You can change the order of user-defined firewall rules that were added in the Edge Firewall tab to customize traffic flowing through the NSX Edge. For example, suppose you have a rule to allow load balancer traffic. You can now add a rule to deny load balancer traffic from a specific IP address group, and position this rule above the LB allow traffic rule.

Procedure

  1. In the vSphere Web Client, navigate to Networking & Security > NSX Edges.
  2. Double-click an NSX Edge.
  3. Click the Monitor tab and then click the Firewall tab.
  4. Select the rule for which you want to change the priority.
    Note:

    You cannot change the priority of auto-generated rules or the default rule.

  5. Click the Move Up (Move Up icon) or Move Down (Move Down icon) icon.
  6. Click OK.
  7. Click Publish Changes.