Skip to content

rnat

The following operations can be performed on "rnat":

clear| set| unset| stat| add| rename| bind| unbind| rm| show

clear rnat

p{white-space: pre-wrap;}

Removes an RNAT rule from the Citrix ADC appliance. NOTE: This command is deprecated.Command is Deprecated, Please use "rm rnat <rulename>" command to remove the RNAT rule

Synopsys

Arguments

network

The network address defined for the RNAT entry.

netmask

The subnet mask for the network address.

aclname

An extended ACL defined for the RNAT entry.

td

Integer value that uniquely identifies the traffic domain in which you want to configure the entity. If you do not specify an ID, the entity becomes part of the default traffic domain, which has an ID of 0.

Minimum value: 0

Maximum value: 4094

ownerGroup

The owner node group in a Cluster for this rnat rule.

Default value: DEFAULT_NG

set rnat

p{white-space: pre-wrap;}

Modifies parameters of an RNAT rule.

Synopsys

set rnat [<name>] [-redirectPort <port>] [-td <positive_integer>] [-srcippersistency ( ENABLED | DISABLED )] [-useproxyport ( ENABLED | DISABLED )] [-ownerGroup <string>] [-connfailover ( ENABLED | DISABLED )]

Arguments

name

Name for the RNAT4 rule. Must begin with a letter, number, or the underscore character (_), and can consist of letters, numbers, and the hyphen (-), period (.) pound (#), space ( ), at sign (@), equals (=), colon (:), and underscore characters. Cannot be changed after the rule is created. Choose a name that helps identify the RNAT4 rule.

redirectPort

Port number to which the IPv4 packets are redirected. Applicable to TCP and UDP protocols.

Minimum value: 1

Maximum value: 65535

td

Integer value that uniquely identifies the traffic domain in which you want to configure the entity. If you do not specify an ID, the entity becomes part of the default traffic domain, which has an ID of 0.

Minimum value: 0

Maximum value: 4094

srcippersistency

Enables the Citrix ADC to use the same NAT IP address for all RNAT sessions initiated from a particular server.

Possible values: ENABLED, DISABLED

Default value: DISABLED

useproxyport

Enable source port proxying, which enables the Citrix ADC to use the RNAT ips using proxied source port.

Possible values: ENABLED, DISABLED

Default value: ENABLED

ownerGroup

The owner node group in a Cluster for this rnat rule.

Default value: DEFAULT_NG

connfailover

Synchronize connection information with the secondary appliance in a high availability (HA) pair. That is, synchronize all connection-related information for the RNAT session. In order for this to work, tcpproxy should be DISABLED. To disable tcpproxy use "set rnatparam tcpproxy DISABLED"

Possible values: ENABLED, DISABLED

Default value: DISABLED

unset rnat

p{white-space: pre-wrap;}

Resets the specified parameters of an RNAT rule to their default settings. Refer to the set rnat command for parameter descriptions..Refer to the set rnat command for meanings of the arguments.

Synopsys

unset rnat [<name>] [-td <positive_integer>] [-redirectPort] [-srcippersistency] [-useproxyport] [-connfailover] [-ownerGroup]

stat rnat

p{white-space: pre-wrap;}

Display statistics for rnat sessions.

Synopsys

stat rnat [-detail] [-fullValues] [-ntimes <positive_integer>] [-logFile <input_filename>] [-clearstats ( basic | full )]

Arguments

detail

Specifies detailed output (including more statistics). The output can be quite voluminous. Without this argument, the output will show only a summary.

fullValues

Specifies that numbers and strings should be displayed in their full form. Without this option, long strings are shortened and large numbers are abbreviated

ntimes

The number of times, in intervals of seven seconds, the statistics should be displayed.

Default value: 1

Minimum value: 0

logFile

The name of the log file to be used as input.

clearstats

Clear the statsistics / counters

Possible values: basic, full

Outputs

Bytes Received (rnatRxBytes)

Bytes received during RNAT sessions.

Bytes Sent (rnatTxBytes)

Bytes sent during RNAT sessions.

Packets Received (rnatRxPkts)

Packets received during RNAT sessions.

Packets Sent (rnatTxPkts)

Packets sent during RNAT sessions.

Syn Sent (rnatTxSyn)

Requests for connections sent during RNAT sessions.

Current RNAT sessions (rnatSessions)

Currently active RNAT sessions.

Example

stat rnat

add rnat

p{white-space: pre-wrap;}

Adds a Reverse Network Address Translation (RNAT) rule for IPv4 traffic. When an IPv4 packet generated by a servermatches the conditions specified in the RNAT rule, the appliance replaces the source IPv4 address of the IPv4 packet with a configured NAT IPv4 address before forwarding it to the destination.

Synopsys

add rnat <name> ((<network> [<netmask>]) | (<aclname> [-redirectPort <port>])) [-td <positive_integer>] [-srcippersistency ( ENABLED | DISABLED )] [-useproxyport ( ENABLED | DISABLED )] [-connfailover ( ENABLED | DISABLED )] [-ownerGroup <string>]

Arguments

name

Name for the RNAT4 rule. Must begin with a letter, number, or the underscore character (_), and can consist of letters, numbers, and the hyphen (-), period (.) pound (#), space ( ), at sign (@), equals (=), colon (:), and underscore characters. Cannot be changed after the rule is created. Choose a name that helps identify the RNAT4 rule.

network

IPv4 network address on whose traffic you want the Citrix ADC to do RNAT processing.

netmask

Subnet mask associated with the network address.

aclname

Name of any configured extended ACL whose action is ALLOW. The condition specified in the extended ACL rule isused as the condition for the RNAT rule.

redirectPort

Port number to which the IPv4 packets are redirected. Applicable to TCP and UDP protocols.

Minimum value: 1

Maximum value: 65535

td

Integer value that uniquely identifies the traffic domain in which you want to configure the entity. If you do not specify an ID, the entity becomes part of the default traffic domain, which has an ID of 0.

Minimum value: 0

Maximum value: 4094

srcippersistency

Enable source ip persistency, which enables the Citrix ADC appliance to use the RNAT ips using source ip.

Possible values: ENABLED, DISABLED

Default value: DISABLED

useproxyport

Enable source port proxying, which enables the Citrix ADC appliance to use the RNAT ips using proxied source port.

Possible values: ENABLED, DISABLED

Default value: ENABLED

connfailover

Synchronize connection information with the secondary appliance in a high availability (HA) pair. That is, synchronize all connection-related information for the RNAT session. In order for this to work, tcpproxy should be DISABLED. To disable tcpproxy use "set rnatparam tcpproxy DISABLED"

Possible values: ENABLED, DISABLED

Default value: DISABLED

ownerGroup

The owner node group in a Cluster for this rnat rule.

Default value: DEFAULT_NG

Example

add rnat rnat1 192.168.10.0 255.255.255.0 or add rnat rnat1 acl1

rename rnat

p{white-space: pre-wrap;}

Renames an RNAT rule.

Synopsys

rename rnat <name> <newName>

Arguments

name

Name of the RNAT rule that you want to rename.

newName

New name for the RNAT4 rule. Must begin with an ASCII alphabetic or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters.

Example

rename rnat rnat-rule rnat-rule-new

bind rnat

p{white-space: pre-wrap;}

Binds specified IPv4 NAT IPs to an RNAT rule.

Synopsys

bind rnat <name> <natIP>@ ...

Arguments

name

Name of the RNAT rule to which to bind NAT IPs.

natIP

One or more NATIP addresses to be bound to the RNAT rule.

Example

bind rnat rnat1 1.1.1.[1-2] 2.2.2.1

unbind rnat

p{white-space: pre-wrap;}

Unbinds the associated NAT IP4 address(es) from an RNAT rule.

Synopsys

unbind rnat <name> <natIP>@ ...

Arguments

name

Name of the RNAT rule from which to unbind the associated NAT IP address(es).

natIP

IP address, or multiple NATIP addresses, to be unbound from the RNATrule. (If using the CLI, use spaces to separate multiple addresses.)

Example

unbind rnat rnat1 1.1.1.1 2.2.2.[1-2]

rm rnat

p{white-space: pre-wrap;}

Remove the specified RNAT rule.

Synopsys

rm rnat <name>@ ...

Arguments

name

Name of the RNAT rule entry to be removed from the Citrix ADC appliance.

Example

rm rnat rnat_rule

show rnat

p{white-space: pre-wrap;}

Display the Reverse NAT configuration.

Synopsys

show rnat [<name>]

Arguments

name

Name of the RNAT rule whose details you want to display.

Outputs

network

The network address.

netmask

Subnet mask associated with the network address.

td

Integer value that uniquely identifies the traffic domain in which you want to configure the entity. If you do not specify an ID, the entity becomes part of the default traffic domain, which has an ID of 0.

natIP

Nat IP Address.

aclname

Name of any configured extended ACL whose action is ALLOW. The condition specified in the extended ACL rule isused as the condition for the RNAT rule.

redirectPort

Port number to which the IPv4 packets are redirected. Applicable to TCP and UDP protocols.

srcippersistency

Enables the Citrix ADC to use the same NAT IP address for all RNAT sessions initiated from a particular server.

useproxyport

Enable source port proxying, which enables the Citrix ADC to use the RNAT ips using proxied source port.

cfgflags

This contains the flags for RNAT in DB

ownerGroup

The owner node group in a Cluster for this rnat rule.

connfailover

Synchronize connection information with the secondary appliance in a high availability (HA) pair. That is, synchronize all connection-related information for the RNAT session. In order for this to work, tcpproxy should be DISABLED. To disable tcpproxy use "set rnatparam tcpproxy DISABLED"

stateflag

devno

count