5.1
Table Of Contents
- vCloud Director Administrator's Guide
- Contents
- vCloud Director Administrator's Guide
- Updated Information
- Getting Started with vCloud Director
- Adding Resources to vCloud Director
- Creating and Provisioning Organizations
- Understanding Leases
- Create an Organization
- Allocate Resources to an Organization
- Open the Allocate Resources Wizard
- Select a Provider vDC
- Select an Allocation Model
- Configure the Allocation Model
- Allocate Storage
- Select Network Pool and Services
- Configure an Edge Gateway
- Configure External Networks
- Configure IP Settings on a New Edge Gateway
- Suballocate IP Pools on a New Edge Gateway
- Configure Rate Limits on a New Edge Gateway
- Create an Organization vDC Network
- Name the Organization vDC
- Confirm Settings and Create the Organization vDC
- Creating a Published Catalog
- Managing Cloud Resources
- Managing Provider vDCs
- Enable or Disable a Provider vDC
- Delete a Provider vDC
- Modify a Provider vDC Name and Description
- Merge Provider vDCs
- Enable or Disable a Provider vDC Host
- Prepare or Unprepare a Provider vDC Host
- Upgrade an ESX/ESXi Host Agent for a Provider vDC Host
- Repair a Provider vDC ESX/ESXi Host
- Enable vSphere VXLAN on an Upgraded Provider vDC
- Provider vDC Datastores
- Add a Storage Profile to a Provider vDC
- Edit the Metadata for a Storage Profile on a Provider vDC
- Add a Resource Pool to a Provider vDC
- Enable or Disable a Provider vDC Resource Pool
- Detach a Resource Pool From a Provider vDC
- Migrate Virtual Machines Between Resource Pools on a Provider vDC
- Configure Low Disk Space Warnings for a Provider vDC Datastore
- Send an Email Notification to Provider vDC Users
- Managing Organization vDCs
- Create an Organization vDC
- Open the New Organization vDC Wizard
- Select an Organization for the Organization vDC
- Select a Provider vDC
- Select an Allocation Model
- Configure the Allocation Model
- Allocate Storage
- Select Network Pool and Services
- Configure an Edge Gateway
- Configure External Networks
- Configure IP Settings on a New Edge Gateway
- Suballocate IP Pools on a New Edge Gateway
- Configure Rate Limits on a New Edge Gateway
- Create an Organization vDC Network
- Name the Organization vDC
- Confirm Settings and Create the Organization vDC
- Enable or Disable an Organization vDC
- Delete an Organization vDC
- Organization vDC Properties
- Add a Storage Profile to an Organization vDC
- Create an Organization vDC
- Managing External Networks
- Managing Edge Gateways
- Add an Edge Gateway
- Open the New Edge Gateway Wizard
- Select Gateway and IP Configuration Options for a New Edge Gateway
- Select External Networks for a New Edge Gateway
- Configure IP Settings on a New Edge Gateway
- Suballocate IP Pools on a New Edge Gateway
- Configure Rate Limits on a New Edge Gateway
- Configure the Name and Description of a New Edge Gateway
- Review the Configuration of a New Edge Gateway
- Configuring Edge Gateway Services
- Configure DHCP for an Edge Gateway
- Add a Source NAT rule to an Edge Gateway
- Add a Destination NAT rule to an Edge Gateway
- Configure the Firewall for an Edge Gateway
- Add a Firewall Rule for an Edge Gateway
- Reorder Firewall Rules for an Edge Gateway
- Enable VPN for an Edge Gateway
- Configure Public IPs for External Networks
- Creating VPN Tunnels on an Edge Gateway
- Edit VPN Settings
- Enable Static Routing on an Edge Gateway
- Managing Load Balancer Service on an Edge Gateway
- Editing Edge Gateway Properties
- Delete an Edge Gateway
- View IP Use for an Edge Gateway
- Apply Syslog Server Settings to an Edge Gateway
- Add an Edge Gateway
- Managing Organization vDC Networks
- Adding Networks to an Organization vDC
- Configuring Organization vDC Network Services
- Configure DHCP for an Organization vDC Network
- Enable the Firewall for an Organization vDC Network
- Add a Firewall Rule for an Organization vDC Network
- Reorder Firewall Rules for an Organization vDC Network
- Enable VPN for an Organization vDC Network
- Create a VPN Tunnel Within an Organization
- Create a VPN Tunnel to a Remote Network
- Enable Static Routing for an Organization vDC Network
- Add Static Routes Between vApp Networks Routed to the Same Organization vDC Network
- Add Static Routes Between vApp Networks Routed to Different Organization vDC Networks
- Reset an Organization vDC Network
- View vApps and vApp Templates That Use an Organization vDC Network
- Delete an Organization vDC Network
- View IP Use for an Organization vDC Network
- Editing Organization vDC Network Properties
- Managing Network Pools
- Managing Cloud Cells
- Managing Provider vDCs
- Managing vSphere Resources
- Managing Organizations
- Managing System Administrators and Roles
- Add a System Administrator
- Import a System Administrator
- Enable or Disable a System Administrator
- Delete a System Administrator
- Edit System Administrator Profile and Contact Information
- Send an Email Notification to Users
- Delete a System Administrator Who Lost Access to the System
- Import a Group
- Delete an LDAP Group
- View Group Properties
- Roles and Rights
- Managing System Settings
- Modify General System Settings
- General System Settings
- Editing System Email Settings
- Configuring Blocking Tasks and Notifications
- Configuring the System LDAP Settings
- Customize the vCloud Director Client UI
- Configuring Public Addresses
- Configure the Account Lockout Policy
- Configure vCloud Director to use vCenter Single Sign On
- Monitoring vCloud Director
- Roles and Rights
- Index
Prerequisites
Verify that you have an external NAT-routed organization vDC network.
Procedure
1 Click the Manage & Monitor tab and click Organization vDCs in the left pane.
2 Double-click the organization vDC name to open the organization vDC.
3 Click the Org vDC Networks tab, right-click the organization vDC network name, and select Configure
Services.
4 Click the Firewall tab and click Add.
5 Type a name for the rule.
6 Select the traffic direction.
7 Type the source IP address and select the source port.
For incoming traffic, the source is the external network. For outgoing traffic, the source is the organization
vDC network.
8 Type the destination IP address and select the destination port.
For incoming traffic, the destination is the organization vDC network. For outgoing traffic, the destination
is the external network.
9 Select the protocol and action.
A firewall rule can allow or deny traffic that matches the rule.
10 Select the Enabled check box.
11 (Optional) Select the Log network traffic for firewall rule check box.
If you enable this option, vCloud Director sends log events to the syslog server for connections affected
by this rule. Each syslog message includes logical network and organization UUIDs.
12 Click OK and click OK again.
Reorder Firewall Rules for an Organization vDC Network
Firewall rules are enforced in the order in which they appear in the firewall list. You can change the order of
the rules in the list.
When you add a new firewall rule to an organization vDC network, it appears at the bottom of the firewall
rule list. To enforce the new rule before an existing rule, reorder the rules.
Prerequisites
Verify that you have a routed organization vDC network with two or more firewall rules.
Procedure
1 Click the Manage & Monitor tab and click Organization vDCs in the left pane.
2 Double-click the organization vDC name to open the organization vDC.
3 Click the Org vDC Networks tab, right-click the organization vDC network name and select Configure
Services.
4 Click the Firewall tab.
5 Drag the firewall rules to establish the order in which the rules are applied.
6 Click OK.
vCloud Director Administrator's Guide
86 VMware, Inc.