To create firewall rules and add them to an NSX-T Data Center edge gateway, you must first create IP sets. IP sets are groups of objects to which the firewall rules apply. Combining multiple objects into IP sets helps reduce the total number of firewall rules to be created.
Procedure
- In the top navigation bar, click Networking and click the Edge Gateways tab.
- Click the NSX-T edge gateway.
- Under Security, click IP Sets tab and click New.
- Enter a name and, optionally, a description for the IP set.
- Enter an IP address or an IP addresses range for the virtual machines that the IP set includes, and click Add.
- To save the firewall group, click Save.
