Firewall rules can be set to allow, block, or reject traffic from a specified source, destination, or service.

Procedure

  1. Point to the Action cell of the new rule and make appropriate selections as described in the table below.

    Action

    Results in

    Allow

    Allows traffic from or to the specified source(s), destination(s), and service(s).

    Block

    Blocks traffic from or to the specified source(s), destination(s), and service(s).

    Reject

    Sends reject message for unaccepted packets.

    RST packets are sent for TCP connections.

    ICMP messages with administratively prohibited code are sent for UDP, ICMP, and other IP connections.

    Log

    Logs all sessions matching this rule. Enabling logging can affect performance.

    Do not log

    Does not log sessions.

  2. (Optional) Enable logging.

    Option

    Description

    NSX 6.4.1

    In the Logging column, click the Log button to on.

    NSX 6.4.0

    1. Point to the Action cell of the new rule and click edit

    2. Select Log or Do not Log. Logging logs all sessions that match this rule and can affect performance.