![\"\"](\"http:\/\/192.168.8.14\/wp-content\/uploads\/2020\/09\/EdgeRules01-1024x368.png\")
Click on the Edge gateway to get the general configuration menus. Select Gateway Interfaces and make a note of the Primary IP. This is the Edges external IP. We will need that for creating rules.<\/p>\n\n\n\n Now go back to the list of Edge gateways and select the edge we want to edit the firewall rules on. Select the SERVICES link.<\/p>\n\n\n\n The Edge config widow will open and show firewall rules. A blank rule is created. Hover the mouse over the Source box and two icons will appear. Click the Plus and a window with select-able objects will pop up<\/p>\n\n\n\n Click on the Internal object, then click the right arrow to move it to the selected list on the right. Then click Keep.<\/p>\n\n\n\n Back at the rule, hover the mouse over the Destination box and click the Plus.<\/p>\n\n\n\n Now we select and keep the External object.<\/p>\n\n\n\n Now the rule is complete. We could lock it down to specific traffic but for this example allowing any traffic out is fine. Now click the Save changes link on the top right to commit the rule.<\/p>\n\n\n\n Now click the NAT tab to be taken to the NAT rule page.<\/p>\n\n\n\n Click the SNAT RULE button under NAT 44 Rules (IPv4)<\/p>\n\n\n\n The create SNAT rule window pops up. Now click Save changes to commit the rule<\/p>\n\n\n\n With the rule saved we now have now alowed outbound traffic. Now we can point our VMs at what ever update portal is available to them, down load applications and prep them for there final job.<\/p>\n\n\n\n Other posts in this series<\/p>\n\n\n\n vCloud Series<\/a> Once you have some VMs on your vCloud network you will need to allow them access to the internet. Outbound access is configured on the Edge gateway using a firewall and a Source NAT ruleThe firewall rule will allow the internal traffic to reach the external network and the NAT rule will map the internal…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[27,69],"tags":[78,80,79,81,72,82,71],"class_list":["post-360","post","type-post","status-publish","format-standard","hentry","category-tutorial","category-vcloud","tag-edge","tag-firewall","tag-gateway","tag-nat","tag-nsx","tag-rules","tag-vcloud-director"],"_links":{"self":[{"href":"https:\/\/www.jasonstreet.com\/index.php?rest_route=\/wp\/v2\/posts\/360","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.jasonstreet.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.jasonstreet.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.jasonstreet.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.jasonstreet.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=360"}],"version-history":[{"count":5,"href":"https:\/\/www.jasonstreet.com\/index.php?rest_route=\/wp\/v2\/posts\/360\/revisions"}],"predecessor-version":[{"id":484,"href":"https:\/\/www.jasonstreet.com\/index.php?rest_route=\/wp\/v2\/posts\/360\/revisions\/484"}],"wp:attachment":[{"href":"https:\/\/www.jasonstreet.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=360"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.jasonstreet.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=360"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.jasonstreet.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=360"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}![\"\"](\"http:\/\/192.168.8.14\/wp-content\/uploads\/2020\/09\/EdgeRules01.5-1024x291.png\")
![\"\"](\"http:\/\/192.168.8.14\/wp-content\/uploads\/2020\/09\/EdgeRules02.png\")
To allow outbound access we need a firewall rule and a SNAT rule.
I always click the Show only user defined rules slider to hide the default rules. Then click the Plus button to add a rule.<\/p>\n\n\n\n![\"\"](\"http:\/\/192.168.8.14\/wp-content\/uploads\/2020\/09\/EdgeRules03-1024x515.png\")
Double click the New rule box to enter a new name for the rule.<\/p>\n\n\n\n![\"\"](\"http:\/\/192.168.8.14\/wp-content\/uploads\/2020\/09\/EdgeRules04-1024x244.png\")
![\"\"](\"http:\/\/192.168.8.14\/wp-content\/uploads\/2020\/09\/EdgeRules05.png\")
<\/figure>\n\n\n\n![\"\"](\"http:\/\/192.168.8.14\/wp-content\/uploads\/2020\/09\/EdgeRules06.png\")
![\"\"](\"http:\/\/192.168.8.14\/wp-content\/uploads\/2020\/09\/EdgeRules07.png\")
<\/figure>\n\n\n\n![\"\"](\"http:\/\/192.168.8.14\/wp-content\/uploads\/2020\/09\/EdgeRules08.png\")
![\"\"](\"http:\/\/192.168.8.14\/wp-content\/uploads\/2020\/09\/EdgeRules09-1024x222.png\")
![\"\"](\"http:\/\/192.168.8.14\/wp-content\/uploads\/2020\/09\/EdgeRules11-1024x256.png\")
<\/figure>\n\n\n\n
here we enter the original source (Internal) IP range.
The Translated Source IP\/Range is the external IP of the edge (that we looked up in the fist step).
Add a description if you want to.
Click Keep when finished.<\/p>\n\n\n\n![\"\"](\"http:\/\/192.168.8.14\/wp-content\/uploads\/2020\/09\/EdgeRules12.png\")
![\"\"](\"http:\/\/192.168.8.14\/wp-content\/uploads\/2020\/09\/EdgeRules13-1024x300.png\")
![\"\"](\"http:\/\/192.168.8.14\/wp-content\/uploads\/2020\/09\/EdgeRules14-1024x269.png\")
Creating a Network<\/a>
Creating a vApp<\/a>
Creating Edge gateway outbound rules (this post)
Creating Edge gateway inbound rules<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"