A gateway connects a virtual data center to the Internet. It provides networking services such as firewall, NAT, load balancing, and IPSEC VPN to the virtual machines and networks connected to it.

In the vCloud Hybrid Service, virtual data centers have two types of networks, isolated networks and gateway networks. Gateway networks, also referred to as routed networks, are connected to a gateway. Isolated networks are isolated within the virtual data center and are not connected to a gateway.

You connect virtual machines to networks to enable them to communicate with each other. If the virtual machines need to connect to the Internet, or need networking services, connect them to a gateway network.

In Dedicated Cloud instances, when you create a new virtual data center and allocate a public IP address to it, a gateway, a gateway network, and an isolated network are also created. A private IP pool is assigned to each network.

If you do not allocate a public IP address to the virtual data center while creating it, only an isolated network is created. In this case, you can create a gateway later. Gateway networks are always created with gateways.

You can also create additional gateways for virtual datacenters in Dedicated Cloud instances.

In the Virtual Private Cloud service, a gateway, a gateway network, and an isolated network are already created for you. Public IP addresses assigned to you are linked to the gateway. A private IP pool is assigned to each network.

You cannot set up or manage networking services such as firewall, NAT, load balancing, and IPSEC VPN from the vCloud Hybrid Service plug-in. Use the vCloud Hybrid Service portal to set up these services. See the vCloud Hybrid Service User's Guide for more information.