Continuation. Previous part included creating a VM from a Template
Before you start configuring a VM, there must be configured Edge Gateways accordingly. It is also necessary to configure the rules for port forwarding in NAT Edge Gateway.
VmWare View Agent Direct-Connection Plug In uses the following ports for its operation:
TCP port 443 (HTTPS);
TCP port 3389 (RDP);
TCP and UDP port 4172 (PCOIP);
TCP port 32111 (Framework Chanel);
VADC in the VM template is configured to operate with the above ports. Therefore, forwarding must be made to these ports. External ports can be selected arbitrarily. In case of using non-standard ranges of external ports, it is recommended to use continuous ranges. For example, how to forward the following sequence: 1000 → 443, 1001 → 3389, 1002 → 4172, 1003 → 32111.
Please note that if you have several VMs with VDAC, then for each of these VMs you need to configure the corresponding rules in NAT Edge Gateway.
To create rules, you must know your external IP address, the name of your external network by means of which VDC and the IP address of the VM are connected to the Internet.
1) Select EDGES tab;
2) Choose your ORGANIZATION_NAME_EDGE; Here, in the IP Address and Sub-allocated IP Pool fields, you can find out your external IP address, as well as the name of your external network (External Networks), by means of which Internet access is available.
3) Select CONFIGURE SERVICES in the top menu;
4) Select NAT tab. At least 2 rules are available after that.. SNAT rule for outgoing traffic. And a rule like DNAT for incoming traffic over the RDP protocol (TCP port 3389).
5) If there is no rules like SNAT for your internal network (as in the example above), you need to create a rule that allows outgoing traffic for your internal network. Press + SNAT RULE;
a) In Applied On field, select the name of your external network that you learned from p.2;
b) In Original source IP / range field, enter IP address of either your VM or IP address of the internal network;
c) In Translated (External) source IP / range field, enter the external IP address that you learned from p.2;
d) Switch to Enabled to activate the rule;
e) Press KEEP and save the rules.
6) To create rules for DNAT to allow incoming traffic on certain ports, click + DNAT RULE. You must create rules for the following ports 443 TCP, 3389 TCP, 4172 TCP and UDP, 32111 TCP;
a) In Applied On field, select the name of your external network that you learned in step 2;
b) In Original source IP / range field, enter the external IP address that you learned in step 2;
c) In Protocol field select the type of protocol: TCP, TCP & UDP;
d) In Original port field enter the port number on which traffic will be received;
e) In Translated IP / range field enter the IP address of your VM;
f) In Translated port field enter the port number from which traffic will be transmitted to your VM;
g) Switch to Enabled to activate the rule;
h) Press KEEP and save the rules.
7) Thus, you will need to create 4 rules for incoming traffic to your VM;
Have you tried Virtual cloud servers by Cloud4Y? Not yet?
Leave a request and get a 10-day free trial.