BILLmanager 6
en En
es Es
Your feedback is an opportunity for improvement!
Take part in the survey and contribute to the development of the ISPsystem ecosystem.
Take the survey
Support

NAT

Network Address Translation (NAT) modifies the source IP address or destination of packages transmitted through the network router. To manage NAT rules, navigate to  Products/Services → Virtual DC→ Routers→ NATCreate.

Enter the following parameters:

  • Data-center network — select a data-center network. You can select all networks connected to the router; 
  • Rule type — NAT rule type: 
    • SNAT — a SNAT rule changes the source IP address; 
    • DNAT — a DNAT rule changes the destination IP address; 
  • Description  — enter a text to describe the rule;
  • Protocol  — Select the protocol to which the rule applies. If the SNAT files are hidden, the rule will be applied to any protocol;
  • Source IP/range— IP address of the request sent to the router. For the SNAT — enter an internal address or range. For the DNAT — enter an external address or range. If you set up integration with vCloud Director 9.0 note the following limitations: 
    • The DNAT rule for external network — you can enter only external IP addresses; 
    • The DNAT rule for organization  — you can enter only internal IP addresses. 
  • Translated IP/range— select the IP address or a range of IP addresses to which destination addresses on inbound packets will be translated. For the SNAT — enter an external address or range. For DNAT — enter an internal address or range. If you set up integration with vCloud Director 9.0 note the following limitations: 
    • The SNAT rule for external network —  you can enter only external IP addresses; 
    • The SNAT rule for organization  — you can enter only internal IP addresses.

Configuration rulesLink to Configuration rules

  • in different NAT rules you cannot use the same combination of the source IP and source port; 
  • if you create a DNAT rule for the organization network, the source IP/range must not be included into the range of IP addresses of the router DHCP-server; 
  • the source IP/range cannot include an external VPN IP address; 
  • If you create a SNAT rule for the organization, the translated IP/range must not be included  into the range of IP addresses of the router DHCP-server; 
  • the source IP/range of a  DNAT rule must not include the IP addresses from the source IP/range of another DNAT rule; 
  • the translated IP/range of the SNAT rule cannot include IP addresses from the translated IP/range of another SNAT rule. 
The article was last updated on 07.19.2022. The article was prepared by technical writers of ISPsystem .