Oracle Cloud Infrastructure Documentation

Blocking or Allowing Traffic for a NAT Gateway

Block or allow traffic for a NAT gateway.

You create a NAT gateway in the context of a specific VCN. The NAT gateway is automatically always attached to only one VCN. However, you can block or allow traffic through the NAT gateway at any time. By default, the gateway allows traffic upon creation. Blocking the NAT gateway prevents all traffic from flowing, regardless of any existing route rules or security rules in the VCN.

    1. On the Virtual Cloud Networks list page, select the VCN that contains the gateway that you want to work with. If you need help finding the list page or the VCN, see Listing VCNs.
    2. On the details page, perform one of the following actions depending on the option that you see:
      • On the Gateways tab, go to the NAT Gateways section.
      • Under Resources, select NAT Gateways.
    3. For the NAT gateway you're interested in, select the Actions menu Actions Menu, and then select Block Traffic (or Allow Traffic if you previously blocked traffic).
    4. Select Block Traffic (or Allow Traffic if you previously blocked traffic) to confirm.

    When the traffic is blocked, the NAT gateway's icon turns gray, and the label changes to BLOCKED. When the traffic is allowed, the NAT gateway's icon turns green, and the label changes to AVAILABLE.

  • Use the network nat-gateway update command and required parameters to block (true) or allow (false) traffic for a NAT gateway:

    oci network nat-gateway update --nat-gateway-id nat-ocid --block-traffic [true | false] ... [OPTIONS]

    For a complete list of parameters and values for CLI commands, see the CLI Command Reference.

  • Run the UpdateNatGateway operation to block or allow traffic for a NAT gateway.