New in version 2.3.
- pan-python
parameter | required | default | choices | comments |
---|---|---|---|---|
commit |
no | True | commit if changed | |
destination |
no | [u'any'] | list of destination addresses | |
dnat_address |
no | None | dnat translated address | |
dnat_port |
no | None | dnat translated port | |
from_zone |
yes | list of source zones | ||
ip_address |
yes | IP address (or hostname) of PAN-OS device | ||
override |
no | false | attempt to override rule if one with the same name already exists | |
password |
yes | password for authentication | ||
rule_name |
yes | name of the SNAT rule | ||
service |
no | any | service | |
snat_address |
no | None | snat translated address | |
snat_bidirectional |
no | false | bidirectional flag | |
snat_interface |
no | None | snat interface | |
snat_interface_address |
no | None | snat interface address | |
snat_type |
no | None | type of source translation | |
source |
no | [u'any'] | list of source addresses | |
to_zone |
yes | destination zone | ||
username |
no | admin | username for authentication |
# Create a source and destination nat rule - name: create nat SSH221 rule for 10.0.1.101 panos_nat: ip_address: "192.168.1.1" password: "admin" rule_name: "Web SSH" from_zone: ["external"] to_zone: "external" source: ["any"] destination: ["10.0.0.100"] service: "service-tcp-221" snat_type: "dynamic-ip-and-port" snat_interface: "ethernet1/2" dnat_address: "10.0.1.101" dnat_port: "22" commit: False
This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.
This module is community maintained without core committer oversight.
For more information on what this means please read Module Support
For help in developing on modules, should you be so inclined, please read Community Information & Contributing, Helping Testing PRs and Developing Modules.