Hi,
we are running a setup with vcd v10 and NSX-T 2.5.
when creating an Edge in a customer tenant de default permission is any any permit.
We want to change this to default drop any.
It is possible to change the any permit to any deny in NSX manager, but this means de default deployments are still incorrect.
Also the VCD does not see the change from any allow to any drop. VCD keeps showing any permit even when the rule has been changed in NSX manager to drop.
Any suggestions to change de default deployment options?
If you are referring to Tier-1 edges, i don't think there is a way to change the default rule on fly considering the deployment is done from tenant portal.Changing rules directly from NSX-T is not the best approach either .
having a default allow rule is also not best practice.
so there is actually no real way to fix this?