To provide a vApp network with DHCP, firewall, NAT, and VPN services, you must create it as an NAT routed vApp network.

Verify that you are connected to a vCloud Director server.


Retrieve the vApp for which you want to create a vApp network.

$myVApp = Get-CIVApp -Name 'MyVApp'

Retrieve the organization vDC network to which you want to connect the vApp network.

$myOrgVdcNetwork = Get-OrgVdcNetwork -Name 'MyOrgVdcNetwork'

Create the new vApp network with a gateway and network mask, defined pool of static IP addresses, and a disabled firewall.

New-CIVAppNetwork -VApp $myVApp -ParentOrgVdcNetwork $myOrgVdcNetwork -Name 'MyVAppInternalNetwork' -Routed -Gateway '' -Netmask '' -DisableFirewall -StaticIPPool " -"

If you do not run New-CIVAppNetwork with the DisableFirewall parameter, the new vApp network has an enabled firewall by default.