NSX Basic - Configuring Network NAT and Firewall

After you build a Virtual Machine and configure Internet Access into it, you can now manage ports to open or closed on the Network tab.

Managing port at NAT and Firewall also gives you access to maintain which IPs or network allowed to access the server.

In this knowledge base, you will see example basic configuration to open port Remote Desktop 3389.

 

1. Go to MyAccount Portal and select Network tab.

2. Select Network (This example uses JKT01-V791-NSX-UPLINK)

3. Go to NAT tab and Add New.

Details:

Rule Type: Destination NAT

Protocol : TCP + UDP (or if you prefer to use another protocol, then select it.)

 

Details:

Original IP : Type your IP Public Address

Original Port : Type custom port. (Even you are trying to open RDP port, in this case 3389, for security reasons, we recommend that you do do not use 3389 for original port)

Translated IP : Type your IP Internal/Private VM. Which VM you want to give RDP access, then type it.

Translated Port : 3389 (This field contain original RDP service port. If you already change RDP port in Windows Server, then type your changed port)

 

4. Save configuration.

 

5. After finish add new NAT rule, do not forget to create Firewall rule. Go to Firewall tab and Add New.

Details:

Policy : Allow

Description: RDP (or whatever you name it)

Source IP : Type which IPs or Network will be given remote access to your VM. You may allow your office network, for example. Please do not type Any on this. You do not want your RDP is open to the world.

Source Port : Any is allowed.

Destination IP : IP Public Address. Same with IP Public you just add at NAT rule.

Destination Port : Port you use for RDP. Same with Original Port you just add at NAT rule.

 

6. Save configuration.

 

Additional notes, those configuration above are basic configuration. Please consider the security of opening any port in firewall and ensure the password of VM is complex and change it regularly.