NAT Rules

vCloud Director NAT (Network Address Translation) service translates source or destination IP addresses and port numbers. In the most common case, you associate a NAT service with an uplink interface on an Edge Gateway so that addresses on organization VDC networks are not exposed on the external network.

You can view/create/edit/delete NAT rules using OnApp Control Panel.


View NAT Rules



To view NAT service of a specific edge gateway:

  1. Go to your Control Panel's Edge Gateways > Edge gateway's label > Nat Service tab.
  2. On the page that appears you will see the list of NAT rules together with their details:
    • Rule type - the type of the NAT rule (DNAT, SNAT)
    • Network - the name of vCloud Director network
    • Original IP - the original IP address to apply this rule on 
    • Original port - the port of original IP address
    • Translated IP - the IP address to translate the addresses of outgoing packets to
    • Translated port - the port of translated IP address
    • Enabled - whether this rule is enabled or not
    • Protocol - the type of protocol
    • Actions - processes which you can perform with the NAT rule

Create NAT Rules



To create a NAT rule:

  1. Go to your Control Panel's Edge Gateways edge gateway's label > Nat Service tab.
  2. Click the Add New Rule button or  "+" button.
  3. On the page that appears specify the following parameters:
    • Enabled - tick the checkbox to enable this NAT rule
    • Rule type - choose the type of the NAT rule from the drop-down menu:
      • SNAT - source network address translation. This kind of rule translates the packet's source address and, optionally, source IP port to the values you specify.
      • DNAT - destination network address translation. This kind of rule translates the packet's destination address and, optionally, destination IP port to the values you specify.

    • Network - choose the vCloud Director network from the drop-down menu
    • Original IP -  specify the original IP address to apply this rule on 
    • Original port - specify the port of original IP address (applies only for DNAT rule type)
    • Translated IP - specify the IP address to translate the addresses of outgoing packets 
    • Translated port - specify the port of translated IP address (applies only for DNAT rule type)
    • Protocol - choose the type of protocol from the drop-down menu (applies only for DNAT rule type)

    4. Click Create.


Edit NAT Rule



To edit a NAT rule:

  1. Go to your Control Panel's Edge Gateways edge gateway's label > Nat Service tab.
  2. Click the Actions icon > Edit next to the NAT rule, which you want to edit.
  3. On the page that appears change the following parameters:
    • Enabled - move the slider to the right to enable this NAT rule
    • Network - choose the vCloud Director network from the drop-down menu
    • Original IP -  specify the original IP address to apply this rule on 
    • Original port - specify the port of original IP address (applies only for DNAT rule type)
    • Translated IP - specify the IP address to translate the addresses of outgoing packets 
    • Translated port - specify the port of translated IP address (applies only for DNAT rule type)
    • Protocol - choose the type of protocol from the drop-down menu (applies only for DNAT rule type)
  4. Click Submit.

Delete NAT Rules



To delete a NAT rule:

  1. Go to your Control Panel's Edge Gateways menu > specific edge gateway's label > Nat Service tab.
  2. Click the Delete icon next to the NAT rule you want to delete.
  3. Confirm the deletion.