A logical port, logical switch, or NSGroup can be excluded from a firewall rule.

About this task

After you've created a section with firewall rules you may want to exclude an NSX-T appliance port from the firewall rules.


  1. Select Firewall in the navigation panel.
  2. Click the Exclusion List tab.

    The exclusion list screen appears.

  3. To add an object, click Add on the menu bar.

    A dialog box appears.

  4. Select a type and an object.

    The available types are Logical Ports, Logical Switch, and NSGroup.

  5. Click Save.
  6. To remove an object from the exclusion list, select the object and click Delete on the menu bar.
  7. Confirm the delete.