You can add an NSX on-demand NAT network component or NSX on-demand routed network component to the design canvas in preparation for associating their settings to one or more vSphere machine components in the blueprint.

About this task

When you associate an existing network component or an on-demand network component with a machine component, the NIC information is stored with the machine component. The network profile information that you specify is stored with the network component.

You can add multiple network and security components to the design canvas.

You can have more than one on-demand network component in a single blueprint. However, all of the on-demand network profiles that are used in the blueprint must reference the same external network profile.

For machine components that do not have a Network or Security tab, you can add network and security custom properties, such as VirtualMachine.Network0.Name, to their Properties tab in the design canvas. NSX network, security, and load balancer properties are only applicable to vSphere machines.

Prerequisites

Procedure

  1. Click Network & Security in the Categories section to display the list of available network and security components.
  2. Drag an on-demand NAT or on-demand routed network component onto the design canvas.
  3. Enter a component name in the ID text box to uniquely label the component in the design canvas.
  4. Select an appropriate network profile from the Parent network profile drop-down menu. For example, if you want to add a NAT network component, select a NAT network profile that is configured to support your intended network settings.

    If you want to specify NAT rules in a NAT network component, you must use a parent network profile that is configured for NAT one-to-many.

    Depending on the profile type you select, the following network settings are populated based on your network profile selection. Changes to these values must be made in the network profile:

    • External network profile name

    • NAT type (On-Demand NAT Network)

    • Subnet mask

    • Range subnet mask (On-Demand Routed Network)

    • Range subnet mask (On-Demand Routed Network)

    • Base IP address (On-Demand Routed Network)

  5. (Optional) : Enter a component description in the Description text box.
  6. (Optional) : Click the DNS/WINS tab.
  7. (Optional) : Specify or accept provided DNS and WINS settings for the network profile.
    • Primary DNS

    • Secondary DNS

    • DNS Suffix

    • Preferred WINS

    • Alternate WINS

    You cannot change the DNS or WINS settings for an existing network.

  8. Click the IP Ranges tab.

    The IP range or ranges specified in the network profile are displayed. You can change the sort order or column display. For NAT networks, you can also change IP range values.

    1. Enter a start IP address value in the IP range start text box.
    2. Enter a start IP address value in the IP range start text box.
  9. If you are using a NAT network that is based on a one-to-many NAT network profile that uses static IP ranges, you can use the NAT Rules tab to add rules that enable an external IP to access components in the internal NAT network.

    For a NAT one-to-many network, you can define NAT rules that can be configured when you add a NAT network component to the blueprint and can be changed when you edit the NAT network in a deployment.

    The options that are available for selection are based on the vSphere machine or NSX load balancer components that you have associated to the NAT network component.

    • Name - Enter a unique rule name.

    • Component - Select from a list of associated vSphere machine or load balancer components to which the NAT network is associated.

    • Source port - Select the ANY option, enter a valid port or port range, or specify a valid property binding.

    • Destination port - Select the ANY option, enter a valid port or port range, or specify a valid property binding.

    • Protocol - Enter any valid NSX-supported protocol or select the TCP, UDP, or ANY option.

    • Description - Enter a brief description of what the NAT rule is designed to do.

  10. Click Finish to save the blueprint as draft or continue configuring the blueprint.

What to do next

You can continue configuring network settings by adding additional network components and by selecting settings in the Network tab of a vSphere machine component in the design canvas.