When you are creating NAT rules either in VMM or Azure Pack you should know there are some limitations on Source and Destination Ports. When we open Azure Pack Tenant portal, go to our VM Network, than to Rules you have the Add button on bottom. This assumes that you’ve already enabled NAT for that VM Network. When you click Add the following dialog appears:
The name of the NAT rule does not necessary needs to be unique. What needs to be unique for VM Network/NAT connection is the pair of Source Port and Protocol.
Now about the port ranges for Source and Destination:
- There are no limitations for Destination Port than the standard one. There you can put any number from 1- 65535.
- For source port you can put number only in the following range 1-49151. The reason behind this is probably ports above 49151 are used by the gateway itself.
The same rules apply when you use VMM PowerShell or VMM console.
You can find more about ports here.
By the way SCVMM has a undocumented registry key to change the source port range for new NAT connections.
I wrote on my blog about it: http://www.jofe.ch/open-
high-ports-over-49151-on-a-windows-server-gateway/