5.5
Table Of Contents
- vCloud Director Administrator's Guide
- Contents
- vCloud Director Administrator's Guide
- Updated Information
- Getting Started with vCloud Director
- Adding Resources to vCloud Director
- Creating and Provisioning Organizations
- Understanding Leases
- Understanding Allocation Models
- Create an Organization
- Open the New Organization Wizard
- Name the Organization
- Specify the Organization LDAP Options
- Add Local Users to the Organization
- Set the Organization Catalog Sharing, Publishing, and Subscription Policies
- Configure Email Preferences
- Configure Organization Lease, Quota, and Limit Settings
- Confirm Settings and Create the Organization
- Allocate Resources to an Organization
- Open the Allocate Resources Wizard
- Select a Provider Virtual Datacenter
- Select an Allocation Model
- Configure the Allocation Model
- Allocate Storage
- Select Network Pool and Services
- Configure an Edge Gateway
- Configure External Networks
- Configure IP Settings on a New Edge Gateway
- Suballocate IP Pools on a New Edge Gateway
- Configure Rate Limits on a New Edge Gateway
- Create an Organization Virtual Datacenter Network
- Name the Organization Virtual Datacenter
- Confirm Settings and Create the Organization Virtual Datacenter
- Working With Catalogs
- Managing Cloud Resources
- Managing Provider Virtual Datacenters
- Enable or Disable a Provider Virtual Datacenter
- Delete a Provider Virtual Datacenter
- Modify a Provider Virtual Datacenter Name and Description
- Merge Provider Virtual Datacenters
- Enable or Disable a Provider Virtual Datacenter Host
- Prepare or Unprepare a Provider Virtual Datacenter Host
- Upgrade an ESX/ESXi Host Agent for a Provider Virtual Datacenter Host
- Repair a Provider Virtual Datacenter ESX/ESXi Host
- Enable vSphere VXLAN on an Upgraded Provider Virtual Datacenter
- Provider Virtual Datacenter Datastores
- Add a Storage Policy to a Provider Virtual Datacenter
- Edit the Metadata for a Storage Policy on a Provider Virtual Datacenter
- Add a Resource Pool to a Provider Virtual Datacenter
- Enable or Disable a Provider Virtual Datacenter Resource Pool
- Detach a Resource Pool From a Provider Virtual Datacenter
- Migrate Virtual Machines Between Resource Pools on a Provider Virtual Datacenter
- Configure Low Disk Space Thresholds for a Provider Virtual Datacenter Datastore
- Send an Email Notification to Provider Virtual Datacenter Users
- Managing Organization Virtual Datacenters
- Create an Organization Virtual Datacenter
- Open the New Organization Virtual Datacenter Wizard
- Select an Organization for the Organization Virtual Datacenter
- Select a Provider Virtual Datacenter
- Select an Allocation Model
- Configure the Allocation Model
- Allocate Storage
- Select Network Pool and Services
- Configure an Edge Gateway
- Configure External Networks
- Configure IP Settings on a New Edge Gateway
- Suballocate IP Pools on a New Edge Gateway
- Configure Rate Limits on a New Edge Gateway
- Create an Organization Virtual Datacenter Network
- Name the Organization Virtual Datacenter
- Confirm Settings and Create the Organization Virtual Datacenter
- Enable or Disable an Organization Virtual Datacenter
- Delete an Organization Virtual Datacenter
- Organization Virtual Datacenter Properties
- Add a Storage Policy to an Organization Virtual Datacenter
- Create an Organization Virtual Datacenter
- Managing External Networks
- Managing Edge Gateways
- Add an Edge Gateway
- Open the New Edge Gateway Wizard
- Select Gateway and IP Configuration Options for a New Edge Gateway
- Select External Networks for a New Edge Gateway
- Configure IP Settings on a New Edge Gateway
- Suballocate IP Pools on a New Edge Gateway
- Configure Rate Limits on a New Edge Gateway
- Configure the Name and Description of a New Edge Gateway
- Review the Configuration of a New Edge Gateway
- Configuring Edge Gateway Services
- Configure DHCP for an Edge Gateway
- Add a Source NAT rule to an Edge Gateway
- Add a Destination NAT rule to an Edge Gateway
- Configure the Firewall for an Edge Gateway
- Add a Firewall Rule for an Edge Gateway
- Reorder Firewall Rules for an Edge Gateway
- Enable VPN for an Edge Gateway
- Configure Public IPs for External Networks
- Creating VPN Tunnels on an Edge Gateway
- Create a VPN Tunnel In an Organization for an Organization Virtual Datacenter Network Backed by an Edge Gateway
- Create a VPN Tunnel Between Organizations
- Create a VPN Tunnel From an Organization Virtual Datacenter Network Backed by an Edge Gateway to a Remote Network
- Display Peer Settings for a VPN Tunnel to a Remote Network
- Edit VPN Settings
- Enable Static Routing on an Edge Gateway
- Managing Load Balancer Service on an Edge Gateway
- Editing Edge Gateway Properties
- Upgrade an Edge Gateway
- Delete an Edge Gateway
- View IP Use for an Edge Gateway
- Apply Syslog Server Settings to an Edge Gateway
- Add an Edge Gateway
- Managing Organization Virtual Datacenter Networks
- Adding Networks to an Organization Virtual Datacenter
- Configuring Organization Virtual Datacenter Network Services
- Configure DHCP for an Organization Virtual Datacenter Network
- Enable the Firewall for an Organization Virtual Datacenter Network
- Add a Firewall Rule for an Organization Virtual Datacenter Network
- Reorder Firewall Rules for an Organization Virtual Datacenter Network
- Enable VPN for an Organization Virtual Datacenter Network
- Create a VPN Tunnel Within an Organization
- Create a VPN Tunnel to a Remote Network
- Enable Static Routing for an Organization Virtual Datacenter Network
- Add Static Routes Between vApp Networks Routed to the Same Organization Virtual Datacenter Network
- Add Static Routes Between vApp Networks Routed to Different Organization Virtual Datacenter Networks
- Reset an Organization Virtual Datacenter Network
- View vApps and vApp Templates That Use an Organization Virtual Datacenter Network
- Delete an Organization Virtual Datacenter Network
- View IP Use for an Organization Virtual Datacenter Network
- Editing Organization Virtual Datacenter Network Properties
- Managing Network Pools
- Managing Cloud Cells
- Managing Service Offerings
- Register an Extension
- View or Modify Extension Properties
- Associate a Service Offering With an Organization Virtual Datacenter
- Disassociate a Service Offering From an Organization Virtual Datacenter
- Unregister an Extension
- Create a Service Instance
- Modify Service Instance Properties
- Add a Service Instance to a Virtual Machine
- Delete a Service Instance
- Managing Provider Virtual Datacenters
- Managing vSphere Resources
- Managing Organizations
- Managing System Administrators and Roles
- Add a System Administrator
- Import a System Administrator
- Enable or Disable a System Administrator
- Delete a System Administrator
- Edit System Administrator Profile and Contact Information
- Send an Email Notification to Users
- Delete a System Administrator Who Lost Access to the System
- Import a Group
- Delete an LDAP Group
- View Group Properties
- Roles and Rights
- Managing System Settings
- Modify General System Settings
- General System Settings
- Editing System Email Settings
- Configuring Blocking Tasks and Notifications
- Configuring the System LDAP Settings
- Customize the vCloud Director Client UI
- Configuring Public Addresses
- Configure the Account Lockout Policy
- Configure vCloud Director to use vCenter Single Sign On
- Monitoring vCloud Director
- Viewing Tasks and Events
- Monitor and Manage Blocking Tasks
- View Usage Information for a Provider Virtual Datacenter
- View Usage Information for an Organization Virtual Datacenter
- Using vCloud Director's JMX Service
- Viewing the vCloud Director Logs
- vCloud Director and Cost Reporting
- Monitoring Quarantined Files
- Roles and Rights
- Index
Option Description
external
Apply this rule to all external traffic.
any
Apply this rule to traffic with any destination.
10 Select the Destination port to apply this rule on from the drop-down menu.
11 Select the Protocol to apply this rule on from the drop-down menu.
12 Select the action.
A firewall rule can allow or deny traffic that matches the rule.
13 Select the Enabled check box.
14 (Optional) Select the Log network traffic for firewall rule check box.
If you enable this option, vCloud Director sends log events to the syslog server for connections affected
by this rule. Each syslog message includes logical network and organization UUIDs.
15 Click OK and click OK again.
Reorder Firewall Rules for an Edge Gateway
Firewall rules are enforced in the order in which they appear in the firewall list. You can change the order of
the rules in the list.
When you add a new firewall rule to an edge gateway, it appears at the bottom of the firewall rule list. To
enforce the new rule before an existing rule, reorder the rules.
Procedure
1 Click the Manage & Monitor tab and click Organization VDCs in the left pane.
2 Double-click the organization virtual datacenter name to open the organization virtual datacenter.
3 Click the Edge Gateways tab, right-click the edge gateway name and select Edge Gateway Services.
4 Click the Firewall tab.
5 Drag the firewall rules to establish the order in which the rules are applied.
6 Click OK.
Enable VPN for an Edge Gateway
You can enable VPN for organization virtual datacenters backed by an edge gateway and create a secure
tunnel from one of those organization virtual datacenter networks to another network.
vCloud Director supports VPN between organization virtual datacenter networks backed by edge gateways
and both organization virtual datacenter networks in the same organization and remote networks.
System administrators and organization administrators can enable VPN.
Procedure
1 Click the Manage & Monitor tab and click Organization VDCs in the left pane.
2 Double-click the organization virtual datacenter name to open the organization virtual datacenter.
3 Click the Edge Gateways tab, right-click the edge gateway name and select Edge Gateway Services.
4 Click the VPN tab and select Enable VPN.
5 (Optional) Click Configure Public IPs, type a public IP address, and click OK.
6 Click OK.
vCloud Director Administrator's Guide
72 VMware, Inc.