Exclude vCenter Server from all of your distributed firewall rules. This ensures that network access between vCenter Server and NSX is not blocked.

You configure NSX Distributed Firewall using vCenter Server. If a rule prevents access between NSX Manager and vCenter Server, you are not able to manage the distributed firewall. You must exclude vCenter Server from all of your distributed firewall rules, ensuring that access between the two products is not blocked.


  1. Log in to vCenter Server by using the vSphere Web Client.
    1. Open a Web browser and go to https://nyc01r01vc01.rainpole.local/vsphere-client.
    2. Log in using the following credentials.



      User name




  2. Exclude vCenter Server instances from firewall protection.
    1. In the Navigator, click Networking & Security.
    2. Click Firewall Settings and select the Exclusion List tab.
    3. Select from the NSX Manager drop-down menu.
    4. Click the Add button.
    5. Add nyc01r01vc01 to the Selected Objects list, and click OK.