Follow

How to: Create NAT rules

What is NAT?

Network address translation (NAT) is a methodology of remapping one IP address space into another by modifying network address information in Internet Protocol (IP) datagram packet headers while they are in transit across a traffic routing device. The simplest type of NAT provides a one-to-one translation of IP addresses. The majority of NATs map multiple private hosts to one publicly exposed IP address.

 

What is DNAT?

Destination network address translation (DNAT) is a technique for transparently changing the destination IP address of an end route packet and performing the inverse function for any replies. DNAT is commonly used to publish a service located in a private network on a publicly accessible IP address.

 

What is SNAT?

Source NAT (SNAT) changes the source address in IP header of a packet. It may also change the source port in the TCP/UDP headers. The typical usage is to change the a private address/port into a public address/port for packets leaving your network.

 

Creating NAT rules in vCloud Director

Creating Destination NAT rules in vCloud Director

Creating Destination NAT rule will enable you to access your VMs from Internet. To create correct DNAT rule you need follow this steps:

1. Applied on: [Important!] External-Internet-2572 
2. Description: Feel free to input anything you want, it describe this NAT rule
3. Original (External) source IP/range: Input here external IP of your organization provided by Canopy at the beginning
4. Protocool: TCP provides reliable, ordered, and error-checked delivery of a stream of octets between applications running on hosts communicating over an IP network. TCP is the protocol that major Internet applications such as the World Wide Web, email, remote administration and file transfer rely on. Applications that do not require reliable data stream service may use the User Datagram Protocol (UDP), which provides a connectionless datagram service that emphasizes reduced latency over reliability. If you are not sure which protocool use, please select TCP/UDP
5. Original Port: You can use one of specified ports on the list or input port manualy. 
6. Translated (Internal) IP/range: Please input IP address of your VM - for example: 192.168.10.1
7. Translated port: You can use one of specified ports on the list or input port manualy. 

Example: 217.115.66.44/80 -> 192.168.10.1/80 on TCP&UDP

The best practice is to use one port translation for one IP address not for a whole range. It's easier to configure for less experienced users.

  
4. Translated (External) source IP/range: 

Creating Source NAT rules in vCloud Director

Creating Source NAT rule will enable you to access your VMs to Internet. To create correct SNAT rule you need follow this steps:

1. Applied on: [Important!] External-Internet-2572 
2. Description: Feel free to input anything you want, it describe this NAT rule
3. Original (Internal) source IP/range: Please input here whole range of your LAN network with subnet mask - example: 192.168.1.0/24
4. Translated (External) source IP/range: Input here external IP of your organization provided by Canopy at the beginning 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments