A firewall rule consists of a section to segregate the firewall rules and the rule itself, which defines what network traffic is blocked or allowed.

About this task

You create firewall rules that allow administrators to connect to the different VMware solutions, rules to allow user access to the vRealize Automation portal, and to provide external connectivity to the SDDC.

Prerequisites

  • The IP sets, security groups, and distributed firewall rules from the VMware Validated Design for Software-Defined Data Center foundation are implemented.

  • The IP set for vRealize Suite Lifecycle Manager is created.

  • The Security Group for vRealize Suite Lifecycle Manager is created.

Procedure

  1. Log in to vCenter Server by using the vSphere Web Client.
    1. Open a Web browser and go to https://sfo01m01vc01.sfo01.rainpole.local/vsphere-client.
    2. Log in using the following credentials.

      Setting

      Value

      User name

      administrator@vsphere.local

      Password

      vsphere_admin_password

  2. Create a distributed firewall rule to allow administrative access to the vRealize Suite Lifecycle Manager user.

    Name

    Source

    Destination

    Service / Port

    Allow vRSLCM to Admins

    Administrators

    vRealize Suite Lifecycle Manager

    HTTPS

    1. In the VMware Management Services section, click Add rule.
    2. In the Name cell, click the Edit icon to change the rule name to Allow vRSLCM to Admins.
    3. Click the Edit icon in the Source column, change the Object Type to Security Groups, add Administrators to the Selected Objects list, and click OK.
    4. Click the Edit icon in the Destination column, change the Object Type to Security Groups, add VMware Appliances and Update Manager Download Service to the Selected Objects list, and click OK.
    5. Click the Edit icon in the Service column, enter HTTPS in the filter, add HTTPS to the Selected Objects list, and click OK.
    6. Click Publish Changes.