Share via


az network vpn-gateway nat-rule

Note

This reference is part of the virtual-wan extension for the Azure CLI (version 2.55.0 or higher). The extension will automatically install the first time you run an az network vpn-gateway nat-rule command. Learn more about extensions.

Manage site-to-site VPN gateway nat rule.

Commands

Name Description Type Status
az network vpn-gateway nat-rule create

Create a nat rule to a scalable vpn gateway if it doesn't exist else updates the existing nat rules.

Extension GA
az network vpn-gateway nat-rule delete

Delete a nat rule.

Extension GA
az network vpn-gateway nat-rule list

List all nat rules for a particular virtual wan vpn gateway.

Extension GA
az network vpn-gateway nat-rule show

Get the details of a nat ruleGet.

Extension GA
az network vpn-gateway nat-rule update

Update a nat rule to a scalable vpn gateway if it doesn't exist else updates the existing nat rules.

Extension GA
az network vpn-gateway nat-rule wait

Place the CLI in a waiting state until a condition is met.

Extension GA

az network vpn-gateway nat-rule create

Create a nat rule to a scalable vpn gateway if it doesn't exist else updates the existing nat rules.

az network vpn-gateway nat-rule create --gateway-name
                                       --name
                                       --resource-group
                                       [--external-mappings]
                                       [--internal-mappings]
                                       [--ip-config-id]
                                       [--mode {EgressSnat, IngressSnat}]
                                       [--no-wait {0, 1, f, false, n, no, t, true, y, yes}]
                                       [--type {Dynamic, Static}]

Examples

Create a nat rule.

az network vpn-gateway nat-rule create -g MyResourceGroup --gateway-name MyVpnGateway --name MyNatRule --internal-mappings [{"address-space":10.4.0.0/24}] --external-mappings [{"address-space":192.168.21.0/24}] --type Static --mode EgressSnat

Required Parameters

--gateway-name

The name of the gateway.

--name -n

The name of the nat rule.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--external-mappings

The private IP address external mapping for NAT. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

--internal-mappings

The private IP address internal mapping for NAT. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

--ip-config-id

The IP Configuration ID this NAT rule applies to.

--mode

The Source NAT direction of a VPN NAT.

Accepted values: EgressSnat, IngressSnat
--no-wait

Do not wait for the long-running operation to finish.

Accepted values: 0, 1, f, false, n, no, t, true, y, yes
--type

The type of NAT rule for VPN NAT.

Accepted values: Dynamic, Static
Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network vpn-gateway nat-rule delete

Delete a nat rule.

az network vpn-gateway nat-rule delete [--gateway-name]
                                       [--ids]
                                       [--name]
                                       [--no-wait {0, 1, f, false, n, no, t, true, y, yes}]
                                       [--resource-group]
                                       [--subscription]
                                       [--yes]

Examples

Delete a nat rule.

az network vpn-gateway nat-rule delete -g MyResourceGroup --gateway-name MyVpnGateway --name MyNatRule -y

Optional Parameters

--gateway-name

The name of the gateway.

--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

--name -n

The name of the nat rule.

--no-wait

Do not wait for the long-running operation to finish.

Accepted values: 0, 1, f, false, n, no, t, true, y, yes
--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--yes -y

Do not prompt for confirmation.

Default value: False
Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network vpn-gateway nat-rule list

List all nat rules for a particular virtual wan vpn gateway.

az network vpn-gateway nat-rule list --gateway-name
                                     --resource-group
                                     [--max-items]
                                     [--next-token]

Examples

List all nat rules.

az network vpn-gateway nat-rule list -g MyResourceGroup --gateway-name MyVpnGateway

Required Parameters

--gateway-name

The name of the gateway.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--max-items

Total number of items to return in the command's output. If the total number of items available is more than the value specified, a token is provided in the command's output. To resume pagination, provide the token value in --next-token argument of a subsequent command.

--next-token

Token to specify where to start paginating. This is the token value from a previously truncated response.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network vpn-gateway nat-rule show

Get the details of a nat ruleGet.

az network vpn-gateway nat-rule show [--gateway-name]
                                     [--ids]
                                     [--name]
                                     [--resource-group]
                                     [--subscription]

Examples

Get the details of a nat rule.

az network vpn-gateway nat-rule show -g MyResourceGroup --gateway-name MyVpnGateway --name MyNatRule

Optional Parameters

--gateway-name

The name of the gateway.

--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

--name -n

The name of the nat rule.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network vpn-gateway nat-rule update

Update a nat rule to a scalable vpn gateway if it doesn't exist else updates the existing nat rules.

az network vpn-gateway nat-rule update [--add]
                                       [--external-mappings]
                                       [--force-string {0, 1, f, false, n, no, t, true, y, yes}]
                                       [--gateway-name]
                                       [--ids]
                                       [--internal-mappings]
                                       [--ip-config-id]
                                       [--mode {EgressSnat, IngressSnat}]
                                       [--name]
                                       [--no-wait {0, 1, f, false, n, no, t, true, y, yes}]
                                       [--remove]
                                       [--resource-group]
                                       [--set]
                                       [--subscription]
                                       [--type {Dynamic, Static}]

Examples

Update a nat rule.

az network vpn-gateway nat-rule update -g MyResourceGroup --gateway-name MyVpnGateway --name MyNatRule --internal-mappings [{"address-space":10.3.0.0/24}]

Optional Parameters

--add

Add an object to a list of objects by specifying a path and key value pairs. Example: --add property.listProperty <key=value, string or JSON string>.

--external-mappings

The private IP address external mapping for NAT. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

--force-string

When using 'set' or 'add', preserve string literals instead of attempting to convert to JSON.

Accepted values: 0, 1, f, false, n, no, t, true, y, yes
--gateway-name

The name of the gateway.

--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

--internal-mappings

The private IP address internal mapping for NAT. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

--ip-config-id

The IP Configuration ID this NAT rule applies to.

--mode

The Source NAT direction of a VPN NAT.

Accepted values: EgressSnat, IngressSnat
--name -n

The name of the nat rule.

--no-wait

Do not wait for the long-running operation to finish.

Accepted values: 0, 1, f, false, n, no, t, true, y, yes
--remove

Remove a property or an element from a list. Example: --remove property.list <indexToRemove> OR --remove propertyToRemove.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--set

Update an object by specifying a property path and value to set. Example: --set property1.property2=<value>.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--type

The type of NAT rule for VPN NAT.

Accepted values: Dynamic, Static
Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network vpn-gateway nat-rule wait

Place the CLI in a waiting state until a condition is met.

az network vpn-gateway nat-rule wait [--created]
                                     [--custom]
                                     [--deleted]
                                     [--exists]
                                     [--gateway-name]
                                     [--ids]
                                     [--interval]
                                     [--name]
                                     [--resource-group]
                                     [--subscription]
                                     [--timeout]
                                     [--updated]

Optional Parameters

--created

Wait until created with 'provisioningState' at 'Succeeded'.

Default value: False
--custom

Wait until the condition satisfies a custom JMESPath query. E.g. provisioningState!='InProgress', instanceView.statuses[?code=='PowerState/running'].

--deleted

Wait until deleted.

Default value: False
--exists

Wait until the resource exists.

Default value: False
--gateway-name

The name of the gateway.

--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

--interval

Polling interval in seconds.

Default value: 30
--name -n

The name of the nat rule.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--timeout

Maximum wait in seconds.

Default value: 3600
--updated

Wait until updated with provisioningState at 'Succeeded'.

Default value: False
Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.