SDDC Network Administration with NSX Manager

You can use either the NSX Web UI or the VMware Cloud Console Networking & Security tab to manage your SDDC networks.

NSX Manager supports a superset of the features found on the Networking & Security tab. See NSX Manager in the NSX Data Center Administration Guide for information about how to use NSX Manager.

Accessing NSX Manager

You can use a VPN to access the local NSX manager at its private IP address, or use any browser to access it over the Internet at its public IP address. See Open NSX Manager. You can also access the local NSX manager over Direct Connect.

Note:

Many NSX workflows start by telling you to "log in with admin privileges to an NSX Manager." When you click OPEN NSX MANAGER in the VMware Cloud Console and choose ACCESS VIA THE INTERNET, you can skip this step. This option gives you access to the SDDC NSX manager with the rights included in your VMware Cloud on AWS organization role. The NSX Cloud Admin role has admin access to NSX. The the NSX Cloud Auditor has read-only access to NSX. See Assign NSX Service Roles to Organization Members for more information on service roles and how to assign them.

If you click OPEN NSX MANAGER and log in to NSX via the internal network, your role is determined by your NSX credentials, not your organization role.

Workflow Navigation

The Networking & Security tab combines NSX Networking page features like VPN, NAT, and DHCP with Security page features like firewalls and features from other NSX pages including Inventory, Plan & Troubleshoot, and System. In this publication, references to NSX user interface items apply to both the NSX Manager Web UI and the VMware Cloud Console Networking & Security tab.

Use this table to map starting points for workflows in this publication to the appropriate items in the Networking & Security tab and NSX manager

Table 1. SDDC Network Administration Workflows
Workflow	Networking & Security Tab	NSX
Overview	Overview	Overview
Create or Modify a Network Segment	Network > Segments	Networking > Connectivity > Segments
Configure a VPN Connection Between Your SDDC and On-Premises Data Center	Network > VPN	Networking > Network Services > VPN
Create or Modify NAT Rules	Network > NAT	Networking > Network Services > NAT
Add a Custom Tier-1 Gateway to a VMware Cloud on AWS SDDC	Network > Tier-1 Gateways	Networking > Connectivity > Tier-1 Gateways
Configure a Multi-Edge SDDC With Traffic Groups	Network > Transit Connect	Networking > Cloud Services > Transit Connect
Configure AWS Direct Connect Between Your SDDC and On-Premises Data Center	System > Direct Connect	Networking > Cloud Services > Direct Connect
View Connected VPC Information and Troubleshoot Problems With the Connected VPC	System > Connected VPC	Networking > Cloud Services > Connected VPC
Request or Release a Public IP Address	System > Public IPs	Networking > Cloud Services > Public IPs
Configure DNS Services	System > DNS	Networking > IP Management > DNS
Configure Segment DHCP Properties	System > DHCP	Networking > IP Management > DHCP
Add or Modify Management Gateway Firewall Rules, Add or Modify Compute Gateway Firewall Rules	Security > Gateway Firewall	Security > Gateway Firewall
Add or Modify Distributed Firewall Rules	Security > Distributed Firewall	Security > Distributed Firewall
About VMware vDefend Firewall Features	Security > Distributed IDS/IPS	Security > Distributed IDS/IPS
Working With Inventory Groups	Inventory	Inventory
Configure Monitoring and Troubleshooting Features	Tools	Plan & Troubleshoot