You can add NAT rules to a one-to-many NAT network component in a blueprint when the NAT network component is associated to a non-clustered vSphere machine component or an on-demand NSX load balancer component.

You can define NAT rules for any NSX-supported protocol. You can map a port or a port range from the external IP address of an Edge to a private IP address in the NAT network component.

  • vSphere Machine Component

    You can create NAT rules for a NAT one-to many network component that is associated to a non-clustered vSphere machine component.

    For example, if two machines are associated to a NAT one-to-many network component on the blueprint, you can define a NAT rule that allows port 443 on the external IP to connect to the machines through port 80 on the NAT network using TCP protocol.

  • NSX Load Balancer Component

    You can create NAT rules for a NAT one-to many network component that is associated to the VIP network of an NSX load balancer component.

    For example, if the NAT network component is associated to a load balancer component that is load balancing three machines, you can define a NAT rule that allows port 90 on the external IP to connect to the load balancer VIP through port 80 on the NAT network using UDP protocol.

You can create any number of NAT rules and you can control the order in which the rules are processed.

The following elements are not supported for NAT rules:

  • NICs that are not in the current network

  • NICs that are configured to get IP addresses by using DHCP

  • Machine clusters

To add NAT rules to a NAT network component in a blueprint, see Add an On-Demand NAT or On-Demand Routed Network Component.

For related information about using NAT rules, see public articles such as this vmwarelab blog post.