Versions Compared

Old Version 1

changes.mady.by.user Tahir Kulelija

Saved on

compared with

New Version 2

changes.mady.by.user Tahir Kulelija

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Once you complete building your Virtual Machine and configuring Internet Access to it, you can now proceed to manage ports. Managing ports at NAT and Firewall also gives you access to maintain which IPs or networks are allowed to access the server.

In this knowledge base article, you will see and example of a basic configuration showing you how to open an SSH port.

 

To start you will need to configure a network. Refer to our guide at Configuring a Network using the vCloud Director Portal.

 

Add NAT rules

NAT rules must be configured to allow the VM to be accessed using a specific port.

 

1. On the NAT tab, click the DNAT RULE button

 A screenshot of a social media post Description automatically generatedImage Added

 

2. Complete all the fields.

(In this example, we will configure our VM with the IP Internal 192.168.80.100 to be accessible via SSH from the internet on port 13320)

Applied on                         : CBT01-V791-NSX-UPLINK (if you are in CBT zone)

Original IP/Range             : Specify IP Public

Protocol                             : TCP

Original Port                      : Type custom port. (When opening an SSH port, in this case 22, we recommend that you do not use 22 for original port for security reasons)

Translated IP                     : Type your IP Internal/Private VM. Which VM you want to give SSH access, then type it.

 

Translated Port                 : 22 (This field contains the original service port)

 

A screenshot of a cell phone Description automatically generatedImage Added

 

3. Save changes

A screenshot of a cell phone Description automatically generatedImage Added

 

 

Add Firewall Rules

After you add the NAT rules, you will need to allow the port on the Firewall.

 

1. On the Firewall tab, click Add button. You will see a new row being added.

A screenshot of a social media post Description automatically generatedImage Added

 

2. On the Source column, click the IP button if you would like to allow a connection from a specific IP only, otherwise leave it as Any.

A screenshot of a social media post Description automatically generatedImage Added 

A screenshot of a social media post Description automatically generatedImage Added

 

3. On the Destination column, click on the IP button. 

A screenshot of a social media post Description automatically generatedImage Added

 

4. Specify your Public IP, then click on Keep.

A screenshot of a cell phone Description automatically generatedImage Added

 

5. On the Service column, click the + icon.

Protocol: TCP

Source Port: any

Destination port: 13320 (this is port you want to allow to be opened. This typically same with Original port at NAT option)

A screenshot of a computer Description automatically generatedImage Added

 

6. Save changes.

A screenshot of a social media post Description automatically generatedImage Added

 

 

 

Open ICMP rules (optional)

This rule opens the ICMP service so you are able to ping the Public IP.

 

1. On the Firewall tab, click the Add button. You will see a new row added.

A screenshot of a computer Description automatically generatedImage Added

 

2. Give it a name. Go to the Service column and click on the + icon

A screenshot of a computer Description automatically generatedImage Added

 

3. Select ICMP for Protocol. Then, Keep.

A screenshot of a computer screen Description automatically generatedImage Added

 

4. Save changes

A screenshot of a computer Description automatically generatedImage Added

 

 A screenshot of a cell phone Description automatically generatedImage Added