How to use the fmcapi.AutoNatRules function in fmcapi
To help you get started, we’ve selected a few fmcapi examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
daxm / fmcapi / unit_tests / autonat.py View on Github 
sz1.post()
sz2 = fmcapi.SecurityZones(fmc=fmc, name="SZ-OUTSIDE1")
sz2.post()
# Autonat a network object to a host
autonat1 = fmcapi.AutoNatRules(fmc=fmc)
autonat1.original_network(name="_net_original")
autonat1.translated_network(name="_net_xlate")
autonat1.natType = "STATIC"
# Source and destination interface can be either an interface group or security zone
autonat1.source_intf(name="IG-INSIDE")
autonat1.destination_intf(name="SZ-OUTSIDE1")
autonat1.nat_policy(name=namer)
# Autonat identity nat
autonat2 = fmcapi.AutoNatRules(fmc=fmc)
autonat2.identity_nat(name="_net_identity")
autonat2.source_intf(name="IG-INSIDE")
autonat2.destination_intf(name="SZ-OUTSIDE1")
autonat2.nat_policy(name=namer)
# Autonat nat pool
autonat3 = fmcapi.AutoNatRules(fmc=fmc)
autonat3.original_network(name="_net_original_pool")
autonat3.patPool(name="_net_xlate_pool")
autonat3.source_intf(name="IG-INSIDE")
autonat3.destination_intf(name="SZ-OUTSIDE1")
autonat3.nat_policy(name=namer)
# Autonat interface PAT
autonat4 = fmcapi.AutoNatRules(fmc=fmc)
autonat4.original_network(name="_net_original_intf")autonat1.translated_network(name="_net_xlate")
autonat1.natType = "STATIC"
# Source and destination interface can be either an interface group or security zone
autonat1.source_intf(name="IG-INSIDE")
autonat1.destination_intf(name="SZ-OUTSIDE1")
autonat1.nat_policy(name=namer)
# Autonat identity nat
autonat2 = fmcapi.AutoNatRules(fmc=fmc)
autonat2.identity_nat(name="_net_identity")
autonat2.source_intf(name="IG-INSIDE")
autonat2.destination_intf(name="SZ-OUTSIDE1")
autonat2.nat_policy(name=namer)
# Autonat nat pool
autonat3 = fmcapi.AutoNatRules(fmc=fmc)
autonat3.original_network(name="_net_original_pool")
autonat3.patPool(name="_net_xlate_pool")
autonat3.source_intf(name="IG-INSIDE")
autonat3.destination_intf(name="SZ-OUTSIDE1")
autonat3.nat_policy(name=namer)
# Autonat interface PAT
autonat4 = fmcapi.AutoNatRules(fmc=fmc)
autonat4.original_network(name="_net_original_intf")
autonat4.natType = "DYNAMIC"
autonat4.source_intf(name="IG-INSIDE")
autonat4.destination_intf(name="SZ-OUTSIDE1")
autonat4.nat_policy(name=namer)
autonat4.interfaceInTranslatedNetwork = True
autonat1.post()# Create interface PAT object
obj6 = fmcapi.Networks(fmc=fmc)
obj6.name = "_net_original_intf"
obj6.value = "192.168.1.0/24"
obj6.post()
time.sleep(1)
# Create Security Zones
sz1 = fmcapi.SecurityZones(fmc=fmc, name="IG-INSIDE")
sz1.post()
sz2 = fmcapi.SecurityZones(fmc=fmc, name="SZ-OUTSIDE1")
sz2.post()
# Autonat a network object to a host
autonat1 = fmcapi.AutoNatRules(fmc=fmc)
autonat1.original_network(name="_net_original")
autonat1.translated_network(name="_net_xlate")
autonat1.natType = "STATIC"
# Source and destination interface can be either an interface group or security zone
autonat1.source_intf(name="IG-INSIDE")
autonat1.destination_intf(name="SZ-OUTSIDE1")
autonat1.nat_policy(name=namer)
# Autonat identity nat
autonat2 = fmcapi.AutoNatRules(fmc=fmc)
autonat2.identity_nat(name="_net_identity")
autonat2.source_intf(name="IG-INSIDE")
autonat2.destination_intf(name="SZ-OUTSIDE1")
autonat2.nat_policy(name=namer)
# Autonat nat poolautonat2 = fmcapi.AutoNatRules(fmc=fmc)
autonat2.identity_nat(name="_net_identity")
autonat2.source_intf(name="IG-INSIDE")
autonat2.destination_intf(name="SZ-OUTSIDE1")
autonat2.nat_policy(name=namer)
# Autonat nat pool
autonat3 = fmcapi.AutoNatRules(fmc=fmc)
autonat3.original_network(name="_net_original_pool")
autonat3.patPool(name="_net_xlate_pool")
autonat3.source_intf(name="IG-INSIDE")
autonat3.destination_intf(name="SZ-OUTSIDE1")
autonat3.nat_policy(name=namer)
# Autonat interface PAT
autonat4 = fmcapi.AutoNatRules(fmc=fmc)
autonat4.original_network(name="_net_original_intf")
autonat4.natType = "DYNAMIC"
autonat4.source_intf(name="IG-INSIDE")
autonat4.destination_intf(name="SZ-OUTSIDE1")
autonat4.nat_policy(name=namer)
autonat4.interfaceInTranslatedNetwork = True
autonat1.post()
autonat2.post()
autonat3.post()
autonat4.post()
"""
# Associate a nat policy to a device
# Do not uncomment if you do not have a device registered to FMC
# Use name of device or deviceHAPair as applicableenabled=True,
)
hq_acprule.source_zone(action="add", name=sz_inside.name)
hq_acprule.destination_zone(action="add", name=sz_outside.name)
hq_acprule.source_network(action="add", name=hq_lan.name)
hq_acprule.destination_network(action="add", name="any-ipv4")
# hq_acprule.logBegin = True
# hq_acprule.logEnd = True
hq_acprule.post()
# Build NAT Policy
nat = fmcapi.FTDNatPolicies(fmc=fmc1, name="NAT Policy")
nat.post()
# Build NAT Rule to NAT all_lans to interface outside
autonat = fmcapi.AutoNatRules(fmc=fmc1)
autonat.natType = "DYNAMIC"
autonat.interfaceInTranslatedNetwork = True
autonat.original_network(all_lans.name)
autonat.source_intf(name=sz_inside.name)
autonat.destination_intf(name=sz_outside.name)
autonat.nat_policy(name=nat.name)
autonat.post()
# Build NAT Rule to allow inbound traffic to FMC (Branches need to register to FMC.)
fmc_nat = fmcapi.ManualNatRules(fmc=fmc1)
fmc_nat.natType = "STATIC"
fmc_nat.original_source(hq_fmc.name)
fmc_nat.translated_source(fmc_public.name)
fmc_nat.source_intf(name=sz_inside.name)
fmc_nat.destination_intf(name=sz_outside.name)
fmc_nat.nat_policy(name=nat.name)def create_nat_policies(fmc, nat_list):
"""Create Nat Policies and their rules"""
for natp in nat_list:
policy = fmcapi.FTDNatPolicies(fmc=fmc, name=natp["name"])
policy.post()
# Build nat_rules associated with this nat policy.
if "rules" in natp:
if "auto" in natp["rules"]:
for this_rule in natp["rules"]["auto"]:
autonat = fmcapi.AutoNatRules(fmc=fmc)
if "nat_type" in this_rule:
autonat.natType = this_rule["nat_type"]
if "interface_in_translated_network" in this_rule:
autonat.interfaceInTranslatedNetwork = this_rule[
"interface_in_translated_network"
]
if "original_network" in this_rule:
autonat.original_network(this_rule["original_network"])
if "source_interface" in this_rule:
autonat.source_intf(name=this_rule["source_interface"])
if "destination_interface" in this_rule:
autonat.destination_intf(
name=this_rule["destination_interface"]
)
autonat.nat_policy(name=natp["name"])
autonat.post()fmcapi
Easier interface to Cisco's FMC API than writing your own way.
Package Health Score
74 / 100Popular fmcapi functions
- fmcapi.AccessPolicies
- fmcapi.AccessRules
- fmcapi.api_objects.AccessRules
- fmcapi.api_objects.api_template.APIClassTemplate
- fmcapi.api_objects.APIClassTemplate
- fmcapi.api_objects.apiclasstemplate.APIClassTemplate
- fmcapi.api_objects.device_ha_pair_services.ftddevicehapairs.FTDDeviceHAPairs
- fmcapi.api_objects.device_services.devicerecords.DeviceRecords
- fmcapi.api_objects.object_services.networkaddresses.NetworkAddresses
- fmcapi.api_objects.object_services.networkgroups.NetworkGroups
- fmcapi.api_objects.object_services.securityzones.SecurityZones
- fmcapi.api_objects.policy_services.accesspolicies.AccessPolicies
- fmcapi.AutoNatRules
- fmcapi.Hosts
- fmcapi.IPv4StaticRoutes
- fmcapi.ManualNatRules
- fmcapi.Networks
- fmcapi.PhysicalInterfaces
- fmcapi.ProtocolPortObjects
- fmcapi.SecurityZones