VMware NSX Installation and Configuration Part 5- Exclude Virtual Machines from NSX Firewall Protection

You can exclude a set of virtual machines from NSX distributed firewall protection.

NSX Manager, NSX Controllers, and NSX Edge virtual machines are automatically excluded from NSX distributed firewall protection. In addition, VMware recommends that you place the following service virtual machines in the Exclusion List to allow traffic to flow freely.

– vCenter Server. It can be moved into a cluster that is protected by Firewall, but it must already exist in the exclusion list to avoid connectivity issues. n Partner service virtual machines.

– Virtual machines that require promiscuous mode. If these virtual machines are protected by NSX distributed firewall, their performance may be adversely affected.

– The SQL server that your Windows-based vCenter uses. n vCenter Web server, if you are running it    separately.

Procedure

1 In the vSphere Web Client, click Networking & Security.

2 In Networking & Security Inventory, click NSX Managers.

3 In the Name column, click an NSX Manager.

4 Click the Manage tab and then click the Exclusion List tab.

5 Click the Add (+) icon

6 Type the name of the virtual machine that you want to exclude and click Add

1.png

2.png

In the next post i will cover how to prepare vSphere Host Cluster for NSX.

One thought on “VMware NSX Installation and Configuration Part 5- Exclude Virtual Machines from NSX Firewall Protection

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s