--- title: Delete url: https://docs.vultr.com/products/network/vpc-networks/nat-gateway/configuration/firewall-rules/delete description: Learn how to permanently delete a NAT Gateway firewall rule in Vultr. publish_date: 2025-08-20T15:31:09.383704Z last_updated: 2026-05-26T20:01:53.805788Z --- # How to Delete a NAT Gateway Subscription Firewall Rule Deleting a firewall rule removes the traffic control policy immediately and stops the rule from affecting traffic through the NAT Gateway. > [!WARNING] > The deletion is permanent and cannot be undone. Verify no active flows depend on the rule before proceeding with removal. Follow this guide to delete a NAT Gateway subscription firewall rule using the Vultr Console, API, CLI, or Terraform. === "Vultr Console" 1. Navigate to **Products**, expand the **Network** drop-down and select **VPC Networks**. 1. Select your target VPC Network with NAT Gateway connectivity. 1. Scroll to the **NAT Firewall** section. 1. Locate your target firewall rule in the list. 1. Click the **Delete** icon (trash icon) for the rule you want to remove. A confirmation dialog appears with the message "Delete Firewall Rule?" and warns that "This action cannot be undone. This will permanently delete this firewall rule." 1. Click **Delete Firewall Rule** to confirm deletion, or click **Cancel** to abort. === "Vultr API" 1. Send a `GET` request to the [List VPCs endpoint](https://www.vultr.com/api/#tag/VPCs/operation/list-vpcs) to retrieve available VPCs. ```console $ curl "https://api.vultr.com/v2/vpcs" \ -X GET \ -H "Authorization: Bearer ${VULTR_API_KEY}" ``` The output displays all VPCs in your account. Note the `id` field for the target VPC. 1. Send a `GET` request to the **List NAT Gateway subscriptions** endpoint to retrieve the gateway ID. Replace `VPC_ID` with the ID from the previous step. ```console $ curl "https://api.vultr.com/v2/vpcs/VPC_ID/nat-gateway" \ -X GET \ -H "Authorization: Bearer ${VULTR_API_KEY}" ``` The output displays NAT Gateway subscriptions for the VPC. Note the `id` field for the target gateway. 1. Send a `GET` request to the **List NAT Gateway Firewall Rules** endpoint to retrieve firewall rule IDs. Replace `VPC_ID` and `NAT_GATEWAY_ID` with your values. ```console $ curl "https://api.vultr.com/v2/vpcs/VPC_ID/nat-gateway/NAT_GATEWAY_ID/global/firewall-rules" \ -X GET \ -H "Authorization: Bearer ${VULTR_API_KEY}" ``` The output displays all firewall rules for the gateway. Each rule includes an `id`, `port`, `protocol`, `subnet`, and `notes` field. Note the `id` field for the rule you want to delete. 1. Send a `DELETE` request to the **Delete NAT Gateway Firewall Rule** endpoint. Replace `VPC_ID`, `NAT_GATEWAY_ID`, and `FIREWALL_RULE_ID` with your values. ```console $ curl "https://api.vultr.com/v2/vpcs/VPC_ID/nat-gateway/NAT_GATEWAY_ID/global/firewall-rules/FIREWALL_RULE_ID" \ -X DELETE \ -H "Authorization: Bearer ${VULTR_API_KEY}" ``` The API returns an HTTP 204 status code with no response body when the deletion succeeds. The rule is removed immediately and no longer affects traffic through the gateway. === "Vultr CLI" 1. List all VPCs in your account to retrieve the VPC ID. ```console $ vultr-cli vpc list ``` 1. List NAT Gateway subscriptions for the VPC to retrieve the NAT Gateway ID. ```console $ vultr-cli vpc nat-gateway list ``` 1. List firewall rules for the NAT Gateway. ```console $ vultr-cli vpc nat-gateway firewall-rule list ``` 1. Delete the firewall rule. ```console $ vultr-cli vpc nat-gateway firewall-rule delete ``` The firewall rule is deleted immediately and no longer affects traffic through the gateway. === "Terraform" 1. Remove the `vultr_nat_gateway_firewall_rule` resource block from your Terraform configuration file. 1. Apply the configuration to delete the resource: ```console $ terraform apply ``` Terraform detects the removed resource and deletes the firewall rule from your NAT Gateway. 1. Alternatively, destroy a specific resource using the `-target` flag: ```console $ terraform destroy -target=vultr_nat_gateway_firewall_rule.https ```