How To Set Up NAT Mapping - vCloud Connector Server and vCloud Director 1.5

Set Up NAT Mapping 
vCloud Connector Server and vCloud Director 1.5

If you select a NAT-based network connection when you deploy your vCC Server, you need to set up NAT mapping and firewall rules.

There are multiple approaches to managing this issue. Decide whether you wish to use NAT to forward only the ports necessary for vCC operation or to forward all ports and then set up a firewall rule to filter all but the following required ports:

■	Port 8443: For communication between vCC Server and Node and between Nodes.
■	Port 5480: For communication with the Web admin interface for the appliance, for example during the registration process.

Prerequisites

Your appliance is deployed and you are logged in to the vCloud Director Web console.

Procedure

1	Click the Administration tab and select Networks in the left panel.
2	Find the network you are using in the Networks list and right-click.
3	Select Configure Services... from the Network Menu. The Configure Services popup appears.
4	Click the NAT Mapping tab and click Add at the bottom of the popup to create the NAT rule. The Add NAT Rule popup appears.
5	Select one of the External IP addresses from the drop-down list. Note this address if you plan to set up a firewall rule.
6	If you wish to NAT all ports, enter * for the first port entry. If you wish to NAT only the two required ports, create two rules, one for each port.
7	Enter the internal IP address from your initial setup and match the port entry for this rule.
8	Click OK and click OK again.
9	If you are using a firewall rule to control traffic, click the Firewall tab and select the Enable firewall check box.
10	Click Add at the bottom of the pop-up to create a new firewall rule. Create two rules, one for each necessary port. The Add Firewall Rule popup appears.
11	Give the rule a name and select the Incoming radio button.
12	Type the source IP address and the source port. For incoming traffic, the source is the external network. This is the address you selected in Step 5
13	Type the destination IP address and port. The destination IP address is the internal IP address from your initial setup.
14	Select the Allow action.
15	Select the Enabled check box.
16	Click OK and OK to create the rule.