Table of Contents
Advertisement
vShield API Programming Guide
Post an SNAT Rule Set
You can post an SNAT rule set for a vShield Edge via REST. The vShield Manager processes the posted XML
file as a complete rule set for the specific vShield Edge. The current rule set is replaced with this new set of
rules.
Example 5-12. Post an SNAT Rule Set on a vShield Edge
Request:
POST <vshield_manager-uri>/api/1.0/network/<portgroup-moid>/snat/rules
<VShieldEdgeConfig>
<NATConfig>
<NATRule>
<externalIpAddress>
<ipAddress>IpOrAny</ipAddress>
or
<IpRange>
</IpRange>
</externalIpAddress>
<internalIpAddress>
<ipAddress>IpOrAny</ipAddress>
or
<IpRange>
</IpRange>
</internalIpAddress>
</NATRule>
</NATConfig>
</VShieldEdgeConfig>
Rules:
You can add multiple SNAT rules by entering multiple <NATRule></NATRule> sections in the body.
<VShieldEdgeConfig>
<NATConfig>
<NATRule>
</NATRule>
<NATRule>
</NATRule>
</NATConfig>
</VShieldEdgeConfig>
Logging is disabled by default. To enable logging, add a <log /> element within <NATRule />.
The externalIpAddress and internalIpAddress parameters can be entered in either of these
methods.
<ipAddress>IpOrAny</ipAddress>
or
<IpRange>
<rangeStart>low_ip_address</rangeStart>
<rangeEnd>high_ip_address</rangeEnd>
</IpRange>
30
<rangeStart>ip_address</rangeStart>
<rangeEnd>ip_address</rangeEnd>
<rangeStart>ip_address</rangeStart>
<rangeEnd>ip_address</rangeEnd>
<internalIpAddress><ipAddress>172.17.1.11</ipAddress></internalIpAddress>
<externalIpAddress><ipAddress>10.112.196.94</ipAddress></externalIpAddress>
<internalIpAddress><ipAddress>172.17.1.12</ipAddress></internalIpAddress>
<externalIpAddress><ipAddress>10.112.196.94</ipAddress></externalIpAddress>
VMware, Inc.
Advertisement
Table of Contents
