5.5
Table Of Contents
- vCloud Director Administrator's Guide
- Contents
- vCloud Director Administrator's Guide
- Updated Information
- Getting Started with vCloud Director
- Adding Resources to vCloud Director
- Creating and Provisioning Organizations
- Understanding Leases
- Understanding Allocation Models
- Create an Organization
- Open the New Organization Wizard
- Name the Organization
- Specify the Organization LDAP Options
- Add Local Users to the Organization
- Set the Organization Catalog Sharing, Publishing, and Subscription Policies
- Configure Email Preferences
- Configure Organization Lease, Quota, and Limit Settings
- Confirm Settings and Create the Organization
- Allocate Resources to an Organization
- Open the Allocate Resources Wizard
- Select a Provider Virtual Datacenter
- Select an Allocation Model
- Configure the Allocation Model
- Allocate Storage
- Select Network Pool and Services
- Configure an Edge Gateway
- Configure External Networks
- Configure IP Settings on a New Edge Gateway
- Suballocate IP Pools on a New Edge Gateway
- Configure Rate Limits on a New Edge Gateway
- Create an Organization Virtual Datacenter Network
- Name the Organization Virtual Datacenter
- Confirm Settings and Create the Organization Virtual Datacenter
- Working With Catalogs
- Managing Cloud Resources
- Managing Provider Virtual Datacenters
- Enable or Disable a Provider Virtual Datacenter
- Delete a Provider Virtual Datacenter
- Modify a Provider Virtual Datacenter Name and Description
- Merge Provider Virtual Datacenters
- Enable or Disable a Provider Virtual Datacenter Host
- Prepare or Unprepare a Provider Virtual Datacenter Host
- Upgrade an ESX/ESXi Host Agent for a Provider Virtual Datacenter Host
- Repair a Provider Virtual Datacenter ESX/ESXi Host
- Enable vSphere VXLAN on an Upgraded Provider Virtual Datacenter
- Provider Virtual Datacenter Datastores
- Add a Storage Policy to a Provider Virtual Datacenter
- Edit the Metadata for a Storage Policy on a Provider Virtual Datacenter
- Add a Resource Pool to a Provider Virtual Datacenter
- Enable or Disable a Provider Virtual Datacenter Resource Pool
- Detach a Resource Pool From a Provider Virtual Datacenter
- Migrate Virtual Machines Between Resource Pools on a Provider Virtual Datacenter
- Configure Low Disk Space Thresholds for a Provider Virtual Datacenter Datastore
- Send an Email Notification to Provider Virtual Datacenter Users
- Managing Organization Virtual Datacenters
- Create an Organization Virtual Datacenter
- Open the New Organization Virtual Datacenter Wizard
- Select an Organization for the Organization Virtual Datacenter
- Select a Provider Virtual Datacenter
- Select an Allocation Model
- Configure the Allocation Model
- Allocate Storage
- Select Network Pool and Services
- Configure an Edge Gateway
- Configure External Networks
- Configure IP Settings on a New Edge Gateway
- Suballocate IP Pools on a New Edge Gateway
- Configure Rate Limits on a New Edge Gateway
- Create an Organization Virtual Datacenter Network
- Name the Organization Virtual Datacenter
- Confirm Settings and Create the Organization Virtual Datacenter
- Enable or Disable an Organization Virtual Datacenter
- Delete an Organization Virtual Datacenter
- Organization Virtual Datacenter Properties
- Add a Storage Policy to an Organization Virtual Datacenter
- Create an Organization Virtual Datacenter
- Managing External Networks
- Managing Edge Gateways
- Add an Edge Gateway
- Open the New Edge Gateway Wizard
- Select Gateway and IP Configuration Options for a New Edge Gateway
- Select External Networks for a New Edge Gateway
- Configure IP Settings on a New Edge Gateway
- Suballocate IP Pools on a New Edge Gateway
- Configure Rate Limits on a New Edge Gateway
- Configure the Name and Description of a New Edge Gateway
- Review the Configuration of a New Edge Gateway
- Configuring Edge Gateway Services
- Configure DHCP for an Edge Gateway
- Add a Source NAT rule to an Edge Gateway
- Add a Destination NAT rule to an Edge Gateway
- Configure the Firewall for an Edge Gateway
- Add a Firewall Rule for an Edge Gateway
- Reorder Firewall Rules for an Edge Gateway
- Enable VPN for an Edge Gateway
- Configure Public IPs for External Networks
- Creating VPN Tunnels on an Edge Gateway
- Create a VPN Tunnel In an Organization for an Organization Virtual Datacenter Network Backed by an Edge Gateway
- Create a VPN Tunnel Between Organizations
- Create a VPN Tunnel From an Organization Virtual Datacenter Network Backed by an Edge Gateway to a Remote Network
- Display Peer Settings for a VPN Tunnel to a Remote Network
- Edit VPN Settings
- Enable Static Routing on an Edge Gateway
- Managing Load Balancer Service on an Edge Gateway
- Editing Edge Gateway Properties
- Upgrade an Edge Gateway
- Delete an Edge Gateway
- View IP Use for an Edge Gateway
- Apply Syslog Server Settings to an Edge Gateway
- Add an Edge Gateway
- Managing Organization Virtual Datacenter Networks
- Adding Networks to an Organization Virtual Datacenter
- Configuring Organization Virtual Datacenter Network Services
- Configure DHCP for an Organization Virtual Datacenter Network
- Enable the Firewall for an Organization Virtual Datacenter Network
- Add a Firewall Rule for an Organization Virtual Datacenter Network
- Reorder Firewall Rules for an Organization Virtual Datacenter Network
- Enable VPN for an Organization Virtual Datacenter Network
- Create a VPN Tunnel Within an Organization
- Create a VPN Tunnel to a Remote Network
- Enable Static Routing for an Organization Virtual Datacenter Network
- Add Static Routes Between vApp Networks Routed to the Same Organization Virtual Datacenter Network
- Add Static Routes Between vApp Networks Routed to Different Organization Virtual Datacenter Networks
- Reset an Organization Virtual Datacenter Network
- View vApps and vApp Templates That Use an Organization Virtual Datacenter Network
- Delete an Organization Virtual Datacenter Network
- View IP Use for an Organization Virtual Datacenter Network
- Editing Organization Virtual Datacenter Network Properties
- Managing Network Pools
- Managing Cloud Cells
- Managing Service Offerings
- Register an Extension
- View or Modify Extension Properties
- Associate a Service Offering With an Organization Virtual Datacenter
- Disassociate a Service Offering From an Organization Virtual Datacenter
- Unregister an Extension
- Create a Service Instance
- Modify Service Instance Properties
- Add a Service Instance to a Virtual Machine
- Delete a Service Instance
- Managing Provider Virtual Datacenters
- Managing vSphere Resources
- Managing Organizations
- Managing System Administrators and Roles
- Add a System Administrator
- Import a System Administrator
- Enable or Disable a System Administrator
- Delete a System Administrator
- Edit System Administrator Profile and Contact Information
- Send an Email Notification to Users
- Delete a System Administrator Who Lost Access to the System
- Import a Group
- Delete an LDAP Group
- View Group Properties
- Roles and Rights
- Managing System Settings
- Modify General System Settings
- General System Settings
- Editing System Email Settings
- Configuring Blocking Tasks and Notifications
- Configuring the System LDAP Settings
- Customize the vCloud Director Client UI
- Configuring Public Addresses
- Configure the Account Lockout Policy
- Configure vCloud Director to use vCenter Single Sign On
- Monitoring vCloud Director
- Viewing Tasks and Events
- Monitor and Manage Blocking Tasks
- View Usage Information for a Provider Virtual Datacenter
- View Usage Information for an Organization Virtual Datacenter
- Using vCloud Director's JMX Service
- Viewing the vCloud Director Logs
- vCloud Director and Cost Reporting
- Monitoring Quarantined Files
- Roles and Rights
- Index
Add a Destination NAT rule to an Edge Gateway
A destination NAT rule translates the IP address and port of packets received by an organization virtual
datacenter network coming from another organization virtual datacenter network or an external network.
Procedure
1 Click the Manage & Monitor tab and click Organization VDCs in the left pane.
2 Double-click the organization virtual datacenter name to open the organization virtual datacenter.
3 Click the Edge Gateways tab, right-click the edge gateway name and select Edge Gateway Services.
4 Click the NAT tab and click Add DNAT.
5 Select an external network or another organization virtual datacenter network to apply this rule on
from the Apply to drop-down menu.
6 Type the original IP address or range of IP addresses to apply this rule on in the Original (External)
IP/range text box.
7 Choose the Protocol to apply this rule on from the drop-down menu.
To apply this rule on all protocols, select Any.
8 (Optional) Select an Original port to apply this rule to.
9 (Optional) Select an IMCP type to apply this rule to if this rule applies to IMCP.
10 Type the IP address or range of IP addresses for the destination addresses on inbound packets to be
translated to in the Translated (Internal) IP/range text box.
11 (Optional) Select a port for inbound packets to be translated to from the Translated port drop-down
menu.
12 Select Enabled, and click OK.
The destination IP address and port are translated according to the destination NAT rule's specifications.
Configure the Firewall for an Edge Gateway
Edge gateways provide firewall protection for incoming and outgoing sessions.
You can set the default firewall action to deny or allow all traffic. You can also add specific firewall rules to
allow or deny traffic that matches the rules to pass through the firewall. These rules take precedence over
the set default. See “Add a Firewall Rule for an Edge Gateway,” on page 71
System administrators and organization administrators can configure edge gateway firewalls.
Procedure
1 Click the Manage & Monitor tab and click Organization VDCs in the left pane.
2 Double-click the organization virtual datacenter name to open the organization virtual datacenter.
3 Click the Edge Gateways tab, right-click the edge gateway name, and select Edge Gateway Services.
4 Click the Firewall tab and select Enable firewall to enable firewall services, or deselect it to disable
firewall services.
vCloud Director Administrator's Guide
70 VMware, Inc.