Advanced Networking Services Guide
Table Of Contents
- vCloud Air Advanced Networking Services Guide
- Contents
- Preface
- Introducing Advanced Networking Services for vCloud Air
- Advanced Routing for vCloud Air
- Certificate and Security Group Management
- Network Security and Isolation
- Load Balancing
- Secure Access Using Virtual Private Networks
- IP Service Management: NAT and DHCP
- Index
2 Auto-plumbed rules (rules that enable control traffic to flow for edge gateway services).
3 User-defined rules on Firewall user interface.
4 Default rule.
Add an Edge Gateway Firewall Rule
The Firewall tab displays rules created on the centralized Firewall tab in a read-only mode. Any rules that
you add here are not displayed on the centralized Firewall tab. You can add multiple edge gateway
interfaces and IP address groups as the source and destination for firewall rules.
When you select vNIC Group and vse as an object for a source or destination, the rule applies to traffic
generated by the edge gateway. When you select internal or external, the rule applies to traffic coming from
any internal or uplink interface of the selected edge gateway instance.
NOTE Edge gateway firewall rules on internal interfaces do not work when you configure dynamic routing
for the edge gateway.
Procedure
1 Log in to vCloud Air and navigate to the vCloud Edge Gateway Services UI.
See “Log In and Navigate to Advanced Networking Services,” on page 9 for information.
2 Click the Firewall tab.
3 Perform one of the following actions:
Option Description
To add a rule at a specific place in
the firewall table
a Select a rule.
b
In the No. column, click
and select Add Above or Add Below.
A new any any allow rule is added below the selected rule. When the
system defined rule is the only rule in the firewall table, the new rule is
added above the default rule.
To add a rule by copying a rule
a Select a rule.
b
Click the Copy ( ) icon.
c Select a rule.
d
In the No. column, click and select Paste Above or Paste Below.
To add a rule anywhere in the
firewall table
a
Click the Add (
) icon.
A new any any allow rule is added below the selected rule. When the
system defined rule is the only rule in the firewall table, the new rule is
added above the default rule.
The new rule is enabled by default.
4
Point to the Name cell of the new rule and click
. Enter a name for the rule.
Chapter 4 Network Security and Isolation
VMware, Inc. 31