NAT Rules

vCloud Director NAT (Network Address Translation) service translates source or destination IP addresses and port numbers. In the most common case, you associate a NAT service with an uplink interface on an Edge Gateway so that addresses on organization VDC networks are not exposed on the external network.

You can view/create/edit/delete NAT rules using OnApp Control Panel.

This functionality is available for users with the vCloud Organization Administrator role.

View NAT Rules

1. Go to your Control Panel > Cloud > Edge Gateways > Edge gateway's label > Nat Service tab.
2. On the page that appears you will see the list of NAT rules together with their details:

• • Rule type - the type of the NAT rule (DNAT, SNAT)
  • Network - the name of vCloud Director network
  • Original IP - the original IP address to apply this rule on 
  • Original port - the port of original IP address
  • Translated IP - the IP address to translate the addresses of outgoing packets to
  • Translated port - the port of translated IP address
  • Enabled - whether this rule is enabled or not
  • Protocol - the type of protocol
  • Actions - processes which you can perform with the NAT rule
    
    

Create NAT Rules

1. Go to your Control Panel > Cloud > Edge Gateways > edge gateway's label > Nat Service tab.
2. Click the Add New Rule button or  "+" button.
3. On the page that appears specify the following parameters:
   
   • Enabled - tick the checkbox to enable this NAT rule
   • Rule type - choose the type of the NAT rule from the drop-down menu:
     • SNAT - source network address translation. This kind of rule translates the packet's source address and, optionally, source IP port to the values you specify.
     • DNAT - destination network address translation. This kind of rule translates the packet's destination address and, optionally, destination IP port to the values you specify.

1. • Network - choose the vCloud Director network from the drop-down menu
   • Original IP -  specify the original IP address to apply this rule on 
   • Original port - specify the port of original IP address (applies only for DNAT rule type)
   • Translated IP - specify the IP address to translate the addresses of outgoing packets 
   • Translated port - specify the port of translated IP address (applies only for DNAT rule type)
   • Protocol - choose the type of protocol from the drop-down menu (applies only for DNAT rule type)

    4. Click Create.

Edit NAT Rule

1. Go to your Control Panel > Cloud > Edge Gateways > edge gateway's label > Nat Service tab.
2. Click the Actions icon > Edit next to the NAT rule, which you want to edit.
3. On the page that appears change the following parameters:
   
   • Enabled - move the slider to the right to enable this NAT rule
   • Network - choose the vCloud Director network from the drop-down menu
   • Original IP -  specify the original IP address to apply this rule on 
   • Original port - specify the port of original IP address (applies only for DNAT rule type)
   • Translated IP - specify the IP address to translate the addresses of outgoing packets 
   • Translated port - specify the port of translated IP address (applies only for DNAT rule type)
   • Protocol - choose the type of protocol from the drop-down menu (applies only for DNAT rule type)
4. Click Submit.
   
   

Delete NAT Rules

1. Go to your Control Panel > Cloud > Edge Gateways menu > specific edge gateway's label > Nat Service tab.
2. Click the Delete icon next to the NAT rule you want to delete.
3. Confirm the deletion.