You can import a firewall configuration XML file exported from NSX Manager, and then load the configuration in the firewall table. The imported configuration overwrites the existing rules.
- Log in to vCenter Server by using the vSphere Web Client.
- Open a Web browser and go to https://sfo01m01vc01.sfo01.rainpole.local/vsphere-client.
- Log in using the following credentials.
- From the Home menu, select Networking & Security.
- In the Navigator pane, click Firewall.
- On the Firewall page, click the Saved Configurations tab.
- From the NSX Manager drop-down menu, select the IP address of the NSX Manager instance that runs the firewall rules.
NSX Manager for the management cluster
NSX Manager for the shared edge and compute cluster
- On the Saved Configurations tab, click the Import configuration icon.
- In the Import configuration dialog box, locate the firewall configuration XML file by clicking Browse button and click OK to close the dialog.
Rules are imported based on rule names. During the import, the firewall ensures that each object referenced in the rule exists in your environment. If an object is not found, the rule is marked as invalid. If a rule references a dynamic security group, the dynamic security group is created in NSX Manager during the import. If your current configuration contains rules that are managed by Service Composer, these rules are overwritten when you load the imported firewall configuration.
- If your current configuration contains rules that are managed by Service Composer, synchronize the imported rules and have them managed by the Service Composer again.
- On the Service Composer page, click the Security Policies tab and select the policy.
- From the Actions menu, select Synchronize Firewall Config.