Before you connect VMware Aria Automation to your VMware Cloud on AWS SDDC, you must configure networking and firewall rules for your SDDC.

Procedure

  1. Configure a VPN connection over the public Internet or AWS Direct connect.
  2. Verify that the vCenter Server FQDN is resolvable at a private IP address on the management network.
    See Set vCenter Server FQDN Resolution Address in VMware Cloud on AWS Networking and Security.
  3. Configure additional firewall rules if necessary.
    VMware Aria Automation requires the following Management Gateway firewall rules.
    Table 1. Management Gateway Firewall Rules Required by VMware Aria Automation
    Name Source Destination Service
    vCenter CIDR block of on-premises data center vCenter Any (All Traffic)
    vCenter Ping Any vCenter ICMP (All ICMP)
    On Premises to ESXi Ping CIDR block of on-premises data center ESXi Management Only ICMP (All ICMP)
    On Premises to ESXi Remote Console and Provisioning CIDR block of on-premises data center ESXi Management Only TCP 902
    On-Premises to SDDC VM CIDR block of on-premises data center CIDR block of SDDC logical network Any (All Traffic)
    SDDC VM to On-Premises CIDR block of SDDC logical network CIDR block of on-premises data center Any (All Traffic)
    See Add or Modify Management Gateway Firewall Rules in VMware Cloud on AWS Networking and Security.