You can decrease the scope of an NSX edge gateway that acts as an egress point to a data center group and scope it to a specific VDC.

When you decrease the scope of an edge gateway to a specific VDC, all security group objects that are in use by the edge gateway remain with it. Security groups that are used exclusively by the distributed firewall remain part of the VDC group.

Prerequisites

  • Verify that your role includes the Edge Gateway: Edit right.
  • Verify that the VDC to which you want to decrease the scope of the edge gateway is a member of the data center group.
  • Verify that there are no workloads attached to any routed networks that are not part of the targeted edge gateway scope.
  • Verify that there are no security groups or IP sets in the data center group that are in use by both the edge gateway and the distributed firewall.

Procedure

  1. From the primary left navigation panel, select Networking and from the page top navigation bar, select Edge Gateways.
  2. Click the NSX edge gateway.
  3. On the right of the edge gateway name, click Decrease Scope.
  4. Select a VDC to which to decrease the scope of the edge gateway and click Save.