So you are telling me that I cannot create an isolated network for my vApp through the vCloud API when I can do it on the portal?

Looks like I misunderstood your question. I believe you can create an isolated vApp network (which is what I think you're asking)

by eliminating the NetworkConfig Section from the InstantiationParams.

Yes this is what I am asking.

If I eliminate the NetworkConfig tag from InstantiationParams, e.g. I do not map the logical network to anything, then vCloud Director return an error: The VCD entity network "vApp internal network" specified for VM "app23" does not exist.

Any other solution?

You need to create a vApp network named "vApp internal network"

Try somethng like this:

I am the admin of my organisation but I cannot create network because I am not the system admin.

The thing is that I can have an isolated network through the portal, I guess the portal is creating a network for me.

To be precise, it's not the instanciation of a vApp template but a composition of VM.

Maybe, it's just a problem of grant access to network creation?

It's hard to say not knowing all the details, but you should be able to do this (supply instantiation params)

on composition as well. Creating  a vApp network during instantiaiton should not require sys admin privileges, since you're

just connecting to an existing network (or creating an isolated network form exsiting resources). The API does not

curently match the portal's features exactly, but I believe that this should work for you in the API  if it works in the portal.

I finnally solved my problem.

When you want to create an isolated network, you set the parent network to nothing (don't set it). If so, you need to set an ipscope like the following:

            <NetworkConfig networkName="vApp internal network">

                <Description>Connection for vApp internal network</Description>

                <Configuration>

                    <IpScope>

                        <IsInherited>false</IsInherited>

                        <Gateway>192.168.1.1</Gateway>

                        <Netmask>255.255.255.0</Netmask>

                        <Dns1>0.0.0.0</Dns1>

                        <Dns2>0.0.0.0</Dns2>

                        <IpRanges>

                            <IpRange>

                              <StartAddress>192.168.1.2</StartAddress>

                              <EndAddress>192.168.1.254</EndAddress>

                            </IpRange>

                        </IpRanges>

                    </IpScope>

                    <FenceMode>isolated</FenceMode>

                </Configuration>

            </NetworkConfig>

The thing is that if you forget to set DNS for exemple, you will only get an internal error without explanation.

Thank you for your help.

Thanks. I'll update to doc to clarify this, and will see what we can do about the error rmessage.