Follow this workflow to access managed VMs in the underlay mode.

At the time of deploying the PCG on your VPC or VNet, NSX Cloud creates default firewall rules to enhance the security of your workload VMs.

To access managed workload VMs in underlay mode you need to add a distributed firewall (DFW) rule that opens up access to the VM.

Do the following:

  1. Open the NSX Manager console.

  2. Go to Firewall > General > Add Rule

  3. Add a rule with the following configurations. See Add a Firewall Rule for detailed instructions.

    Table 1.

    Option

    Description

    Name

    Provide a name to define the purpose of this rule, for example, AllowRemoteAccessToUnderlay.

    Source

    Pick Any.

    Destination

    Pick the logical switch or port or NSGroup that this VM is attached to or is a member of.

    Services

    Pick remote-access services for this workload VM, for example, SSH for Linux, or RDP for Windows.

    Action

    Pick Allow.