VMware Cloud Community
ftorres10
Contributor
Contributor

Need help with nat and fence labmanager to vcloud migration

I am trying to get nat to work in Vcloud director to replace my labmanager environment. I have several apps that cannot have the IP's changed and need multiple copies of them running at the same time. 

VM's are on network is on a 2.xx range and they need to be accessed from desktops on a network that can be accessed from the 1.xx.  The VM's need to be fenced as I use the 2.xx network.

So far I have created a catalog and a vapp network - the systems come up fine and I can use the console but I cannot get to my gateway on the VM's . Have an external network setup on the 1.xx

vshield edge is deployed on the gateway address of 2.1 and windows VM is on 2.100. External IP shows as 1.242.

Thanks for the help.

Reply
0 Kudos
5 Replies
JasonBurrell
Enthusiast
Enthusiast

The gateway will not respond to ping by default and there is a default firewall rule that denies all inbound, have you tried turing the vApp firewall off?

ftorres10
Contributor
Contributor

Jason,

yes I turned off the firewall on both the Windows hosts and the vapp. I also tried a remote desktop to the VM. I am unable to ping the gateway from the VM. 

Reply
0 Kudos
cfor
Expert
Expert

I would suggest adding a firewall rule, not just turning off the firewall.

ICMP would be the protocol for ping; and I would try source:internal destination:any to allow alll pings from inside your app to work, but still protect from an outside query.

ChrisF (VCP4, VCP5, VCP-Cloud) - If you find this or any other answer useful please consider awarding points by marking the answer correct or helpful
Reply
0 Kudos
AUTMatt
Contributor
Contributor

I have the same exact scenario you describe and have it working fine...  I do uncheck the firewall option when configuring the network connection to external.  I'm using pvlan tunneling for the isolated networks.

Edit:  Also, I created a simple PowerShell import script to pull the VMs into vCloud to a given vApp.  Still have to do the IP config manually to set it as the same IP (and tell it not to customize guest).

ftorres10
Contributor
Contributor

Found solution after many hours of debugging with Vmware.

When setting up your internal Edge gateway - do not use an address that is in use already on your external network. Did this without thinking about it - but really confuses the edge gateway.

Reply
0 Kudos