After you deploy a recovery SDDC, you can create a firewall rule to allow an SDDC vCenter access from public IP addresses in your network.

To allow access to your recovery SDDC by public IP addresses (or IP address ranges) in your network, create a firewall rule in the VMware Cloud on AWS console.

Prerequisites

For this task, make sure you have compiled a list of the public IP addresses that you want to allow access to your recovery SDDC.

Procedure

  1. Log in to VMware Cloud console at https://console.cloud.vmware.com.
  2. Select the VMware Cloud on AWS on AWS tile, and then select a recovery SDDC.
  3. On the Networking & Security tab, select Gateway Firewall.
  4. On the GATEWAY FIREWALL page, select Management Gateway.
  5. To add a rule, click ADD RULE and give the new rule a name.
  6. Click the pencil icon (Icon of pencil used to edit firewall rules.) in the Source field of the rule and select User defined groups.
  7. Click the Add group button, and enter a name for the group.
  8. To add your public IP addresses (or ranges) to this group, click Set members and then enter your public IP addresses in the middle field.
  9. Click Apply.
  10. Click the pencil icon in the Destination field, and then set the rule Destination to your recovery SDDC vCenter IP address.
  11. Next, click the pencil icon in the Services field, and add the following services to the firewall rule:
    • HTTPS
    • ICMP ALL
    • SSO
  12. Ensure that the firewall rule is enabled, and then click Publish to save and activate this rule.