Oracle Cloud Infrastructure Documentation

Configuring a NAT Gateway

On Compute Cloud@Customer, you can configure NAT gateways for VCNs.

A NAT gateway is used to translate IP addresses as traffic passes from one part of an IP network to another. This prevents sources and destinations from having identical IP addresses, and allows RFC 1918 private addresses used in Compute Cloud@Customer traffic to communicate with on-premises data center networks.

A NAT gateway is attached to a VCN at the subnet level, allowing finer control of the address translations. The NAT gateway is configured separately from the VCNs, and isn't required to be in the same compartment as the VCN (but can be). However, the NAT gateway is within the VCN, and only one NAT per VCN is allowed. The NAT address becomes the source address for traffic sent on to the data center network.

Once created, the NAT Gateway is ready for the addition of route rules or security settings. Note that the name of the gateway (natgatewayUniqueID) is assigned automatically and not by a parameter, and that the IP address of the device is also assigned automatically.

For more conceptual information, see NAT Gateway.

Avoid entering confidential information in names and tags.

    1. In the Compute Cloud@Customer Console navigation menu, click Networking, then click Virtual Cloud Networks.

    2. At the top of the page, select the compartment that contains the VCN where the NAT gateway will be created.

    3. Click the name of the VCN.

      The VCN details page is displayed.

    4. Under Resources, click NAT Gateways.

    5. Click Create NAT Gateway.

    6. Enter the following information:

      • Name: Provide a descriptive name for the NAT gateway. Avoid entering confidential information

      • Create in Compartment: Select the compartment in which to create the NAT Gateway.

      • Block Traffic Choose whether to block traffic to this NAT Gateway.

        • (Yes: Traffic Not Blocked): By default, the VCN uses the NAT gateway even if it's not configured.

        • (No: Traffic Blocked): You can set the NAT gateway not see traffic until it's explicitly enabled to do so.

      • Tagging: (Optional) Add one or more tags to this resource. Tags can also be applied later. For more information about tagging resources, see Resource Tags.

    7. Click Create NAT Gateway.

      The NAT Gateway is now ready for the addition of route rules or security settings. See Configuring VCN Rules and Options.

  • Use the oci network nat-gateway create command and required parameters to create a new NAT gateway for the specified VCN. You must also set up a route rule with the NAT gateway as the rule’s target.

    oci network nat-gateway create [OPTIONS]

    For a complete list of CLI commands, flags, and options, see the Command Line Reference.

  • Use the CreateNatGateway operation to create a new NAT gateway for the specified VCN.

    For information about using the API and signing requests, see REST APIs and Security Credentials. For information about SDKs, see Software Development Kits and Command Line Interface.