VMware VSHIELD MANAGER 4.1.0 UPDATE 1 - API Uživatelský manuál stáhnout pdf (Strana 28)

vShield API Programming Guide

28 VMware, Inc.

Managing NAT

ThevShieldEdgeprovidesnetworkaddresstranslation(NAT)servicetoprotecttheIPaddressesofinternal,

privatenetworksfromthepublicnetwork.YoucanconfigureNATrulestoprovideaccesstoservicesrunning

onprivatelyaddressedvirtualmachines.TheNATserviceconfigurationisseparatedintoSNAT(Secure

NetworkAddressTranslation)and

DNAT(DestinationNetworkAddressTranslation)rules.

AllSNATand DNATrulesconfiguredbyusingRESTrequests appearunderthevShieldEdge>NATtabfor

theappropriatevShieldEdgeinthevShieldMana geruserinte rf a c eandvSphereClientplug‐in.

FortheNATschema,see“NATSchema”onpage 77.

Managing SNAT Rules

ThevShieldEdgeusesSNATtomapinternaladdressestoallocatedpublicaddresses.IfyouusePortGroup

Isolation,youmustconfigureSNATrulestoallowtrafficfromtheinternalnetworktotheexternalnetwork.

Get the SNAT Rule Set

Example 5-13. Get the SNAT rule set on a vShield Edge

Request:

GET <vshield_manager-uri>/api/1.0/network/<internal-portgroup-vc-moref-id>/snat/rules

Example:

GET /api/1.0/network/network-244/snat/rules HTTP/1.1

Authorization: Basic YWRtaW46ZGVmYXVsdA==

Host: localhost

Post an SNAT Rule Set

YoucanpostanSNATrulesetforavShieldEdgeviaREST.ThevShieldManagerprocessesthepostedXML

fileasacompleterulesetforthespecificvShieldEdge.Thecurrentrulesetisreplacedwiththisnewsetof

rules.

Example 5-14. Post an SNAT Rule Set on a vShield Edge

Request:

POST <vshield_manager-uri>/api/1.0/network/<internal-portgroup-vc-moref-id>/snat/rules

<ipAddress>IpOrAny</ipAddress>

<rangeStart>ip_address</rangeStart>

<rangeEnd>ip_address</rangeEnd>

</IpRange>

</externalIpAddress>

<ipAddress>IpOrAny</ipAddress>

<rangeStart>ip_address</rangeStart>

<rangeEnd>ip_address</rangeEnd>

</IpRange>

1 2 ... 23 24 25 26 27 28 29 30 31 32 33 ... 89 90

Žádné komentáře

VMware VSHIELD MANAGER 4.1.0 UPDATE 1 - API Uživatelský manuál Strana 28