平安云|Ping An Cloud- Building Your Smart Future

Create a DNAT Rule

This article describes how to create a DNAT rule. Prerequisites •  NAT gateway is created. • Cloud host instance is created in the DMZ network domain of the VPC that the NAT gateway belongs to. Procedures 1. Log in to the <a href="https://www.pinganyun.com/console/vpc/overview" target="_blank">VPC Console</a>. 2. Click NAT Gateway in the left navigation pane to enter the NAT Gateway page. 3. Select the target region to view the existing NAT gateways of that region. 4. Click host name of the target NAT gateway to enter the NAT Detail page. 5. Click the DNAT Rule tab. 6. Click Create in the upper-right corner to enter the Create DNAT Rule page. 7. Create the DNAT rule based on the following information. <img src="https://obs-cn-shanghai.yun.pingan.com/pcp-portal/20201707154533-14b96f229dea.png" style="height:556px; width:663px" /> Basic Information <table border="1" cellpadding="0" cellspacing="0" style="width:0px"> <tbody> <tr> <td style="background-color:#ededed; width:187px"> Configuration item </td> <td style="background-color:#ededed; vertical-align:top; width:596px"> Description </td> </tr> <tr> <td style="width:187px"> Mapping type </td> <td style="vertical-align:top; width:596px"> IP and Port mapping can be selected. <img src="https://obs-cn-shanghai.yun.pingan.com/pcp-portal/20201707154612-1f9acb4b966d.png" style="height:21px; margin:1px; width:50px" />: • When only a few fixed ports are needed to provide services, you can use the port mapping function to maximize the use of a single public IP address. • When unfixed number or a large number of ports are needed, you can use the IP mapping function, so that one ECS instance only needs one public IP. </td> </tr> <tr> <td style="width:187px"> Internet IP </td> <td style="vertical-align:top; width:596px"> Select one public IP. If the type of the DNAT rule is port mapping, you need to enter the port number. <img src="https://obs-cn-shanghai.yun.pingan.com/pcp-portal/20201707154612-1f9acb4b966d.png" style="height:21px; margin:1px; width:50px" />: The public IP selected is applied when you create the bandwidth package. </td> </tr> <tr> <td style="width:187px"> Private IP </td> <td style="vertical-align:top; width:596px"> You can select the ECS instance in the VPC which provides external services through one of the two following ways: • Click Select Instance, and perform the following operations: 1. Click Add Instance, and the Add Instance dialog box will open. <img src="https://obs-cn-shanghai.yun.pingan.com/pcp-portal/20201707154612-1f9acb4b966d.png" style="height:21px; margin:1px; width:50px" />: The ECS instances listed in the dialog box are ECS instances in the DMZ network domain of the VPC where the NAT gateway belongs to. 2. Check the ECS instance that needs to access the Internet, and click Confirm. 3. If the type of the DNAT rule is port mapping, enter the port number. • Click Custom IP address, and perform the following operations: 1. Fill in the IP address of the ECS instance that needs to access the Internet. <img src="https://obs-cn-shanghai.yun.pingan.com/pcp-portal/20201707154612-1f9acb4b966d.png" style="height:21px; margin:1px; width:50px" />: Confirm that the IP address is in the DMZ network domain of the VPC that the NAT gateway belongs to. 2. If the type of the DNAT rule is port mapping, enter the port number. </td> </tr> <tr> <td style="width:187px"> Protocol type </td> <td style="vertical-align:top; width:596px"> If the type of the DNAT rule is port mapping, you need to select the protocol type. There are two protocol types, including TCP and UDP. You can select one or two protocol types of them. </td> </tr> <tr> <td style="width:187px"> Description </td> <td style="vertical-align:top; width:596px"> Customize the description of the DNAT rule. </td> </tr> </tbody> </table> 3. Click Create to return to the DNAT Rule tab, where you can view the newly created DNAT rule.

Did the above content solve your problem? Yes No