Before you connect VMware Aria Automation to your VMware Cloud on AWS SDDC, you must configure networking and firewall rules for your SDDC.
Procedure
- Configure a VPN connection over the public Internet or AWS Direct connect.
See Configure VPN Connectivity to the On-Premises Data Center and Configure AWS Direct Connect for VMware Cloud on AWS in VMware Cloud on AWS Networking and Security.
- Verify that the vCenter Server FQDN is resolvable at a private IP address on the management network.
See Set vCenter Server FQDN Resolution Address in VMware Cloud on AWS Networking and Security.
- Configure additional firewall rules if necessary.
VMware Aria Automation requires the following Management Gateway firewall rules.
See Add or Modify Management Gateway Firewall Rules in VMware Cloud on AWS Networking and Security.Table 1. Management Gateway Firewall Rules Required by VMware Aria Automation Name Source Destination Service vCenter CIDR block of on-premises data center vCenter Any (All Traffic) vCenter Ping Any vCenter ICMP (All ICMP) On Premises to ESXi Ping CIDR block of on-premises data center ESXi Management Only ICMP (All ICMP) On Premises to ESXi Remote Console and Provisioning CIDR block of on-premises data center ESXi Management Only TCP 902 On-Premises to SDDC VM CIDR block of on-premises data center CIDR block of SDDC logical network Any (All Traffic) SDDC VM to On-Premises CIDR block of SDDC logical network CIDR block of on-premises data center Any (All Traffic)
