Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Current »

Once you complete building your Virtual Machine and configuring Internet Access to it, you can now proceed to manage ports. Managing ports at NAT and Firewall also gives you access to maintain which IPs or networks are allowed to access the server.

In this knowledge base article, you will see and example of a basic configuration showing you how to open an SSH port.

 

To start you will need to configure a network. Refer to our guide at Configuring a Network using the vCloud Director Portal.

 

Add NAT rules

NAT rules must be configured to allow the VM to be accessed using a specific port.

 

1. On the NAT tab, click the DNAT RULE button

 A screenshot of a social media post Description automatically generated

 

2. Complete all the fields.

(In this example, we will configure our VM with the IP Internal 192.168.80.100 to be accessible via SSH from the internet on port 13320)

Applied on                         : CBT01-V791-NSX-UPLINK (if you are in CBT zone)

Original IP/Range             : Specify IP Public

Protocol                             : TCP

Original Port                      : Type custom port. (When opening an SSH port, in this case 22, we recommend that you do not use 22 for original port for security reasons)

Translated IP                     : Type your IP Internal/Private VM. Which VM you want to give SSH access, then type it.

 

Translated Port                 : 22 (This field contains the original service port)

 

A screenshot of a cell phone Description automatically generated

 

3. Save changes

A screenshot of a cell phone Description automatically generated

 

 

Add Firewall Rules

After you add the NAT rules, you will need to allow the port on the Firewall.

 

1. On the Firewall tab, click Add button. You will see a new row being added.

A screenshot of a social media post Description automatically generated

 

2. On the Source column, click the IP button if you would like to allow a connection from a specific IP only, otherwise leave it as Any.

A screenshot of a social media post Description automatically generated 

A screenshot of a social media post Description automatically generated

 

3. On the Destination column, click on the IP button. 

A screenshot of a social media post Description automatically generated

 

4. Specify your Public IP, then click on Keep.

A screenshot of a cell phone Description automatically generated

 

5. On the Service column, click the + icon.

Protocol: TCP

Source Port: any

Destination port: 13320 (this is port you want to allow to be opened. This typically same with Original port at NAT option)

A screenshot of a computer Description automatically generated

 

6. Save changes.

A screenshot of a social media post Description automatically generated

 

 

 

Open ICMP rules (optional)

This rule opens the ICMP service so you are able to ping the Public IP.

 

1. On the Firewall tab, click the Add button. You will see a new row added.

A screenshot of a computer Description automatically generated

 

2. Give it a name. Go to the Service column and click on the + icon

A screenshot of a computer Description automatically generated

 

3. Select ICMP for Protocol. Then, Keep.

A screenshot of a computer screen Description automatically generated

 

4. Save changes

A screenshot of a computer Description automatically generated

 

 A screenshot of a cell phone Description automatically generated

 

  • No labels