Follow this workflow to access managed VMs in the underlay mode.
At the time of deploying the PCG on your VPC or VNet, NSX Cloud creates default firewall rules to enhance the security of your workload VMs.
To access managed workload VMs in underlay mode you need to add a distributed firewall (DFW) rule that opens up access to the VM.
Do the following:
- Open the NSX Manager console.
- Go to
- Add a rule with the following configurations. See Add a Firewall Rule for detailed instructions.
Table 1. Option Description Name Provide a name to define the purpose of this rule, for example, AllowRemoteAccessToUnderlay. Source Pick Any. Destination Pick the logical switch or port or NSGroup that this VM is attached to or is a member of. Services Pick remote-access services for this workload VM, for example, SSH for Linux, or RDP for Windows. Action Pick Allow.