You can add a new section in the firewall table to organize your rules or to create a universal section for use in cross-vCenter NSX environments.

Before you begin

Determine the appropriate NSX Manager on which to make your changes.

  • In a standalone or single vCenter NSX environment there is only one NSX Manager so you do not need to select one.

  • Universal objects must be managed from the primary NSX Manager.

  • Objects local to an NSX Manager must be managed from that NSX Manager.

  • In a cross-vCenter NSX environment that does not have Enhanced Linked Mode enabled, you must make configuration changes from the vCenter linked to the NSX Manager that you want to modify.

  • In a cross-vCenter NSX environment in Enhanced Linked Mode, you can make configuration changes to any NSX Manager from any linked vCenter. Select the appropriate NSX Manager from the NSX Manager drop-down menu.

Procedure

  1. In the vSphere Web Client, navigate to Networking & Security > Firewall.
  2. If there is more than one NSX Manager available, select one. You must select the Primary NSX Manager to add a universal section.
  3. Ensure that you are in the General tab to add a section for L3 rules. Click the Ethernet tab to add a section for L2 rules.
  4. Click the Add Section (add) icon.
  5. Type a name for the section and specify the position for the new section. Section names must be unique within NSX Manager.
  6. (Optional) : To create a universal section, select Mark this section for Universal Synchronization.
  7. Click OK and then click Publish Changes.

What to do next

Add rules to the section. You can edit the name of a section by clicking the Edit section (Edit section) icon for that section.