Versions Compared

Old Version 1

changes.mady.by.user Tahir Kulelija

Saved on

compared with

New Version Current

changes.mady.by.user Jason Baseley

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Updated images and link

...

Once you complete building your Virtual Machine and configuring Internet Access to it, you can now proceed to manage ports. Managing ports at NAT and Firewall also gives you access to maintain which IPs or networks are allowed to access the server.

In this knowledge base article, you will see and example of a basic configuration showing you how to open an SSH port.


To start you will need to configure a network. Refer to our guide at Configuring a Network using the vCloud Director Portal.


Add NAT rules

NAT rules must be configured to allow the VM to be accessed using a specific port.


1. On the NAT tab, click the DNAT RULE button

 Image Added

2. Complete all the fields.

(In this example, we will configure our VM with the IP Internal 192.168.80.100 to be accessible via SSH from the internet on port 13320)

Applied on                         : CBT01-V791-NSX-UPLINK (if you are in CBT zone)

Original IP/Range             : Specify IP Public

Protocol                             : TCP

Original Port                      : Type custom port. (When opening an SSH port, in this case 22, we recommend that you do not use 22 for original port for security reasons)

Translated IP                     : Type your IP Internal/Private VM. Which VM you want to give SSH access, then type it.


Translated Port                 : 22 (This field contains the original service port)

Image Added


3. Save changes

Image Added



Add Firewall Rules

After you add the NAT rules, you will need to allow the port on the Firewall.


1. On the Firewall tab, click Add button. You will see a new row being added.

Image Added


2. On the Source column, click the IP button if you would like to allow a connection from a specific IP only, otherwise leave it as Any.

Image Added


3. On the Destination column, click on the IP button. 

Image Added


4. Specify your Public IP, then click on Keep.

Image Added

5. On the Service column, click the ( + ); icon.

Protocol: TCP

Source Port: any

Destination port: 13320 (this is port you want to allow to be opened. This typically same with Original port at NAT option)

Image Added

6. Save changes.

Image Added



Open ICMP rules (optional)

This rule opens the ICMP service so you are able to ping the Public IP.


1. On the Firewall tab, click the Add button. You will see a new row added.

2. Give it a name. Go to the Service column and click on the ( + ) icon

3. Select ICMP for Protocol. Then, Keep.

Image Added

4. Save changes