-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathpalo-add-natssh.yaml
37 lines (31 loc) · 1021 Bytes
/
palo-add-natssh.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
# FILENAME
# playbook to create a NAT SSH rulea and to disable a security rule
## DESCRIPTION
# Example playbook that will connect to the firewall using credentials provided saved in either host.yaml or vars.yaml files and set a simple nat rule.
## REQUIREMENTS
# pip install ansible
# ansible-galaxy install PaloAltoNetworks.paloaltonetworks
## EXECUTE
# ansible-playbook palo-add-natssh-delrule.yaml
---
- name: Create NAT SSH rule for 10.0.1.101
hosts: PA-FW-01
gather_facts: false
connection: local
collections:
- paloaltonetworks.panos
tasks:
- name: Create NAT SSH rule for 10.0.1.101
panos_nat_rule:
provider: '{{ provider }}'
rule_name: "Web SSH"
source_zone: ["external"]
destination_zone: "external"
source_ip: ["any"]
destination_ip: ["10.0.0.100"]
service: "TCP-port22"
snat_type: "dynamic-ip-and-port"
snat_interface: "ethernet1/1"
dnat_address: "10.0.1.101"
dnat_port: "22"
...