VMware NSX

  • 1.  By default gateway Firewall service is active on T1 gateway

    Posted Dec 16, 2022 11:10 AM

    Dear Team,

     

    Whenever I deploy T1 Gateway what I've seen is I'm able to see one Service is active.

    MrVmware9423_0-1671188763844.png

     

    When I click on that Service, then it show Gateway Firewall.

    MrVmware9423_1-1671188816767.png

     

    While configuring I'm not geting any option to enable Gateway firewall on T1, then why I'm able to see this service?

     

    Because of this service will there be any Impact of VM Traffic flow? 

     

    Will T1 still be called as DR only?

     

    How to disable this gateway firewall service on T1 gateway?

     

    Please Assist.



  • 2.  RE: By default gateway Firewall service is active on T1 gateway

    Broadcom Employee
    Posted Dec 16, 2022 12:11 PM

    While configuring I'm not getting any option to enable Gateway firewall on T1, then why I'm able to see this service?

    ### Did you configured Edge cluster on your T1 router in this example?

    Because of this service will there be any Impact of VM Traffic flow? 

    ### No, because it will hit Default rule which is actually PERMIT ALL.

    Will T1 still be called as DR only?

    ### T1 can host stateful services also, which means SR component, beside DR. Will it host SR component depends on T1 configuration inside NSX.

    How to disable this gateway firewall service on T1 gateway?

    ### If you attached Edge cluster at first point - try disabling it, which should remove SR service from T1 router.

    HTH,

    Dragan



  • 3.  RE: By default gateway Firewall service is active on T1 gateway

    Posted Dec 22, 2022 04:20 PM

    If you did not specify and edge on your T1 then under security and gateway fw you will notice a " No service router ... " message.

    You can disable the gateway fw under Action Menu - general setting but I think you will still see that Service in topology table

    Thanks,