blob: 467a304915d3f37848e35a7213eceef441d6e44b [file] [log] [blame]
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="enable-disable-static-nat-vpc">
<title>Enabling or Disabling Static NAT on a VPC</title>
<para>A static NAT rule maps a public IP address to the private IP address of a VM in a VPC to
allow Internet traffic to it. This section tells how to enable or disable static NAT for a
particular IP address in a VPC.</para>
<para>If port forwarding rules are already in effect for an IP address, you cannot enable static
NAT to that IP.</para>
<para>If a guest VM is part of more than one network, static NAT rules will function only if they
are defined on the default network.</para>
<orderedlist>
<listitem>
<para>Log in to the &PRODUCT; UI as an administrator or end user.</para>
</listitem>
<listitem>
<para>In the left navigation, choose Network.</para>
</listitem>
<listitem>
<para>In the Select view, select VPC.</para>
<para>All the VPCs that you have created for the account is listed in the page.</para>
</listitem>
<listitem>
<para>Click the Configure button of the VPC to which you want to deploy the VMs.</para>
<para>The VPC page is displayed where all the tiers you created are listed in a
diagram.</para>
<para>For each tier, the following options are displayed.</para>
<itemizedlist>
<listitem>
<para>Internal LB</para>
</listitem>
<listitem>
<para>Public LB IP</para>
</listitem>
<listitem>
<para>Static NAT</para>
</listitem>
<listitem>
<para>Virtual Machines</para>
</listitem>
<listitem>
<para>CIDR</para>
</listitem>
</itemizedlist>
<para>The following router information is displayed:</para>
<itemizedlist>
<listitem>
<para>Private Gateways</para>
</listitem>
<listitem>
<para>Public IP Addresses</para>
</listitem>
<listitem>
<para>Site-to-Site VPNs</para>
</listitem>
<listitem>
<para>Network ACL Lists</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>In the Router node, select Public IP Addresses.</para>
<para>The IP Addresses page is displayed.</para>
</listitem>
<listitem>
<para>Click the IP you want to work with.</para>
</listitem>
<listitem>
<para>In the Details tab,click the Static NAT button.<inlinemediaobject>
<imageobject>
<imagedata fileref="./images/enable-disable.png"/>
</imageobject>
<textobject>
<phrase>enable-disable.png: button to enable Static NAT.</phrase>
</textobject>
</inlinemediaobject>The button toggles between Enable and Disable, depending on whether
static NAT is currently enabled for the IP address.</para>
</listitem>
<listitem>
<para>If you are enabling static NAT, a dialog appears as follows:</para>
<mediaobject>
<imageobject>
<imagedata fileref="./images/select-vm-staticnat-vpc.png"/>
</imageobject>
<textobject>
<phrase>select-vmstatic-nat.png: selecting a tier to apply staticNAT.</phrase>
</textobject>
</mediaobject>
</listitem>
<listitem>
<para>Select the tier and the destination VM, then click Apply.</para>
</listitem>
</orderedlist>
</section>