You can configure a service, and specify parameters for matching network traffic such as a port and protocol pairing.
You can also use a service to allow or block certain types of traffic in firewall rules. You cannot change the type after you create a service. Some services are predefined and cannot be modified or deleted.
Procedure
- From your browser, log in with admin privileges to an NSX Manager at https://<nsx-manager-ip-address>.
- Select .
- Click Add Service.
- Enter a name.
- Click Set Service Entries.
- Select a type.
The choices are
Layer 2 and
Layer 3 and above.
- Under Port-Protocol, click Add Service Entry to add one or more service entries.
For layer 2, the only available service type is
Ether.
For layer 3 and above, the available service types are IP, IGMP, ICMPv4, ICMPv6,ALG, TCP, and UDP.
- Click the Services tab to add one or more services.
Any service that you add is considered a nested service because it is included in the service that you are creating. The recommended maximum level of nesting is 3. An example of three levels of nesting: service A includes service B, service B includes service C, and service C includes service D. In addition, cyclic nesting is not allowed. In the previous example, service C cannot include service A or B.
- Click Apply.
- (Optional) Add one or more tags.
- (Optional) Enter a description.
- Click Save.