Manualshelf

Virtual Private Cloud OnDemand Networking Guide

ManualsBrandsVMware ManualsApplicationsvCloud Air
11121314151617181920
Table Of Contents
Table 12. Related Information in this Guide and Other Sources (Continued)
Networking Service See this related information...
Firewall Rules
n
“About Firewall Rules,” on page 29 in this guide
n
“Add a Firewall Rule,” on page 29 in this guide
n
Configure the Firewall for an Edge Gateway in vCloud Director Administrator’s Guide
n
Add a Firewall Rule for an Edge Gateway in vCloud Director Administrator’s Guide
VPN
n
“VPN and Remote Networks,” on page 30 in this guide
n
“About Setting up an IPsec VPN Connection,” on page 31 in this guide
n
“Set up an IPsec VPN Connection to a Remote Site,” on page 33 in this guide
n
Create a VPN Tunnel to a Remote Network in vCloud Director Administrator’s Guide
n
How To Use VPN to Connect Multiple vCA Clouds in the VMware vCloud Blog
Static Routing
n
“Static Routing,” on page 17 in this guide
n
Enable Static Routing on an Edge Gateway in vCloud Director Administrator’s Guide
Network Address Translation (NAT)
Gateways in Virtual Private Cloud OnDemand support NAT for the virtual machines connected to routed
networks. Create a NAT rule to translate a public IPv4 address to and from the private IPv4 address of a
virtual machine on your isolated network in Virtual Private Cloud OnDemand.
Virtual Private Cloud OnDemandsupports source NAT (SNAT) and destination NAT (DNAT) rules. When
you configure an SNAT or a DNAT rule, you always configure the rule from the perspective of
Virtual Private Cloud OnDemand. You configure the rules in the following ways:
n
SNAT: the traffic is traveling from a virtual machine on an isolated network in
Virtual Private Cloud OnDemand (the source) through the Internet to the external network (the
destination).
n
DNAT: the traffic is traveling from the Internet (the source) to a virtual machine inside
Virtual Private Cloud OnDemand (the destination).
Figure 13. Example for Network Address Translation
Network 1 Network 2 Network 3
Web
server
VM1
Public
(external)
Internal
Private
IP addresses
Public IP address;
for example, 209.165.200.1
10.0.0.2
10.0.0.0/8
172.16.0.0/12
192.168.0.0/16 209.165.200.225
Given the example in Figure 1-3, you can add the following NAT rules for VM1 to communicate with the
Web server (IP address 209.165.200.225):
n
SNAT
n
Original (Internal) Source: 10.0.0.2
n
Translated (External) Source: 209.165.200.1
n
DNAT
n
Original (External) IP: 209.165.200.1
Chapter 1 Overview of Gateways and Networks
VMware, Inc. 13