After configuring the network of the SDDC and configuring the network of VMware Cloud on AWS for pairing with remote VMware Cloud Director Availability sites, check the summary of the network configuration.

Management Gateway Firewall Rules

Name Sources Destinations Services Explanation
vCenter Inbound From Trusted Management Sources Rule Trusted Management Sources Group vCenter
  • SSO
  • HTTPS
  • ICMP
Allows the trusted management sources accessing the management gateway vCenter Server for the deployment of the cloud appliances in the compute gateway.
SNAT VCDA to vCenter Rule SNAT VCDA Management Group vCenter HTTPS Allows the compute gateway source NAT accessing the management gateway vCenter Server for bridging the access from the compute gateway cloud VMware Cloud Director Availability appliances.
VCDA Replicators to ESXi Rule VCDA Replicators Management Group ESXi
  • HTTPS
  • Provisioning & Remote Console
Allows all the Cloud Replicator Appliance instances writing in the destination ESXi datastore.

For information about creating these management firewall rules, see Prepare the SDDC in VMware Cloud on AWS for Deployment and Configure the Network of the SDDC in VMware Cloud on AWS.

Compute Gateway Firewall Rules

Name Sources Destinations Services Explanation
VCDA Manager from Trusted Compute Sources Rule Trusted Compute Sources Group VCDA Manager Compute Group VCDA-Cloud-Service-Management TCP (Source: Any | Destination: 8046) Allows the trusted compute sources accessing the Cloud Replication Management Appliance for completing the initial setup wizard.
VCDA Appliances Outbound Compute Rule
  • VCDA Manager Compute Group
  • VCDA Replicators Compute Group
  • VCDA Tunnel Compute Group
Any Any Allows the VMware Cloud Director Availability appliances to Internet for the external network traffic from the compute gateway.
VCDA Pairing Compute Rule VCDA Pairing Compute Group VCDA Tunnel Compute Group VCDA-Service-Endpoint TCP (Source: Any | Destination: 8048) Allows the on-premises tenants and the remote cloud sites backed by VMware Cloud Director pairing with VMware Cloud Director Availability in VMware Cloud on AWS.

For information about creating these compute firewall rules, see Configure the Network of the SDDC in VMware Cloud on AWS and Configure VMware Cloud on AWS Network for VMware Cloud Director Availability Pairing.