To create firewall and NAT rules, you can use preconfigured application port profiles and custom application port profiles.

Application port profiles include a combination of a protocol and a port, or a group of ports, that is used for firewall and NAT services on the edge gateway. In addition to the default port profiles that are preconfigured for NSX-T Data Center, you can create custom application port profiles.

When you create a custom application port profile on an edge gateway, it becomes visible to all the other NSX-T Data Center edge gateways that are in the same organization VDC.


  1. Navigate to Networking > Edges.
  2. Click the edge gateway and click the Security tab.
  3. Click Application Port Profiles.
  4. In the Custom Applications section, click New.
  5. Enter a name and, optionally, a description for the application port profile.
  6. Select a protocol from the drop-down menu.
  7. Enter a port, or a range of ports, separated by a comma, and click Save.

What to do next

Use application port profiles to create firewall and NAT rules. See Add an NSX-T Edge Gateway Firewall Rule and Add an SNAT or a DNAT Rule to an NSX-T Edge Gateway.