I have a vCloud 5.1 setup with separate Organization VDC for each customers, an external network with public IP addresses. We use Edge Gateway to connect the Organization VDC to the outside world. When you create the edge gateway it allocates one of the public IP address to this. If you want to give the vApps/VM behind this edge gateway access to the internet you need to add a sub allocated IP address from the public IP address pool. Then you can create a Source NAT rule for that network and then these vApp can access the internet.
This seem a waste for my public IP addresses as I need at least 2 Public IP addresses per customer.
If you try and use add the primary public IP address which is allocated for edge gateway to create the Source NAT rule it says that' External IP should belong to the sub-allocated IP range'
But if use the vShield manager you can edit the edge gateway and can create a Source NAT rule with the primary public IP and vApp wil get internet access.
Has anyone else come across this problem?
Is this a limitation with vCloud 5.1?
Is there any issue configuring the edge firewall via vShield manager rather than the vCloud interface?
Gateway primary external IP can be added to sub-allocation pool. There's no need for two IPs
Gateway primary external IP can be added to sub-allocation pool. There's no need for two IPs
Thanks this worked, why did i not think of that!!!.
I found vCloud 5.1 a little confusing in the beginning, so I wrote some blogposts on it, maybe they are some help to you as well:
Overview of this VMware vCloud 5.1 Networking for dummies:
Bumping to say thanks for the guides. Big help.
Bumping this to ask for some ideas - is it a typical use case to separate the cloud management VM's behind a firewall, on your primary wan subnet, and then use a separate wan subnet for the tenants?
please start a new thread ... I rarely look at anything marked as answered, unless searching for a solution.
Good idea -- added one here: http://communities.vmware.com/message/2220148#2220148