1.5
Table Of Contents
- vCloud Director Administrator's Guide
- Contents
- vCloud Director Administrator's Guide
- Getting Started with vCloud Director
- Adding Resources to vCloud Director
- Adding vSphere Resources
- Adding Cloud Resources
- Provider Virtual Datacenters
- Create a Provider Virtual Datacenter
- External Networks
- Add an External Network
- Network Pools
- Add a Network Pool That Is Backed by VLAN IDs
- Add a Network Pool That Is Backed by Cloud Isolated Networks
- Add a Network Pool That Is Backed by vSphere Port Groups
- Set the MTU for a Network Pool Backed by Cloud Isolated Networks
- Creating and Provisioning Organizations
- Creating a Published Catalog
- Managing Cloud Resources
- Managing Provider vDCs
- Enable or Disable a Provider vDC
- Delete a Provider vDC
- Modify a Provider vDC Name and Description
- Enable or Disable a Provider vDC Host
- Prepare or Unprepare a Provider vDC Host
- Upgrade an ESX/ESXi Host Agent for a Provider vDC Host
- Repair a Provider vDC ESX/ESXi Host
- Enable or Disable a Provider vDC Datastore
- Add Storage Capacity to a Provider vDC
- Add a Resource Pool to a Provider vDC
- Configure Low Disk Space Warnings for a Provider vDC Datastore
- Send an Email Notification to Provider vDC Users
- Managing Organization vDCs
- Managing External Networks
- Managing Organization Networks
- Creating Organization Networks
- Configuring Network Services
- Configure DHCP for an Organization Network
- Enable the Firewall for an Organization Network
- Add a Firewall Rule for an Organization Network
- Reorder Firewall Rules for an Organization Network
- Enable IP Masquerading for an Organization Network
- Add External IP Addresses to an Organization Network
- Configure Port Forwarding for an Organization Network
- Configure IP Translation for an Organization Network
- Reorder NAT Mapping Rules for an Organization Network
- Enable Site-to-Site VPN for an Organization Network
- Create a VPN Tunnel Within an Organization
- Create a VPN Tunnel Between Organizations
- Create a VPN Tunnel to a Remote Network
- Enable Static Routing for an Organization Network
- Add Static Routes Between vApp Networks Routed to the Same Organization Network
- Add Static Routes Between vApp Networks Routed to Different Organization Networks
- Reset an Organization Network
- View vApps and vApp Templates That Use an Organization Network
- Delete an Organization Network
- View IP Use for an Organization Network
- Add IP Addresses to an Organization Network IP Pool
- Modify an Organization Network Name and Description
- Modify an Organization Network DNS Settings
- View Syslog Server Settings for an Organization Network
- Apply Syslog Server Settings to an Organization Network
- Managing Network Pools
- Managing Cloud Cells
- Managing Provider vDCs
- Managing vSphere Resources
- Managing Organizations
- Enable or Disable an Organization
- Delete an Organization
- Modify an Organization Name
- Modify an Organization Full Name and Description
- Modify Organization LDAP Options
- Modify Organization Catalog Publishing Policy
- Modify Organization Email Preferences
- Modify Organization Lease, Quota, and Limit Settings
- Add a Catalog to an Organization
- Managing Organization Resources
- Managing Organization Users and Groups
- Managing Organization vApps and Virtual Machines
- Managing System Administrators and Roles
- Add a System Administrator
- Import a System Administrator
- Enable or Disable a System Administrator
- Delete a System Administrator
- Edit System Administrator Profile and Contact Information
- Send an Email Notification to Users
- Delete a System Administrator Who Lost Access to the System
- Import an LDAP Group
- Delete an LDAP Group
- Change an LDAP Group Description
- Roles and Rights
- Create a Role
- Copy a Role
- Edit a Role
- Delete a Role
- Managing System Settings
- Modify General System Settings
- General System Settings
- Configure SMTP Settings
- Configure System Notification Settings
- Configuring Blocking Tasks and Notifications
- Configuring the System LDAP Settings
- Customize the vCloud Director Client UI
- Configure the Public Web URL
- Configure the Public Console Proxy Address
- Configure the Public REST API Base URL
- Configure the Account Lockout Policy
- Monitoring vCloud Director
- Roles and Rights
- Index
7 Type the destination IP address and select the destination port.
For incoming traffic, the destination is the organization network. For outgoing traffic, the destination is
the external network.
8
Select the protocol.
9 Select the action.
A firewall rule can allow or deny traffic that matches the rule.
10 Select the Enabled check box.
11 (Optional) Select the Log network traffic for firewall rule check box.
If you enable this option, vCloud Director sends log events to the syslog server for connections affected
by this rule. Each syslog message includes logical network and organization UUIDs.
12 Click OK and click OK again.
Reorder Firewall Rules for an Organization Network
Firewall rules are enforced in the order in which they appear in the firewall list. You can change the order of
the rules in the list.
When you add a new firewall rule to an organization network, it appears at the bottom of the firewall rule list.
If you want to enforce the new rule before an existing rule, make sure to reorder the rules.
Prerequisites
A routed organization network with two or more firewall rules.
Procedure
1 Click Administration.
2 Select Cloud Resources > Networks.
3 Right-click the organization network name and select Configure Services.
4 Click the Firewall tab.
5 Drag and drop the firewall rules to establish the order in which the rules are applied.
6 Click OK.
Enable IP Masquerading for an Organization Network
You can configure certain organization networks to provide IP masquerade services. You can use IP
masquerading on an organization network to hide the internal IP addresses of virtual machines from the
external network.
When you enable IP masquerade, vCloud Director translates a virtual machine's private, internal IP address
to a public IP address for outbound traffic.
Both system administrators and organization administrators can enable IP masquerade.
Prerequisites
Verify that you have an external NAT-routed organization network.
Procedure
1 Click the Manage & Monitor tab and click Organization Networks in the left pane.
2 Right-click the organization network name and select Configure Services.
3 Click the NAT Mapping tab and select Enable IP Masquerade.
Chapter 5 Managing Cloud Resources
VMware, Inc. 55