New in version 2.4.
The below requirements are needed on the host that executes this module.
Parameter | Choices/Defaults | Comments |
---|---|---|
api_key | API key that can be used instead of username/password credentials. | |
commit bool |
| Commit configuration if changed. |
destination_ip | Default: [u'any'] | list of destination addresses |
destination_zone required | destination zone | |
dnat_address | dnat translated address | |
dnat_port | dnat translated port | |
ip_address required | IP address (or hostname) of PAN-OS device being configured. | |
operation | The action to be taken. Supported values are add/update/find/delete. | |
password required | Password credentials to use for auth unless api_key is set. | |
rule_name required | name of the SNAT rule | |
service | Default: any | service |
snat_address_type | Default: translated-address | type of source translation. Supported values are translated-address/translated-address. |
snat_bidirectional bool |
| bidirectional flag |
snat_dynamic_address | Source NAT translated address. Used with Dynamic-IP and Dynamic-IP-and-Port. | |
snat_interface | snat interface | |
snat_interface_address | snat interface address | |
snat_static_address | Source NAT translated address. Used with Static-IP translation. | |
snat_type | type of source translation | |
source_ip | Default: [u'any'] | list of source addresses |
source_zone required | list of source zones | |
username | Default: admin | Username credentials to use for auth unless api_key is set. |
Note
# Create a source and destination nat rule - name: Create NAT SSH rule for 10.0.1.101 panos_nat_rule: ip_address: '{{ ip_address }}' username: '{{ username }}' password: '{{ password }}' rule_name: "Web SSH" source_zone: ["external"] destination_zone: "external" source: ["any"] destination: ["10.0.0.100"] service: "service-tcp-221" snat_type: "dynamic-ip-and-port" snat_interface: "ethernet1/2" dnat_address: "10.0.1.101" dnat_port: "22"
This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.
This module is flagged as community which means that it is maintained by the Ansible Community. See Module Maintenance & Support for more info.
For a list of other modules that are also maintained by the Ansible Community, see here.
Hint
If you notice any issues in this documentation you can edit this document to improve it.
© 2012–2018 Michael DeHaan
© 2018 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.7/modules/panos_nat_rule_module.html