Traffic attempting to pass through the firewall is subjected to the rules in the order shown in the ALL RULES list.
The order of distributed firewall rules in the ALL RULES list is the union of the ordered list of policies and the ordered list of rules in each policy. You can reorder the distributed firewall sections and rules within a section. You can also edit existing distributed firewall configuration, delete, or clone a firewall rule or section.
Procedure
- With CloudAdmin privileges, log in to NSX Manager.
- Open the Distributed Firewall page.
- (Optional) Modify policy settings.
Click the vertical ellipsis button at the beginning of the policy row to take bulk actions, which affect all rules in the policy. You cannot modify these settings if the policy includes any rules.
- (Optional) Reorder policies.
A policy created from the ADD POLICY button is placed at the top of the list of policies. Firewall rules in each policy are applied in policy order from top to bottom. To change the position of a policy (and all the rules it contains) in the list, select it and drag it to a new position. Click PUBLISH to publish the change.
- (Optional) Clone or copy a rule.
Click
at the beginning of the rule row, then click:
- Clone Rule to make a copy of the rule in this policy.
- Copy Rule to make a copy of the rule that you can add to another policy.
- (Optional) Add or delete a rule.
Click
at the beginning of the rule row, then click:
- Add Rule to add a rule in this policy.
- Delete Rule to delete the rule from this policy.
- (Optional) Save or view distributed firewall configurations.
Distributed firewall configurations in
VMware Cloud on Public Cloud are similar to the
Firewall Drafts feature of on-premises
NSX. Click
to view a list of saved configurations. Click
to save the current configuration. Configurations are auto-saved by default. Click
to disable
Auto Save Drafts.
