fbpx vCloud NAT | WaveCom

vCloud NAT

 

0.

NAT

 

NAT is good for masquerade your private lan network and for isolating your servers from internet. In NAT you can control in/out traffic and create different rules for accepting and dropping external ip, drop port traffic, forwarding traffic. NAT good if you don't know exactly how works network and afraid that your server can be hacked. If you use NAT in this case, firstly hacker must hack vCloud router that is practically impossible. If you have only one or two public ip address, but you want to create thousands of servers NAT is your redemption, because in NAT back of one ip address can be many servers. In NAT network you can manage external network connections and internal connections separately, that means that server can access each other without problems, but from internet nobody can reach that server if you did not created a rule for that.

 

NATSCHEME.png

 

1.

Open vCloud admin console and go to Network Edge Gateway settings (CONFIGURE SERVICES)

 

Edge.PNG

 

  • Go to NAT tab

 

NAT1.PNG

 

2.

Add New SNAT rule

 

  • Applied On → External network of edge gateway
  • Original Source IP/Range → Internal NAT network
  • Translated Source IP/Range → External network of edge gateway for translation NAT
  • Enable rule

 

snta.PNG

 

3.

Add New DNAT rule

 

  • Applied On → External network of edge gateway
  • Original IP/Range → External network of edge gateway
  • Protocol → Any
  • Translated IP/Range → NAT network
  • Enable rule

 

dnat.PNG

 

4.

 

For example you need access to your server via SSH from external network, boot server in NAT private network. You can forward SSH port from external ip next to your private NAT server ip.

If you want forward special port from exteranl network to your NAT private network you must use DNAT rule

 

  • Applied On → External network of edge gateway
  • Original IP/Range → External network of edge gateway
  • Protocol → Chose protocol
  • Port → External port
  • Translated IP/Range → ip where forward
  • Translated port → port where forward

 

FORWARDING.PNG

 

5.

 

Save and apply all changes

 

Address: Endla 16, Tallinn 10142, EstoniaPhone: (+372) 685 0000@email