UTM: How to enable or disable a NAT policy from the Command Line Interface (CLI) (SW8823)

  • Title

    UTM: How to enable or disable a NAT policy from the Command Line Interface (CLI)
  • Resolution

    Article Applies To: 

    Gen5: NSA E8510, E8500, E7500, NSA E6500, NSA E5500, NSA 5000, NSA 4500, NSA 3500, NSA 2400, NSA 240
    Gen4: PRO series: PRO 5060, PRO 4100, PRO 4060, PRO 3060, PRO 2040, PRO 1260
    TZ series: TZ210, TZ210 Wireless, TZ 200, TZ 200W, TZ 100, TZ 100W, TZ 190, 

    Firmware versions: All Gen5 and Gen4 firmware versions (SonicOS Enhanced)

    Please Note: This article applies to firmware version prior to SonicOS 


    How to enable or disable a NAT policy from the Command Line Interface (CLI).


    For this example, A Nat Policy for a FTP server will be used as shown in the screenshot below.


    Also, verify on the Sonicwall Network > Interface page that SSH is enable for the WAN interface; click the configure button to see the Interface configuration page as shown below.


    To connect to the Sonicwall’s CLI, connect the console cable to Sonicwall and a PC.

    Open a Terminal Emulation Software like HyperTerminal or Putty.

    Configure the following parameters to login to the Sonicwall CLI:

    o    Bit per second: 115200

    o    Data bits: 8

    o    Parity: None

    o    Stop bits: 1

    o    Flow control: None

    On the CLI page, login to the Sonicwall.


    To Disable the Nat Policy, Enter the following commands:

    ·         Configure

    ·         Nat

    ·         Show nat                             (to see policies and get number for the policy to disable/enable)



    ·         Modify  #                             (to modify policy 14 enter  “modify 14”)


    Just enabling or disabling the nat policy will not work, you have to make a change to it and then enable or disable it. For Example change the inbound-interface. 

    ·         Inbound-interface  any

    ·         No Enable                           disables NAT Policy

    ·         End                                     saves the changes and exits.

    ·         Show nat                             verifies policy is disabled


    To Enable the Nat Policy, edit the inbound-interface and then use the enable command.

    ·         Inbound-interface  “X1”

    ·         Enable                                                   To re-enable NAT

    ·      End



  • Key Words


Feedback submitted.

Did this article help?

[Select Rating]

Thank you for your rating!


Request or Create a KB Article »

SonicWALL NSA Series
4500, 3500, 2400, 240
SonicWALL E-Class NSA Series
E8510, E8500, E7500, E6500, E5500
SonicWALL TZ Series
210W, 210, 200W, 200, 100W, 100
SonicWALL PRO Series
5060, 4100, 4060, 3060, 2040, 1260
TZ Series

Technical Solutions

Article History:
Created on: 4/22/2011
Last Update on: 5/13/2014