Before you can use the tenant portal to work with the distributed firewall capabilities provided by NSX Data Center for vSphere on an organization virtual data center, the distributed firewall must be enabled for that organization virtual data center. A VMware Cloud Director system administrator or a user granted the org_vdc_distributed_firewall_enable right can enable the distributed firewall on an organization virtual data center.
You use the Distributed Firewall screen in the tenant portal to enable the distributed firewall for an organization virtual data center.
Prerequisites
Verify that the organization to which the organization virtual data center belongs has the following rights assigned to it:
- Organization vDC Distributed Firewall: Enable/Disable
- Organization vDC Distributed Firewall: Configure Rules
- Organization vDC Distributed Firewall: View Rules
The VMware Cloud Director system administrator assigns rights to an organization. The Organization vDC Distributed Firewall: Enable/Disable right is required for activating the distributed firewall using the user interface in the tenant portal. The Organization vDC Distributed Firewall: View Rules right is required for viewing the firewall rules in the tenant portal and the Organization vDC Distributed Firewall: Configure Rules right is required for configuring the firewall rules using the tenant portal.
Verify that you have an assigned role that grants you the right named Organization vDC Distributed Firewall: Enable/Disable. Of the pre-defined roles in a VMware Cloud Director system, only the System Administrator role has that right by default.
Procedure
- On the Virtual Data Center dashboard screen, click the card of the virtual data center you want to explore and under Networking, select Security.
- Select the organization virtual data center for which you want to configure distributed firewall rules.
- Click Configure Services.
- Enable distributed firewall on the Distributed Firewall tab.
What to do next
For a description of the default distributed firewall rule, see Managing NSX Data Center for vSphere Distributed Firewall Rules Using the Tenant Portal.