Firewall rules can be set to allow, block, or reject traffic from a specified source, destination, or service.

Procedure

  1. Point to the Action cell of the new rule and make appropriate selections as described in the table below.
    Action Results in
    Allow Allows traffic from or to the specified source(s), destination(s), and service(s).
    Block Blocks traffic from or to the specified source(s), destination(s), and service(s).
    Reject Sends reject message for unaccepted packets.

    RST packets are sent for TCP connections.

    ICMP messages with administratively prohibited code are sent for UDP, ICMP, and other IP connections.

    Log Logs all sessions matching this rule. Enabling logging can affect performance.
    Do not log Does not log sessions.
  2. (Optional) Enable logging.
    Option Description
    NSX 6.4.1

    In the Logging column, click the Log button to on.

    NSX 6.4.0
    1. Point to the Action cell of the new rule and click edit
    2. Select Log or Do not Log. Logging logs all sessions that match this rule and can affect performance.