Configure firewall and nat rules, Licensing and configuration, Vlm for vmware vcloud air – KEMP vCloud Air User Manual

Page 9

Advertising
background image

Copyright © 2002 - 2014 KEMP Technologies, Inc. All Rights Reserved. Page 9 / 24

VLM for VMware vCloud Air

Installation Guide

Configure Firewall and NAT Rules

Firewall and Network Address Translation (NAT) rules are required for communication between
clients and the Virtual LoadMaster. To configure firewall and NAT rules, navigate to the Edge
Gateway in vCloud Air and configure NAT and firewall rules as follows:

1. SNAT Rules

Original = Virtual LoadMaster IP or Subnet: Any – Translated: External Gateway IP: Any –
Protocol: Any

2. DNAT Rules

Original = External Gateway IP: 443 – Translated: Virtual LoadMaster IP: 443 – Protocol: TCP
Original = External Gateway IP: 53 – Translated: Virtual LoadMaster IP: Any – Protocol: Any

3. Firewall Rules

Source = Any: Any – Destination: Internal: 443 – Protocol: TCP
Source = Any: Any – Destination: Internal: 53 – Protocol: Any
Source = Virtual LoadMaster IP or Subnet: Any – Destination: Any: Any

As Virtual Services are added to the Virtual LoadMaster to provide traffic

distribution for application services, additional Destination Network

Address Translation (DNAT) rules will be required that direct traffic from

the appropriate external IP to the appropriate VLM Virtual Service IP

address for the correct port. This equally applies to firewall rules. For

example, if a syslog service is configured on the VLM, an inbound port 514

firewall rule will be required.

Licensing and Configuration

The VLM now needs to be configured to operate within the network configuration:

1. In an internet browser, enter either private IP address previously noted (if accessing the

console from a VM connected to the local network) or the public IP address. Ensure to
place https:// before the IP address.

2. A warning may appear regarding website security certificates. Click the continue/ignore

option.

3. The Virtual LoadMaster End User License Agreement screen appears.

Please read the license agreement and, if you are willing to accept the conditions
therein, click the Agree button to proceed.

4. A screen will appear asking if you are OK with the Virtual LoadMaster regularly

contacting KEMP to check for updates and other information. Click the relevant button
to proceed.

Advertising
Popular Brands
Popular manuals