# Create a NAT Gateway Rule Create a NAT gateway rule to configure Source NAT (SNAT) behavior for your private network traffic using the `POST` request. The rules determine which private IP addresses can access the Internet through the NAT gateway. {% hint style="info" %} **Rule specifications:** Define a name, protocol (`TCP`, `UDP`, `ICMP`, `ESP`, `AH`, or `GRE`), source subnet, and target subnet for each rule. You can also optionally specify a target port range. {% endhint %} ## Endpoint `https://api.ionos.com/cloudapi/v6/datacenters/{datacenterId}/natgateways/{natGatewayId}/rules` ## Request ```bash curl --location \ --request POST 'https://api.ionos.com/cloudapi/v6/datacenters/15f67991-0f51-4efc-a8ad-ef1fb31a480c/natgateways/d8fbc490-3b3e-4f7a-b6e1-2c8d5f3e7a9b/rules' \ --header 'Authorization: Bearer $IONOS_TOKEN' \ --header 'Content-Type: application/json' \ --data-raw '{ "properties": { "name": "Web Traffic Rule", "protocol": "TCP", "publicIp": "203.0.113.50", "sourceSubnet": "10.0.1.0/24", "targetSubnet": "0.0.0.0/0", "targetPortRange": { "start": 80, "end": 443 }, "type": "SNAT" } }' ``` {% tabs %} {% tab title="Request Body Parameters" %} The following table lists the request body parameters: | **Body Parameters** | **Required** | **Type** | **Description** | **Example** | | ---------------------------------- | ------------ | -------- | --------------------------------------------------------------------------------------------------------------- | ---------------------- | | `properties.name` | yes | string | The name of the NAT gateway rule. | `Web Traffic Rule` | | `properties.protocol` | no | string | The network protocol for the rule. If you do not specify a protocol, the system allows all supported protocols. | `TCP` | | `properties.publicIp` | yes | string | The public IP address that the NAT gateway uses for the specific rule. | `203.0.113.50` | | `properties.sourceSubnet` | yes | string | The source subnet in CIDR notation. | `10.0.1.0/24` | | `properties.targetSubnet` | no | string | The target or destination subnet in CIDR notation. | `0.0.0.0/0` | | `properties.targetPortRange` | no | object | The port range for the target subnet. | See nested properties. | | `properties.targetPortRange.start` | no | integer | The starting port of the range. | `80` | | `properties.targetPortRange.end` | no | integer | The ending port of the range. | `443` | | `properties.type` | no | string | The type of NAT gateway rule. | `SNAT` | | {% endtab %} | | | | | {% tab title="Request Header Parameters" %} Include the following mandatory fields in the request header to authenticate your requests: | **Header Parameters** | **Required** | **Type** | **Description** | | --------------------- | ------------ | -------- | --------------------------------------------------------------------------- | | `Authorization` | yes | string | Use a Bearer token to authenticate requests through a JSON Web Token (JWT). | | `Content-Type` | yes | string | Set it to `application/json`. | | {% endtab %} | | | | | {% endtabs %} | | | | ## Response A **202 Accepted** response indicates that the NAT Gateway rule is successfully created. The `id` and other details are provided in the response. {% hint style="info" %} **Note:** NAT Gateway rule creation is performed asynchronously. The resource maintains a `BUSY` status until provisioning completes. The response includes a `Location` header with a URL to poll the request status. {% endhint %} ```json { "id": "a7f2e4d8-9c3b-4f6a-b5e8-1d2c3f4a5b6c", "type": "nat-gateway-rule", "href": "/cloudapi/v6/datacenters/15f67991-0f51-4efc-a8ad-ef1fb31a480c/natgateways/d8fbc490-3b3e-4f7a-b6e1-2c8d5f3e7a9b/rules/a7f2e4d8-9c3b-4f6a-b5e8-1d2c3f4a5b6c", "metadata": { "etag": "45480eb3fbfc31f1d916c1eaa4abdcc3", "createdDate": "2024-01-15T13:45:30+00:00", "createdBy": "ionos:identity:::users/87f9d82e-b28d-49ed-9d04-fba2c0459cd3", "createdByUserId": "87f9d82e-b28d-49ed-9d04-fba2c0459cd3", "lastModifiedDate": "2024-01-15T13:45:30+00:00", "lastModifiedBy": "ionos:identity:::users/87f9d82e-b28d-49ed-9d04-fba2c0459cd3", "lastModifiedByUserId": "87f9d82e-b28d-49ed-9d04-fba2c0459cd3", "state": "BUSY" }, "properties": { "name": "Web Traffic Rule", "protocol": "TCP", "publicIp": "203.0.113.50", "sourceSubnet": "10.0.1.0/24", "targetSubnet": "0.0.0.0/0", "targetPortRange": { "start": 80, "end": 443 }, "type": "SNAT" } } ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.ionos.com/cloud/network-services/nat-gateway/api-howtos/create-nat-gateway-rule.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.