VMware Cloud Community
celoxgroup
Enthusiast
Enthusiast
‎07-29-2020 07:22 AM
Jump to solution

How to add NAT rules to Edge Gateway with PowerCLI?

I have over 50 DNAT rules to add to the Edge Gateway and to avoid typos I was seeking for a solution to do it with PowerCLI. I found in the discussions board how to do it for firewall rules however I could not put together to do it for NAT rules.

I tried something like this (attempt to make a SNAT rule):

$natService = New-Object VMware.VimAutomation.Cloud.Views.NatService
$natService.IsEnabled = $true
$natRule = New-Object VMware.VimAutomation.Cloud.Views.NatRule
$natRule.IsEnabled = $true 
$gatewaynatRule = New-Object VMware.VimAutomation.Cloud.Views.GatewayNatRule
$gatewaynatRule.OriginalIp = "10.$NetworkID.0.0/16"
$gatewaynatRule.TranslatedIp = $OrgPublicIP
$gatewaynatRule.Interface = "External Network"
$natRule.Item = $gatewaynatRule
$natService.NatRule = $natRule
$edgeview.ConfigureServices($natService)

Source: vCloud NAT rule problem

Any help appreciated!

0 Kudos
1 Solution

Accepted Solutions
celoxgroup
Enthusiast
Enthusiast
‎07-29-2020 08:42 AM
Jump to solution

I found out! Happy days!

Here is the working script for DNAT and SNAT rule:

$gateway = Get-EdgeGateway "some gateway*"
$NatService = New-Object VMware.VimAutomation.Cloud.Views.NatService
$NatService.IsEnabled = $true 
$GatewayNatRule = New-Object VMware.VimAutomation.Cloud.Views.GatewayNatRule
$GatewayNatRule.OriginalIp = "your_public_IP"
$GatewayNatRule.OriginalPort = "3389"
$GatewayNatRule.TranslatedIp = "target_VM"
$GatewayNatRule.TranslatedPort = "3389"
$GatewayNatRule.Protocol = "tcp"
$GatewayNatRule.Interface = $gateway.ExtensionData.Configuration.GatewayInterfaces[0].GatewayInterface[0].Network
$NatRule = New-Object VMware.VimAutomation.Cloud.Views.NatRule 
$NatRule.IsEnabled = $true
$NatRule.RuleType = "DNAT"
$NatRule.Item = $GatewayNatRule
$NatService.NatRule += $NatRule
$GatewayNatRule = New-Object VMware.VimAutomation.Cloud.Views.GatewayNatRule
$GatewayNatRule.OriginalIp = "192.168.0.0/24"
$GatewayNatRule.TranslatedIp = "your_public_IP"
$GatewayNatRule.Interface = $gateway.ExtensionData.Configuration.GatewayInterfaces[0].GatewayInterface[0].Network
$NatRule = New-Object VMware.VimAutomation.Cloud.Views.NatRule 
$NatRule.IsEnabled = $true
$NatRule.RuleType = "SNAT"
$NatRule.Item = $GatewayNatRule
$NatService.NatRule += $NatRule
$gateway.ExtensionData.ConfigureServices($NatService)

View solution in original post

0 Kudos
1 Reply
celoxgroup
Enthusiast
Enthusiast
‎07-29-2020 08:42 AM
Jump to solution

I found out! Happy days!

Here is the working script for DNAT and SNAT rule:

$gateway = Get-EdgeGateway "some gateway*"
$NatService = New-Object VMware.VimAutomation.Cloud.Views.NatService
$NatService.IsEnabled = $true 
$GatewayNatRule = New-Object VMware.VimAutomation.Cloud.Views.GatewayNatRule
$GatewayNatRule.OriginalIp = "your_public_IP"
$GatewayNatRule.OriginalPort = "3389"
$GatewayNatRule.TranslatedIp = "target_VM"
$GatewayNatRule.TranslatedPort = "3389"
$GatewayNatRule.Protocol = "tcp"
$GatewayNatRule.Interface = $gateway.ExtensionData.Configuration.GatewayInterfaces[0].GatewayInterface[0].Network
$NatRule = New-Object VMware.VimAutomation.Cloud.Views.NatRule 
$NatRule.IsEnabled = $true
$NatRule.RuleType = "DNAT"
$NatRule.Item = $GatewayNatRule
$NatService.NatRule += $NatRule
$GatewayNatRule = New-Object VMware.VimAutomation.Cloud.Views.GatewayNatRule
$GatewayNatRule.OriginalIp = "192.168.0.0/24"
$GatewayNatRule.TranslatedIp = "your_public_IP"
$GatewayNatRule.Interface = $gateway.ExtensionData.Configuration.GatewayInterfaces[0].GatewayInterface[0].Network
$NatRule = New-Object VMware.VimAutomation.Cloud.Views.NatRule 
$NatRule.IsEnabled = $true
$NatRule.RuleType = "SNAT"
$NatRule.Item = $GatewayNatRule
$NatService.NatRule += $NatRule
$gateway.ExtensionData.ConfigureServices($NatService)
0 Kudos