XLAB Steampunk logo Try Spotter
 / home / ansible / ansible.builtin / v2.3.3.0-1 / module / panos_nat_policy

ansible.builtin.panos_nat_policy (v2.3.3.0-1) — module

create a policy NAT rule

| "added in version" 2.3 of ansible.builtin"

Authors: Luigi Mori (@jtschichold), Ivan Bojer (@ivanbojer)

preview | supported by community

Install Ansible via pip | Description | Requirements | Usage examples | Inputs

Install Ansible via pip

Install with pip install ansible==2.3.3.0.post1

Description

Create a policy nat rule. Keep in mind that we can either end up configuring source NAT, destination NAT, or both. Instead of splitting it into two we will make a fair attempt to determine which one the user wants.


Requirements

Usage examples

Scanned by Steampunk Spotter
  • Success
    Steampunk Spotter scan finished with no errors, warnings or hints.
# Create a source and destination nat rule
  - name: create nat SSH221 rule for 10.0.1.101
    panos_nat:
      ip_address: "192.168.1.1"
      password: "admin"
      rule_name: "Web SSH"
      from_zone: ["external"]
      to_zone: "external"
      source: ["any"]
      destination: ["10.0.0.100"]
      service: "service-tcp-221"
      snat_type: "dynamic-ip-and-port"
      snat_interface: "ethernet1/2"
      dnat_address: "10.0.1.101"
      dnat_port: "22"
      commit: False

Inputs

    
commit:
    default: true
    description:
    - commit if changed
    required: false

source:
    default:
    - any
    description:
    - list of source addresses
    required: false

service:
    default: any
    description:
    - service
    required: false

to_zone:
    description:
    - destination zone
    required: true

override:
    default: 'false'
    description:
    - attempt to override rule if one with the same name already exists
    required: false

password:
    description:
    - password for authentication
    required: true

username:
    default: admin
    description:
    - username for authentication
    required: false

dnat_port:
    default: None
    description:
    - dnat translated port
    required: false

from_zone:
    description:
    - list of source zones
    required: true

rule_name:
    description:
    - name of the SNAT rule
    required: true

snat_type:
    default: None
    description:
    - type of source translation
    required: false

ip_address:
    description:
    - IP address (or hostname) of PAN-OS device
    required: true

destination:
    default:
    - any
    description:
    - list of destination addresses
    required: false

dnat_address:
    default: None
    description:
    - dnat translated address
    required: false

snat_address:
    default: None
    description:
    - snat translated address
    required: false

snat_interface:
    default: None
    description:
    - snat interface
    required: false

snat_bidirectional:
    default: 'false'
    description:
    - bidirectional flag
    required: false

snat_interface_address:
    default: None
    description:
    - snat interface address
    required: false
Got feedback? steampunk@xlab.si | © 2024. All rights reserved.
Cookie policy-Privacy policy-Terms of use-Security policy