For a consolidated view of your policy sections and rules, you can export your firewall configuration to a file. NSX-T Data Center creates a report of your firewall configuration as a CSV file. You can also import a firewall configuration and view it as a draft in NSX-T Data Center.
- You can choose to export your published configuration, an auto-saved draft, or a manually saved draft.
- When exporting a firewall configuration on a Local Manager appliance, only the Local Manager configuration is exported. Configuration that has been synced from a Global Manager is not exported as part of the Local Manager configuration.
- The import operation is not available on a Global Manager appliance.
- The exported CSV file and the metadata file together are available for download as a ZIP file.
- You can only run one export operation and one import operation simultaneously. Running multiple export or multiple import operations simultaneously is not supported.
Procedure
- With admin privileges, log in to NSX Manager.
- Select .
- Export the firewall configuration.
- Enter a passphrase and click Export.
A notification is displayed when the configuration has been exported.
You cannot publish a configuration when the export operation is in progress. If necessary, you can cancel the export operation.
- Click Download to save the ZIP file containing the CSV and metadata files.
- To import a firewall configuration, navigate to , and select .
When importing rules with groups, the groups must be created on the destination environment without typos. If not, you will get a Deleted_Object
error message instead of the group name when importing the rules.
Editing the name of the Group to fix the typo does not fix the issue, because the UUID stays with the the original name.
- Browse to select the ZIP file containing the configuration that you want to import. Enter a name and the passphrase that was used when saving the configuration, and click Import.
Ensure that you select a ZIP file that has not been modified after it was downloaded.
A notification is displayed if the file to be imported is corrupt or the incorrect passphrase has been used.
Note: You can only import configuration that has been defined in
NSX-T Data Center. Importing third-party firewall configuration is not supported.
The imported configuration is saved as a manual draft in
NSX-T Data Center. You can edit the draft and then publish it as required. For more information on working with drafts, see
Firewall Drafts.