Very good doc and video about how to use Citrix Netscaler CloudBridge Connector with Softlayer Cloud

How to Use Citrix NetScaler CloudBridge Connector with the SoftLayer Cloud

Points to Consider when Configuring a CloudBridge Tunnel with a NAT Device

For configuring a CloudBridge tunnel, consider the following points:

-You must not deploy any dynamic NAT device before a CloudBridge tunnel end point. At least one of the CloudBridge appliances must be directly connected or behind a static NAT device.

-Make sure that the IP tunnel entity configured on each CloudBridge appliance specifies the correct IP address of the appliance at the other end point. If one of the CloudBridge appliances is behind a static NAT device, the IP tunnel entity on the peer tunnel end point (the peer CloudBridge appliance) must specify the remote tunnel end-point IP as the IP address of the NAT device, not the IP address of the CloudBridge appliance that is behind the NAT device.

Prerequisites for Configuring a Cloudbridge Tunnel

Configure firewalls to allow UDP and ESP traffic – Configure firewalls, deployed on the network edge of each of the CloudBridge tunnel end points, as follows:

-If no NAT device is deployed before each of the CloudBridge tunnel end points, that is, the public IP addresses of both the tunnel end points are directly accessible to each other, you must configure the firewall to allow the following:

Any UDP packets for port 500

Any ESP (IP protocol number 50) packets

-If a NAT device is deployed before any or each of the CloudBridge tunnel end points, that is, the public IP addresses of at least one tunnel end point is not directly accessible to the other, you must configure the firewall to allow the following:

Any UDP packets for port 500

Any UDP packets for port 4500

Any ESP (IP protocol number 50) packets