Техническое Руководство для Cisco Cisco Security Manager 4.7
Cisco Security Manager 4.4 API Specification (Version 1.1)
OL- 29074-01
Page 81
3.1.5.10
InterfaceNATAddressPoolFirewallPolicy
An InterfaceNATAddressPoolFirewallPolicy extends from the base BasePolicy class and inherits all its attributes.
An instance of an InterfaceNATAddressPoolFirewallPolicy manages the global address pools used in dynamic NAT
rules. This policy is applicable for PIX, FWSM and pre-ASA 8.3.
The following table defines the contents of an InterfaceNATAddressPoolFirewallPolicy:
Element. Sub Element
Type
Comment
interfaceGID
ObjectIdentifier
References a InterfaceRole Policy object GID interface on which
the mapped IP addresses will be used.
the mapped IP addresses will be used.
poolId
unisignedInt
A unique identification number for this address pool, an integer
between 1 and 2147483647. When configuring a dynamic NAT
rule, the Pool ID is used to specify the pool of addresses to be
used for translation
between 1 and 2147483647. When configuring a dynamic NAT
rule, the Pool ID is used to specify the pool of addresses to be
used for translation
ipAddressRange
Complex Type
A complex type element containing the address(es) to be
assigned to this address pool. The address can contain a
combination of literal IPv4 addresses and/or reference to network
policy objects.
assigned to this address pool. The address can contain a
combination of literal IPv4 addresses and/or reference to network
policy objects.
ipAddressRange.ipv4Da
ta
ta
String
A literal IP Address.
ipAddressRange.
networkObjectGIDs
networkObjectGIDs
Object identifier
An ObjectIdentifier ID that references a Network Policy Object.
interfaceKeyword
String
If the “interface” keyword is specified it means port address
translation is enabled on the specified interface.
translation is enabled on the specified interface.
Table 41: InterfaceNATAddressPoolFirewallPolicy Class Definition
Figure 43: InterfaceNATAddressPoolFirewallPolicy XML Schema
<xs:complexType
name
="
InterfaceNATAddressPoolFirewallPolicy
">
<xs:complexContent>
<xs:extension
base
="
BasePolicy
">
<xs:sequence>
<xs:element
name
="
interfaceGID
"
type
="
ObjectIdentifier
"
minOccurs
="
1
"
maxOccurs
="
1
"/>
<xs:element
name
="
poolId
"
type
="
xs:unsignedInt
"
minOccurs
="
1
"
maxOccurs
="
1
"/>
<xs:element
name
="
ipAddressRange
"
type
="
NetworkObjectsRefs
"
minOccurs
="
0
"
maxOccurs
="
1
"/>
<xs:element
name
="
interfaceKeyword
"
type
="
xs:string
"
fixed
="
interface
"
minOccurs
="
0
"
maxOccurs
="
1
"/>
</xs:sequence>
</xs:extension>
</xs:complexContent>
</xs:complexType>