeviceNATTransOptionsFirewallPolicy XML Schema
<xs:complexType
name
="DeviceNATTransOptionsFirewallPolicy">
<xs:complexContent>
<xs:extension
base
="
BasePolicy
">
<xs:sequence>
<xs:element
name
="isEnableTrafficWithoutTrans"
type
="xs:boolean"
minOccurs
="0"
maxOccurs
="1"/>
<xs:element
name
="isXlateByPass"
type
="xs:boolean"
minOccurs
="0"
maxOccurs
="1"/>
</xs:sequence>
</xs:extension>
</xs:complexContent>
</xs:complexType>