You must create VMware Cloud (VMC) groups and firewall rules to build communication with vRealize Network Insight.

Prerequisites:

Configure Firewall Rules for communication between vRealize Network Insight platform and collector

Configuring firewall rules in VMware Cloud (VMC) includes:
  • Creating a VMware Cloud (VMC) group for vRealize Network Insight collector.
    1. Log in to VMware Cloud (VMC) at https://vmc.vmware.com.
    2. On the Networking & Security tab, click Inventory > Groups.
    3. On the Groups card, click COMPUTE GROUPS, then click ADD GROUP and give the group a Name and an optional Description.
    4. Click Set Members to open the Select Members page.
    5. Provide the vRealize Network Insight collector VM details.

      You use this group in the firewall rules that you create later to allow communication between VMware Cloud (VMC) NSX Manager and vRealize Network Insight.

  • Create a firewall rule.
    1. Log in to the VMC Console at https://vmc.vmware.com.
    2. On the Networking & Security tab, click Gateway Firewall.
    3. On the Gateway Firewall card, click Compute Gateway, then click ADD RULE and give the new rule a Name.
    4. Enter the parameters for the new rule.
      • Sources: Enter the name of the VMware Cloud (VMC) group containing the vRealize Network Insight collector IP address.
      • Destinations: Select Any.
      • Services: Select HTTPS, DNS, DNS-UDP, NTP, ICMP.
      • Action: Select Allow.
      • Applied To: Select Internet Interface.

      • Logging: Enable logging if required. Else this field is unchanged.

        The new rule is enabled by default. Slide the toggle to the left to deactivate it.

    5. Click Publish.

Configure Firewall Rules for communication between collector and NSX Manager, and collector and vCenter

  1. Log in to the VMC Console at https://vmc.vmware.com.
  2. On the Networking & Security tab, click Gateway Firewall.
  3. On the Gateway Firewall card, click Management Gateway, then click ADD RULE and give the new rule a Name.
  4. Enter the parameters for the new rule.
    • Sources: Enter the name of the VMware Cloud (VMC) group containing the vRealize Network Insight collector IP address.
    • Destinations: Select System Defined Groups, search for NSX Manager, and then select the NSX Manager entry.
    • Services: Select HTTPS (443).
    • Action: Select Allow.
    • Logging: Enable logging if required.

      By default, the new rule is enabled. Slide the toggle to deactivate it.

  5. Click Publish.
  6. Perform the same steps to configure a rule for the VMware vCenter Server.
    Note: Select VMware vCenter for the Destinations field in Step 4.