After deploying the vCenter Server you must add it to the exclusion list. The default rule in Region b also needs to be changed to deny.
- Log in to vCenter Server by using the vSphere Web Client.
- Open a Web browser and go to https://mgmt01vc51.lax01.rainpole.local/vsphere-client.
- Log in using the following credentials.
- Exclude vCenter Server in Region B from firewall protection.
- Click NSX Managers and select the 172.17.11.65 instance.
- Click Manage and click Exclusion List.
- Click the Add button.
- Add mgmt01vc51 to the Selected Objects list and click OK.
- Change the default rule action from allow to block for Region B.
- In the Navigator, click Networking & Security and click Firewall.
- From the NSX Manager drop-down menu, select 172.17.11.65.
- Under Default Section Layer3, in the Action column for the Default Rule, change the action to Block.
- Click Publish Changes.