You can create an on-demand NSX NAT network profile relative to an external network profile in vRealize Automation. When using an NSX NAT network profile with a third-party IPAM provider, IP space is created and managed by the third-party IPAM provider.

When you use a third-party IPAM endpoint in your NAT network profile, the provider creates new IP ranges for each instance of the on-demand network. An internal set of IP addresses defined with one or more ranges is created in the third-party IPAM provider endpoint for every instance of the network. The IP ranges allocate IP addresses for the machines on the network in the same deployment. Because there cannot be duplicate IP addresses defined within a single address space, a new address space is created by the provider for each instance of the network. When a NAT network is destroyed, its ranges are destroyed in the IPAM provider endpoint and in the new address space.

You can use IP ranges obtained from the supplied VMware IPAM endpoint or from a third-party IPAM service provider endpoint that you have registered and configured in vRealize Orchestrator, such as Infoblox IPAM. An IP range is created from an IP block during allocation.

For a NAT one-to-many network, you can define NAT rules that can be configured when you add a NAT network component to the blueprint. You can change a NAT rule when you edit the NAT network in a deployment.