Help Center
Choose product document...
Veeam Backup & Replication 9.5
Veeam Cloud Connect Guide

Step 3. Specify Networking Settings

At the Networking step of the wizard, select the network mode that will be used by the cloud gateway to communicate with Veeam backup servers on tenants’ side.

You can choose between two network modes: direct mode or NAT mode.

  • If a cloud gateway has a direct network connection to Veeam backup servers on tenants’ side, select This server is connected directly to the internet. From the NIC list, select a network interface card on the cloud gateway that will be used to communicate with tenants’ Veeam backup servers.
  • If a cloud gateway is located in the local network behind the NAT gateway:
  1. Select Located behind NAT or uses external DNS name.
  2. In the DNS name field, specify a DNS name of the NAT gateway.
  3. In the Internal port field, specify a port on the local network behind the NAT used for listening to connections from tenants. By default, port 6180 is used.
  4. On your NAT gateway, configure the port forwarding rule: from an incoming port (specified in the External port field at the previous step of the wizard) to the port on the local network used for listening to connections (specified at the Incoming port field at this step of the wizard). For example, if you use default port number values, you must configure the following port forwarding rule: from port 6180 to port 6180.

Step 3. Specify Networking Settings Note:

Mind the following:

  • If you use a TLS certificate verified by a CA to establish a secure connection between Veeam Cloud Connect infrastructure components, it is recommended that you choose This server is located behind NAT network mode for all cloud gateways, including those that have direct network connection to the internet. To learn more, see Network Settings with Verified SSL Certificates.
  • Public DNS names (recommended) or IP addresses of all cloud gateways must be accessible to all tenants and subtenants who work with the SP. Some of the cloud gateways may be temporarily unavailable, for example, due to a failure or for maintenance purposes. However, it is not recommended that one or more IP addresses of a cloud gateway are permanently available only to the limited number of tenants. Such configuration may impact performance of jobs created by tenants and subtenants.

Step 3. Specify Networking Settings 

Network Settings with Verified TLS Certificates

If you use a verified TLS certificate in your Veeam Cloud Connect infrastructure, it is recommended that you configure a cloud gateway in the following way:

  1. DNS names of all cloud gateways in Veeam Cloud Connect infrastructure must be associated with the verified TLS certificate.
  2. For all cloud gateways, specify the following network settings in the New Cloud Gateway wizard:
  1. Select Located behind NAT or uses external DNS name.
  2. In the DNS name field, specify an external DNS name of the cloud gateway (in case of direct connection) or a DNS name of the NAT gateway (if a cloud gateway is located behind the NAT gateway).
  3. In the Internal port field, specify a port used for listening to connections from tenants:
Veeam Large Logo

User Guide for VMware vSphere

User Guide for Microsoft Hyper-V

Enterprise Manager User Guide

Veeam Cloud Connect Guide

Veeam Agent Management Guide

Veeam Backup Explorers User Guide

PowerShell Reference

RESTful API Reference

Veeam Backup FREE Edition User Guide

Veeam Backup for Microsoft Office 365

Veeam ONE Documentation

Veeam Agent for Windows Documentation

Veeam Agent for Linux Documentation

Veeam Management Pack Documentation