To change the source IP address from a private to a public IP address, you create a source NAT (SNAT) rule. To change the destination IP address from a public to a private IP address, you create a destination NAT (DNAT) rule.
When you configure a SNAT or a DNAT rule on an edge gateway in the VMware Cloud Director environment, you always configure the rule from the perspective of your organization VDC.
An SNAT rule translates the source IP address of packets sent from an organization VDC network out to an external network or to another organization VDC network.
A NO SNAT rule prevents the translation of the internal IP address of packets sent from an organization VDC out to an external network or to another organization VDC network.
A DNAT rule translates the IP address and, optionally, the port of packets received by an organization VDC network that are coming from an external network or from another organization VDC network.
A NO DNAT rule prevents the translation of the external IP address of packets received by an organization VDC from an external network or from another organization VDC network.
VMware Cloud Director supports automatic route redistribution when you use NAT services on an NSX edge gateway.
Prerequisites
Verify that the public IP addresses are added to the edge gateway interface on which you want to add the rule.
Procedure
- From the top navigation bar, select Resources and click Cloud Resources.
- In the left panel, click Edge Gateways.
- Click the edge gateway and, under Services, click NAT.
- To add a rule, click New.
- Configure an SNAT or NO SNAT rule (inside going outside).
- Configure a DNAT or NO DNAT rule (outside going inside).
- Click Save.
- To configure additional rules, repeat these steps.