Highlighted
Contributor
Contributor

New NSX instance

  I have an existing Horizon environment using NSX for desktop.  I am using IP sets, service groups, DFW etc.  I am bringing up a new Horizon environment in parallel.  I would like to export the NSX configuration from the existing environment and import it into the new environment to preserve my existing security.

I see that I can export my DFW firewall rules and load that saved config. When I do that, all of my rules are invalid because the Service Groups, IP sets, Security groups,etc are missing.  I tried recreating a few of the IP sets to see if the rules would show valid and they do not.

Is it possible to export Security groups, service groups, IP sets, etc and re-import them.   Kinda makes being able to export/import the DFW rules if I can get all the groups/sets as well.

0 Kudos
3 Replies
Highlighted
User Moderator
User Moderator

0 Kudos
Highlighted
Contributor
Contributor

Thanks for the reply, but I have nothing under Security Policies.

What I need to export/import is what is listed under Groups and Tags

  Security Groups

   IP Sets

   MAC Sets

    Service

   Service Groups

0 Kudos
Highlighted
User Moderator
User Moderator

Hi,

this and the official manual, I don't think you can do what you say.

https://docs.vmware.com/en/VMware-NSX-Data-Center-for-vSphere/6.4/nsx_64_admin.pdf

ARomeo

Blog: https://www.aleadmin.it/
0 Kudos