To create firewall and NAT rules, you can use preconfigured application port profiles and custom application port profiles.

Application port profiles include a combination of a protocol and a port, or a group of ports, that is used for firewall and NAT services on the edge gateway. In addition to the default port profiles that are preconfigured for NSX-T Data Center, you can create custom application port profiles.

When you create a custom application port profile on an edge gateway, it becomes visible to all the other NSX-T Data Center edge gateways that are in the same organization VDC.


  1. Open Edge Gateway Services.
    1. From the main menu (Menu), select Cloud Resources.
    2. In the left panel, click Edge Gateways.
    3. Click the radio button next to the name of the target edge gateway, and click Services.
  2. Click the edge gateway and click the Security tab.
  3. Click Application Port Profiles.
  4. In the Custom Applications section, click New.
  5. Enter a name and, optionally, a description for the application port profile.
  6. Select a protocol from the drop-down menu.
  7. Enter a port, or a range of ports, separated by a comma, and click Save.

What to do next

Use application port profiles to create firewall and NAT rules. See Add an NSX-T Edge Gateway Firewall Rule and Add an SNAT or a DNAT Rule to an NSX-T Edge Gateway.