Configuring VMware Cloud on AWS GovCloud Networking and Security Using NSX-T

Docs

Docs
(current)
VMware Communities

Twitter Facebook LinkedIn 微博

Follow this workflow to configure NSX-T networking and security in your SDDC.

Assign NSX Service Roles to Organization Members
Grant users in your organization an NSX service role to allow them to view or configure features on the Networking & Security tab.
Configure AWS Direct Connect Between Your SDDC and On-Premises Data Center
Use of AWS Direct Connect is optional. If traffic between your on-premises network and your SDDC workloads requires higher speeds and lower latency than you can achieve with a connection over the public Internet, configure VMware Cloud on AWS GovCloud to use AWS Direct Connect.
Configure Direct Connect to a Private Virtual Interface for SDDC Management and Compute Network Traffic
Your DX connection requires a private virtual interface to enable vMotion, ESXi Management, Management Appliance, and workload traffic to use it.
Specify the Direct Connect MTU
The default Maximum Transmissible Unit (MTU) for all SDDC networks is 1500 bytes. When you use Direct Connect, you can specify a larger MTU for the traffic it carries.
Configure a VPN Connection Between Your SDDC and On-Premises Data Center
Configure a VPN to provide a secure connection to your SDDC over the public Internet or AWS Direct Connect. Route-based and policy-based VPNs are supported. Either type of VPN can connect to the SDDC over the Internet. A route-based VPN can also connect to the SDDC over AWS Direct Connect.
Configure Management Gateway Networking and Security
The management network and Management Gateway are largely preconfigured in your SDDC, but you'll still need to configure access to management network services like vCenter and create management gateway firewall rules to allow traffic between the management network and other networks, including your on-premises networks and other SDDC networks.
Configure Compute Gateway Networking and Security
Compute Gateway networking includes a compute network with one or more segments and the DNS, DHCP, and security (gateway firewall and distributed firewall) configurations that manage network traffic for workload VMs. It can also include a layer 2 VPN and extended network that provides a single broadcast domain that spans your on-premises network and your SDDC workload network.
Managing Workload Connections
Workload VMs connect to the Internet by default. NAT rules and distributed firewall rules give you fine-grained control over these connections.

Resources

Blogs
Careers
Communities
Customer Stories

News and Stories
Topics
Trust Center

Support

Broadcom Support
Documentation
Hands-On Labs
Licensing

Twitter
YouTube
Facebook
LinkedIn
Contact Sales

Copyright © 2005-2024 Broadcom. All Rights Reserved. The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. Accessibility Privacy Supplier Responsibility Terms Of Use

Share on Social Media?

:

|

x

" "?