Information on this page applies only to non-advanced edge gateways. For information on how to manage NAT rules for advanced edge gateways, refer to NAT Rules for NSX Integration

VMware Cloud Director NAT (Network Address Translation) service translates source or destination IP addresses and port numbers. In the most common case, you associate a NAT service with an uplink interface on an Edge Gateway so that addresses on organization VDC networks are not exposed on the external network.

You can view/create/edit/delete NAT rules using OnApp Control Panel.

This functionality is available for users with the vCloud Organization Administrator role.

View NAT Rules


  1. Go to your Control Panel > Cloud > Edge Gateways > Edge gateway's label Nat Service tab.
  2. On the page that appears, you will see the list of NAT rules together with their details:
    • Rule type - the type of the NAT rule (DNAT, SNAT)
    • Network - the name of VMware Cloud Director network
    • Original IP - the original IP address to apply this rule on 
    • Original port - the port of original IP address
    • Translated IP - the IP address to translate the addresses of outgoing packets to
    • Translated port - the port of translated IP address
    • Enabled - whether this rule is enabled or not
    • Protocol - the type of protocol
    • Actions - processes which you can perform with the NAT rule

Create NAT Rules


  1. Go to your Control Panel > Cloud > Edge Gateways edge gateway's label > Nat Service tab.
  2. Click the Add New Rule button or  "+" button.
  3. On the page that appears specify the following parameters:
    • Enabled - tick the checkbox to enable this NAT rule
    • Rule type - choose the type of the NAT rule from the drop-down menu:
      • SNAT - source network address translation. This kind of rule translates the packet's source address and, optionally, source IP port to the values you specify.
      • DNAT - destination network address translation. This kind of rule translates the packet's destination address and, optionally, destination IP port to the values you specify.
    • Network - choose the VMware Cloud Director network from the drop-down menu
      • Original IP -  specify the original IP address to apply this rule on 
      • Original port - specify the port of original IP address (applies only for DNAT rule type)
      • Translated IP - specify the IP address to translate the addresses of outgoing packets 
      • Translated port - specify the port of translated IP address (applies only for DNAT rule type)
      • Protocol - choose the type of protocol from the drop-down menu (applies only for DNAT rule type)
  4. Click Create.

Edit NAT Rule


  1. Go to your Control Panel > Cloud > Edge Gateways edge gateway's label > Nat Service tab.
  2. Click the Actions icon > Edit next to the NAT rule, which you want to edit.
  3. On the page that appears change the following parameters:
    • Enabled - move the slider to the right to enable this NAT rule
    • Network - choose the VMware Cloud Director network from the drop-down menu
    • Original IP -  specify the original IP address to apply this rule on 
    • Original port - specify the port of original IP address (applies only for DNAT rule type)
    • Translated IP - specify the IP address to translate the addresses of outgoing packets 
    • Translated port - specify the port of translated IP address (applies only for DNAT rule type)
    • Protocol - choose the type of protocol from the drop-down menu (applies only for DNAT rule type)
  4. Click Submit.

Delete NAT Rules


  1. Go to your Control Panel > Cloud > Edge Gateways menu > specific edge gateway's label > Nat Service tab.
  2. Click the Delete icon next to the NAT rule you want to delete.
  3. Confirm the deletion.