NAT setting

[Update: May 16, 2019]

The following is an explanation on how to set the NAT functions of the VPC router.

Overview

The VPC router supports the following NAT functions.

  • IP masquerade (Forward NAT)
  • Port forwarding (Reverse NAT)
  • Static NAT (1:1 NAT)

Note

*Static NAT is only available for the premium plan and high spec plan.

IP masquerade (Forward NAT)

IP masquerade is a function that realizes Internet communication from a server with a private address.

For the standard plan, it is translated to the IP address assigned to the global interface, and for the premium plan and high spec plan, it is translated to the virtual IP address set for the global interface.

Note that this function will operate by default at the same time as a VPC router is launched. There is no particular setting item on the control panel. Also, you cannot stop the function.

Port forwarding (Reverse NAT)

Port forwarding is a function to forward the communication arriving at a specific port of the global IP address of a VPC router to a specific port of the server with a private address.

From the settings screen of the VPC router you want to configure, select the [NAT] tab and then [Port Forwarding] tab. A list of set static NATs will appear. Click the [Add] button to add a new one.

The settings screen to add port forwarding will appear. Enter the information in each setting item.

Protocols Select protocol of the packet that is subject to port forwarding from TCP or UDP.
Port number on the global side Enter the port number on the global network side of the packet that is subject to port forwarding as an integer in the range from 1 to 65535.
IP address on the private side Enter the IP address on the private network (VPC network) side.
Port number on the private side Enter the port number on the private network (VPC network) side as an integer in the range from 1 to 65535.

*Entry of these items is required.
*Hairpin NAT (NAT loop back) will function.

When the setting is completed, it is added to the list. The created entries can be edited with the pencil icon on the right of the list and deleted with the delete icon.

*When you add, change, or delete port forwarding settings, you need to click the [Apply] button to update the settings to the VPC router side. (even if the VPC router is in the active state, the setting is updated by clicking the [Apply] button without turning it off.)

Static NAT (1:1 NAT)

Note

*This function is available for the premium plan/high spec plan.

Static NAT is a function to transfer incoming communications to a global IP address set as the IP alias of the global interface to the server with the specified private IP address. It also converts the source IP address for the Internet communication from a specified private IP address to a specified global IP address.

From the settings screen of the VPC router you want to configure, select the [NAT] tab and then [Static NAT] tab. A list of the set static NATs will appear. Click the [Add] button to add a new one.

The setting screen to add static NAT will appear. Enter the information in each setting item.

IP address on the global side Select an IP address on the global network side for the static NAT from IP address alias (*1).
IP address on the private side Enter the IP address on the private network (VPC network) side for the static NAT.

*1 For the IP address alias setting, please refer to “3. Setting interface on the global network side” of :doc: Interface setting <vpc-interface>.

Note

These settings enable the function of hairpin NAT (NAT loopback).

When the setting is completed, it is added to the list. The created entries can be edited with the pencil icon on the right of the list and deleted with the delete icon.

Attention

*When you add, change, or delete the static NAT setting, you need to click the [Apply] button to update the settings to the VPC router side. (even if the VPC router is in the active state, the setting is updated by clicking the [Apply] button without turning it off.)