Hi,
We have a Cross vCenter NSX setup.
Whereas Site A is Active and Site B is passive.
I have configured firewall rules on the Edge at site A.
I want to copy those firewall rules to the Edge at site B.
What would be the easiest method?
Thanks, Raymond
Misunderstood The question is related with Edge Firewall, which rules are not replicated automatically:
Support Matrix for NSX Services in Cross-vCenter NSX
To manage rule and object consistency on both sides automatically, provisioning and automation tools such as VRA, Terraform, Ansible or powerNSX, NSXAnsible could be used, if the rules do not chage frequently a script similar to following (the link is for Vshield Edge) could be helpful:
vCloud API and PowerCLI – Import/Export vShield Edge FW Rules – vScratchpad
With Cross-vCenter configuration, Universal dFW section objects and rules configured on the Primary Site replicate to the secondary site automatically
These links could be helpful:
Create Universal Security Policies with Cross-VC NSX active/active site deployments - Iwan’s wiki
Misunderstood The question is related with Edge Firewall, which rules are not replicated automatically:
Support Matrix for NSX Services in Cross-vCenter NSX
To manage rule and object consistency on both sides automatically, provisioning and automation tools such as VRA, Terraform, Ansible or powerNSX, NSXAnsible could be used, if the rules do not chage frequently a script similar to following (the link is for Vshield Edge) could be helpful:
vCloud API and PowerCLI – Import/Export vShield Edge FW Rules – vScratchpad
Hi Canero,
Thanks for the info.
I'll have a look at these tools.
Cheers, Ray