vCloud Director ORG VM’s cannot contact the internet

I have been playing around a lot of late with vCloud director.  I tried it out in the 1.0 days and found it to be lacking.  I used it again in the 1.5 days and also found it to be a pain.  It looks like VMware has got it figured out with 5.1.  Don’t get me wrong it’s still a lot of components pasted together but when setup it works great.   I did run into a few issues with changes. made between versions.  In 1.5 your would deploy vApp’s to a routed ORG network and it just worked they could get to the internet.   This has changed in 5.1.  See this article for full information.  Here are the steps to get it working again.   This example assumes that you want all your ORG vApp’s to have the same ip address.

  1. Create the ORG Edge gateway (this should be done when you create the org if not do it now)
  2. Sub-allocated some external IP’s to the Edge gateway
  3. Create a SNAT rule on the edge gateways external interface (this is the part that got me… not the ORG network but the edge external) This should be a internal range like 192.168.10.0/24 to a single external IP like 8.8.8.4 (if I was a google DNS server)
  4. Add a firewall rule that allows all outgoing traffic from your internal (use the term internal) to external (term external) protocol any and action is allow.

That’s it and it works.  I will be writing a lot more on vCloud in the near future so keep tuned.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.