In NAT policies, the rule group name is the same as the rule set name. The rule set name is a combination of source ingress and destination egress values. If you modify the value of source ingress or destination egress and save the changes, the policy rule set name changes and it is pushed to the device. However, because the rule group is specific to Security Director, the rule group name does not change and the modified rule is a part of the existing rule group. Starting in Security Director Release 18.3R1, if you modify the source ingress and destination egress values, you can rearrange the NAT policy rules, and the modified policy rules are grouped based on the rule set name.
To group the rules automatically:
- Select Configure>NAT Policies>Policies.
- Click a policy.
The corresponding rules page is displayed.
- Click the Source Ingress and Destination Egress fields and modify the corresponding values.
- Click Save.
- Right-click the rule that you want to group, or select Auto Group from the More list.
A message that the policy is modified is displayed.
- Click OK
A rule group is created based on the corresponding rule set name and the modified rule is moved to the created rule group.
If a rule group already exists with the new rule set name, new rule group will not be created, instead modified rule is grouped under the existing rule group.