Manualshelf

Setup guide

ManualsBrandsUpgrading everyday security ManualsHome building and DecorCommpact
31323334353637383940
Configure the Default Gateway
Provide the IP address for the vShield Edge default gateway.
Procedure
1 On the Default Gateway page, select Configure Default Gateway.
2 Select the interface that can communicate with the next hop or gateway IP address.
3 Type the IP address for the default gateway.
4 In MTU, the default MTU for the interface you selected in Step 2 is displayed. You can edit this value,
but it cannot be more than the configured MTU on the interface.
5 Click Next.
The Firewall & HA page appears.
Configure Firewall Policy and High Availability
You can change the default firewall policy, which blocks all incoming traffic.
You must configure HA parameters for high availability to work on network configurations on
vShield Edge. vShield Edge supports two virtual machines for high availability, both of which are kept up
to date with user configurations. If a heartbeat failure occurs on the primary virtual machine, the secondary
virtual machine state is changed to active. Thus, one vShield Edge virtual machine is always active on the
network.
Procedure
1 On the Firewall & HA page, select Configure Firewall default policy.
2 Specify whether to accept or deny incoming traffic by default.
Any firewall rules you create override the default policy.
3 Select whether to log incoming traffic.
If you create firewall rules that override the default policy, logging is determined by the rules you
created. Enabling default logging may generate too many logs and affect the performance of your
vShield Edge. Hence, it is recommended that you enable default logging only while troubleshooting or
debugging.
vShield Installation and Upgrade Guide
32 VMware, Inc.