You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/azure-vmware/enable-public-ip-nsx-edge.md
+3-5Lines changed: 3 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -62,10 +62,8 @@ There are three options for configuring your reserved Public IP down to the NSX
62
62
63
63
A Sourced Network Translation Service (SNAT) with Port Address Translation (PAT) is used to allow many VMs to one SNAT service. This connection means you can provide Internet connectivity for many VMs.
64
64
65
-
To enable SNAT for your specified address ranges, you must configure a gateway firewall rule and SNAT for the specific address ranges you desire. If you do not want SNAT enabled for specific address ranges, you must also create a No-NAT rule for the address ranges you wish to exclude. For this functionality to work as expected, make the No-NAT rule a higher priority than the SNAT rule.
66
-
67
65
>[!Note]
68
-
> To enable SNAT for your specified address ranges, you must [configure a gateway firewall rule](#gateway-firewall-used-to-filter-traffic-to-vms-at-t1-gateways) and SNAT for the specific address ranges you desire. If you don't want SNAT enabled for specific address ranges, you must also create a [No-NAT rule](#no-nat-rule-for-specific-address-ranges) for the address ranges you wish to exclude. For this functionality to work as expected, make the No-NAT rule a higher priority than the SNAT rule.
66
+
> To enable SNAT for your specified address ranges, you must [configure a gateway firewall rule](#gateway-firewall-used-to-filter-traffic-to-vms-at-t1-gateways) and SNAT for the specific address ranges you desire. If you don't want SNAT enabled for specific address ranges, you must create a [No-NAT rule](#no-nat-rule-for-specific-address-ranges) for the address ranges to exclude. For this functionality to work as expected, make the No-NAT rule a higher priority than the SNAT rule.
69
67
70
68
**Add rule**
71
69
1. From your Azure VMware Solution private cloud, select **vCenter Credentials**
@@ -91,7 +89,7 @@ Logging can be enabled by way of the logging slider. For more information on NSX
91
89
92
90
A No NAT rule can be used to exclude certain matches from performing Network Address Translation. This policy can be used to allow private IP traffic to bypass the NAT rule.
93
91
94
-
1. From your Azure VMware Solution private cloud, select **vCenter Credentials**
92
+
1. From your Azure VMware Solution private cloud, select **vCenter Credentials**.
95
93
2. Locate your NSX-T URL and credentials.
96
94
3. Log in to **VMWare NSX-T** and then select **3 NAT Rules**.
97
95
@@ -125,7 +123,7 @@ The VM is now exposed to the internet on the specific Public IP and/or specific
125
123
### Gateway Firewall used to filter traffic to VMs at T1 Gateways
126
124
127
125
You can provide security protection for your network traffic in and out of the public internet through your Gateway Firewall.
128
-
1. From your Azure VMware Solution Private Cloud, select **VMware credentials**
126
+
1. From your Azure VMware Solution Private Cloud, select **VMware credentials**.
129
127
2. Locate your NSX-T URL and credentials.
130
128
3. Log in to **VMware NSX-T**.
131
129
4. From the NSX-T home screen, select **Gateway Policies**.
0 commit comments