Private networks have no upstream (North – South) NAT or routing when they are deployed. They are networks attached to the deployed NSX Edge Gateway that have East – West routing to other netowrks attached to the same NSX Edge Gateway and that is it. Due to this unlike the other NSX related Network Profiles we can create the Private Network Profile does not need to have an External Network Profile attached to it. It’s simply a range of IP’s to be used for the machines provisioned on to the network.
In the below diagram the blue network will be my private network. Machines placed on the blue network will only be able to communicate with machines placed on the orange or green network and not anything upstream. I can also limit it’s communications further by using security policies which we will discuss as a separate topic
Creating a Private Network Profile
1. Navigate to Infrastructure –> Reservations –> Network Profiles and hover of New Network Profile and then select Private.
2. Assign a Name, Subnet Mask, and Gateway for the network and then select the IP Ranges tab.
3. Select New Network Range then assign a Name, Starting and Ending IP address, and select OK. Then click OK to save the Private Network Profile.