If you select a NAT-based network connection when you deploy your vCloud Connector server, you need to set up NAT mapping and firewall rules.

There are multiple approaches to managing this issue. Decide whether you wish to use NAT to forward only the ports necessary for vCloud Connector operation or to forward all ports and then set up a firewall rule to filter all but the required ports. See System Requirements for the list of required ports.

Your appliance is deployed and you are logged in to the vCloud Director Web console as organization administrator or system administrator.


Click the Administration tab and select Networks in the left panel.


Find the network you are using in the Networks list, right-click, and select Configure Services.


In the Configure Services dialog box, click the NAT Mapping tab and click Add at the bottom of the popup to create the NAT rule.

The Add NAT Rule popup appears.


Select one of the External IP addresses from the drop-down menu.

Note this address if you plan to set up a firewall rule.


If you wish to NAT all ports, enter * for the first port entry.

If you wish to NAT only the required ports, create a rule for each port.


Enter the internal IP address from your initial setup and match the port entry for this rule.


Click OK and click OK again.


If you are using a firewall rule to control traffic, click the Firewall tab and select the Enable firewall check box.


Click Add at the bottom of the pop-up menu to create a new firewall rule.

Create a rule for each necessary port.

The Add Firewall Rule popup appears.


Give the rule a name and select the Incoming option.


Specify Any for the source IP address and the source port.


Type the destination IP address and port.

The destination IP address is the external IP address.


Select the Allow action.


Select the Enabled check box.


Click OK and click OK again to create the rule.