Networking Guide
Table Of Contents
- VMware vCloud Air Networking Guide
- Contents
- About this Networking Guide
- Overview of Gateways and Networks
- About Managing Gateways and Networks
- Network Security and Secure Access
- Network Connectivity for Virtual Machines
- Direct Connect for vCloud Air
- Features of Direct Connect
- Reasons to Order Direct Connect
- Direct Connect Service Overview
- Direct Connect with Cross Connect
- Direct Connect for Network Exchange
- Direct Connect Use Cases
- About the Ordering and Provisioning Workflow
- Work with Your Provider to Set up Connection
- Order Direct Connect to vCloud Air
- Work with VMware to Complete Order
- View Direct Connect in vCloud Air
- Route Traffic Through Direct Connect
- Index
n
Are ideal for enterprise-grade application deployment
IMPORTANT By default, gateways are deployed with firewall rules configured to deny all network traffic to
and from the virtual machines on the gateway networks. Attempting to ping a virtual machine on a network
after configuring a NAT rule will fail without adding a firewall rule to allow the corresponding traffic.
See “Add a Firewall Rule,” on page 29 in this guide for the steps to create a firewall rule.
Related Information
n
Configure the Firewall for an Edge Gateway in vCloud Director Administrator’s Guide
n
Add a Firewall Rule for an Edge Gateway in vCloud Director Administrator’s Guide
n
Introduction to Gateway Services: Firewall in the vCloud Air Tutorials
n
“Configure Firewall and NAT Rules” in VMware vCloud Air Solution Brief
Add a Firewall Rule
Configure a firewall rule to allow traffic through a gateway to reach the virtual machines on your internal
network and so that your virtual machines can reach the Internet.
This procedure provides the steps to create a firewall rule by using vCloud Air. For information about
creating or editing firewall rules by using vCloud Director, see the following topics in the vCloud Director
Administrator’s Guide:
n
Configure the Firewall for an Edge Gateway
n
Add a Firewall Rule for an Edge Gateway
Prerequisites
n
Verify that you have network administrator privileges.
n
Obtain the IP addresses for the virtual machines that you are creating the firewall rule.
Procedure
1 In the Dashboard tab, click the Gateways tab.
2 Click the gateway for which you want to add a firewall rule.
3 Click the Firewall Rules tab.
4 Click the Add button.
The Add a Firewall “Allow” Exception dialog box appears.
5 Complete the following settings to configure the rule:
Option Description
Name
Enter a name for the rule.
Settings
(Optional) Select Enable this to enable the rule for the gateway.
NOTE Selecting the Log network traffic for this exception option is
unnecessary because you cannot access firewall logging data in vCloud Air
at this time.
Protocol
Choose a protocol to which the rule applies from the drop-down menu:
any, TCP, UDP, TCP/UDP, or ICMP.
By default, the protocol is set to “any” so that network traffic from all
protocols will traverse the firewall.
Chapter 3 Network Security and Secure Access
VMware, Inc. 29