FAQ's - NSX-T

1 Where is NSX-v Edge Size + HA options?
2 I can't enter IP’s into my Firewall
3 How to I customize my ports on my Firewall/NAT?
4 I’ve customized the port on my Firewall with Applications but can’t connect

Where is NSX-v Edge Size + HA options?

Cloud Director with NSX-T Network backend don`t have such options. All ZettaGrid vDC become NSX-T backed, because NSX-v end of life and no longer supported by Vmware.

I can't enter IP’s into my Firewall

New to NSX-T, the Firewall no longer allows the direct entry of IP addresses into Firewall rules. In order to set specific IP's, you will need to configure them under Security -> IP Sets.

Properly managed, this will allow a more human-readable Firewall table.

IP Sets allow you to group multiple IP ranges, CIDR’s or specific IP’s together for use in your Firewall rules.
When creating an IP Set you’ll need to provide

IP Set Name
Short Description
A list of IPv4 single IPs, ranges or CIDR’s

How to I customize my ports on my Firewall/NAT?

Similarly to IP Sets. Custom Ports are now handled via Application Port Profiles under Security.

There is a pre-defined list of over 400 commonly used application ports available to select by default however if something you need isn't on this list, you can create your own here.

I’ve customized the port on my Firewall with Applications but can’t connect

The Application on the Firewall is used for specifying the Source Port you’re connecting from rather than the destination port you’re connecting to. The Destination Port is set on the NAT rule.