Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How to remove NAT rule from console

    Scheduled Pinned Locked Moved NAT
    8 Posts 3 Posters 10.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • I
      ICO
      last edited by

      I created a NAT rule wrong, and now I can not access the administration console. I can remove it with a command?

      1 Reply Last reply Reply Quote 0
      • GruensFroeschliG
        GruensFroeschli
        last edited by

        How are you accessing the GUI?
        There should not be any NAT involved…
        How do you have access to the console?
        Via ssh?

        You could modify the config.xml directly.

        We do what we must, because we can.

        Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

        1 Reply Last reply Reply Quote 0
        • I
          ICO
          last edited by

          I have no access to GUI, because the rule that I created in error prevents it.
          I can access the console but in the file "config.xml", can not find any references to NAT.

          Can you help please?

          1 Reply Last reply Reply Quote 0
          • GruensFroeschliG
            GruensFroeschli
            last edited by

            Look for the <nat>tag

            It should look something like this:

            <nat><ipsecpassthru><rule><protocol>udp</protocol>
                        <external-port>53</external-port>
                        <target>Bluemage</target>
                        <local-port>53</local-port>
                        <interface>wan</interface>
                        <descr>TCP over DNS</descr></rule>
                    <rule><protocol>tcp/udp</protocol>
                        <external-port>5500</external-port>
                        <target>Bluemage</target>
                        <local-port>5500</local-port>
                        <interface>wan</interface></rule>
                    <rule><protocol>tcp/udp</protocol>
                        <external-port>53436</external-port>
                        <target>192.168.1.11</target>
                        <local-port>53436</local-port>
                        <interface>wan</interface></rule>
                    <advancedoutbound><rule><source>
                                <network>any</network>

            <sourceport><descr><target><interface>wan</interface>
                            <destination><any></any></destination>
                            <natport></natport></target></descr></sourceport></rule>
                        <enable></enable></advancedoutbound></ipsecpassthru></nat></nat>

            We do what we must, because we can.

            Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

            1 Reply Last reply Reply Quote 0
            • I
              ICO
              last edited by

              Located, thank you very much

              1 Reply Last reply Reply Quote 0
              • I
                ICO
                last edited by

                When I change the contents of the config.xml file and delete the rule, as I do to refresh the changes?

                Regads.

                1 Reply Last reply Reply Quote 0
                • GruensFroeschliG
                  GruensFroeschli
                  last edited by

                  Just reboot ^^"

                  Or switch to the developers shell and look at the help file.
                  afaik there is somewhere the command listed to reload the config.

                  We do what we must, because we can.

                  Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

                  1 Reply Last reply Reply Quote 0
                  • jimpJ
                    jimp Rebel Alliance Developer Netgate
                    last edited by

                    edit the config, rm /tmp/config.cache, then run /etc/rc.filter_configure

                    Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                    Need help fast? Netgate Global Support!

                    Do not Chat/PM for help!

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.