Exclude vCenter Server from all of your distributed firewall rules. This ensures that network access between vCenter Server and NSX is not blocked.

About this task

You configure NSX Distributed Firewall using vCenter Server. If a rule prevents access between NSX Manager and vCenter Server, you will not be able to manage the distributed firewall. For this reason, you must exclude vCenter Server from all of your distributed firewall rules, ensuring that access between the two products is not blocked.


  1. Log in to vCenter Server by using the vSphere Web Client.
    1. Open a Web browser and go to https://nyc01vc01.rainpole.local/vsphere-client.
    2. Log in using the following credentials.



      User name




  2. In the Navigator, click Networking & Security.
  3. Click NSX Managers and select the instance.
  4. Click Manage and then click Exclusion List.
  5. Click the Add button.
  6. Add nyc01vc01 to the Selected Objects list, and click OK.