To protect traffic to and from an edge gateway, you can create and manage firewall rules on that edge gateway.
For information about protecting traffic traveling between virtual machines in an organization virtual data center, see Managing the Distributed Firewall on a VMware Cloud Director Organization Virtual Data Center.
Rules created on the distributed firewall screen that have an advanced edge gateway specified in their Applied To column are not displayed in the Firewall screen for that advanced edge gateway .
The edge gateway firewall rules for an edge gateway are displayed in the Firewall screen and are enforced in the following order:
- Internal rules, also known as auto-plumbed rules. These internal rules enable control traffic to flow for edge gateway services.
- User-defined rules.
- Default rule.
The default rule settings apply to traffic that does not match any of the user-defined firewall rules. The default rule is displayed at the bottom of the rules on the Firewall screen.
In the tenant portal, use the Enable toggle on the Firewall Rules screen of the edge gateway to activate or deactivate an edge gateway firewall.
