Actions
Bug #4255
closed
Outbound NAT needs config upgrade
Status:
Rejected
Priority:
Very High
Assignee:
Category:
Configuration Upgrade
Target version:
-
Start date:
01/20/2015
Due date:
% Done:
0%
Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.2
Affected Architecture:
Description
Outbound NAT configs in 2.1.x and prior use a different XML structure than 2.2, and there isn't any config upgrade code to accommodate.
In 2.1.x and prior you have something like the following:
<nat>
<ipsecpassthru>
<enable/>
</ipsecpassthru>
<advancedoutbound>
<rule>
<source>
<network>192.168.16.0/24</network>
</source>
<dstport>500</dstport>
<descr><![CDATA[Auto created rule for ISAKMP - LAN to WAN]]></descr>
<target/>
<interface>wan</interface>
<destination>
<any/>
</destination>
<staticnatport/>
<created>
<time>1421811789</time>
<username>Manual Outbound NAT Switch</username>
</created>
</rule>
<rule>
<source>
<network>192.168.16.0/24</network>
</source>
<sourceport/>
<descr><![CDATA[Auto created rule for LAN to WAN]]></descr>
<target/>
<interface>wan</interface>
<destination>
<any/>
</destination>
<natport/>
<created>
<time>1421811789</time>
<username>Manual Outbound NAT Switch</username>
</created>
</rule>
</advancedoutbound>
</nat>
In 2.2, it's like the following:
<nat>
<outbound>
<mode>advanced</mode>
<rule>
<interface>wan</interface>
<source>
<network>10.0.0.0/8</network>
</source>
<dstport>500</dstport>
<target/>
<destination>
<any/>
</destination>
<staticnatport/>
<descr><![CDATA[Auto created rule for ISAKMP - LAN to WAN]]></descr>
<created>
<time>1421811727</time>
<username>Manual Outbound NAT Switch</username>
</created>
</rule>
<rule>
<interface>wan</interface>
<source>
<network>10.0.0.0/8</network>
</source>
<sourceport/>
<target/>
<destination>
<any/>
</destination>
<natport/>
<descr><![CDATA[Auto created rule - LAN to WAN]]></descr>
<created>
<time>1421811727</time>
<username>Manual Outbound NAT Switch</username>
</created>
</rule>
</outbound>
</nat>
Updated by 
Updated by
Actions