...
Table of Contents |
---|
Info |
---|
This page describes how to create NAT rules for virtual datacenters. For details of how to configure NAT networks in infrastructure, see Manage NAT |
Display NAT rules
When the Network Address Translation (NAT) integration is available in your environment, the NAT tab will to display the NAT IPs and NAT rules for your virtual datacenters. From here you can manage NAT IPs and within the VM you can manage NAT rules.
Create a virtual datacenter with NAT
To create a virtual datacenter with NAT, create a virtual datacenter as usual, and the platform will automatically add a NAT IP and create an SNAT rule for all outgoing traffic. Then you can also create DNAT rules to associate a private IP attached to VM with a NAT IP, and an additional SNAT rule for that NAT IP.:
Go to Virtual datacenters and select virtual datacenter
Go to Network → NAT
To display NAT rules for a VM:
Go to Virtual datacenters
Select the VM
Go to VM control panel → NAT
To manage or display NAT rules for a VM:
Go to Virtual datacenters
Edit a VM
Go to Networks → NAT
...
Create a NAT rule for DNAT
To enable VMs outside your VDC to connect to a VM with a private IP address, after you obtain a NAT IP, create a destination NAT rule, which is also called a DNAT rule.
To create a DNAT rule:
Go to myCloud → Virtual datacenters → Virtual appliances
Edit your VM
If your VM does not yet have an IP, go to Network → NICs and add a private IP
Go to Network → DNAT
Click the + add button on the top right-hand side of the tab
Enter the details of the DNAT rule
For the Original (NAT IP), select the IP address to receive external connections
Select the Protocol for the connection, which can include TCP, UDP, any, and ICMP
For the Translated IP, select the private IP that is attached to the VM
Optionally, select the checkbox to Use all ports OR
Enter the Original port for external connections. You cannot use an Original port for a NAT IP in more than one NAT rule.
The platform will display the ports that are already used in other rules for the selected NAT IP.
AND for the Translated port, enter the port on the VM
Click Add
Save the VM
...
Create a NAT rule for SNAT
To send outgoing traffic through a NAT IP that is not the default one, add an additional SNAT rule with these steps:
To create an SNAT rule:
Go to Virtual datacenters → Virtual appliances
Edit your VM
If your VM does not yet have an IP, go to Network → NICs and add a private IP
Go to Network → SNAT
Click the + add button on the top right-hand side of the tab
Enter the addresses of the SNAT rule
For the Original IP, select the IP that is attached to the VM
For the Translated (NAT IP), select the IP address to display for outgoing connections
Click Add
Save the VM
...
Use a NAT IP for a load balancer
You can use a To use a NAT IP address as a public IP address for a load balancer:
Use the virtual datacenter's NAT IP address or obtain an additional NAT IP address. See Obtain an additional NAT IP address for
...
Create the load balancer and select the NAT IP
...
The platform will automatically create a NAT rule to match the port mappings of the routing rule of the load balancer routing rule port mappings.
...
Obtain an additional NAT
...
IP for your virtual datacenter
In addition to the NAT IP address assigned to the virtual datacenter, you can obtain NAT IPs IP addresses for creating additional NAT rules.
To obtain a an additional NAT IP address:
Go to Virtual datacenters → Network → NAT
Click the +
...
add button on the top right-hand side of the screen
Select the NAT network and click Accept
The platform will reserve an IP address and allocate it to your virtual datacenter.
...
You can then use the NAT IP address as the public IP address for a load balancer or to provide access to a private IP address.
Create NAT rules
After you obtain a NAT IP, you can create a destination NAT rule for a private IP address on a VM.
To create a NAT rule:
- Go to Virtual datacenters → Virtual appliances.
- Edit your VM
- If your VM does not yet have an IP, go to Network → NICs and add a private IP
- Go to Network → NATs
- Click the + button on the top right-hand side of the tab
- Enter the details of the NAT rule, which by default will be a DNAT rule
- You cannot use the Original port for the NAT IP in more than one NAT rule. The platform will display the ports that are already used in other rules for the selected NAT IP.
- To create an additional SNAT rule for traffic from the private IP to the outside network through the NAT IP, select the SNAT checkbox
- Click Add
- Save the VM
Modify and delete NAT rules
From the NATs tab you can also select a NAT rule to edit or delete it.
...
Limit NAT IP bandwidth for a VDC
See Manage NAT QoS