VMware Networking Community
anothervsphereu
Enthusiast
Enthusiast
‎04-02-2020 11:54 AM

New NSX instance

  I have an existing Horizon environment using NSX for desktop.  I am using IP sets, service groups, DFW etc.  I am bringing up a new Horizon environment in parallel.  I would like to export the NSX configuration from the existing environment and import it into the new environment to preserve my existing security.

I see that I can export my DFW firewall rules and load that saved config. When I do that, all of my rules are invalid because the Service Groups, IP sets, Security groups,etc are missing.  I tried recreating a few of the IP sets to see if the rules would show valid and they do not.

Is it possible to export Security groups, service groups, IP sets, etc and re-import them.   Kinda makes being able to export/import the DFW rules if I can get all the groups/sets as well.

Reply
0 Kudos
3 Replies
Alex_Romeo
Leadership
Leadership
‎04-02-2020 12:02 PM

Hi,

Importing and Exporting Security Policy Configurations

export:

Export a Security Policy Configuration

Import:

Import a Security Policy Configuration

ARomeo

Blog: https://www.aleadmin.it/
Reply
0 Kudos
anothervsphereu
Enthusiast
Enthusiast
‎04-02-2020 12:20 PM

Thanks for the reply, but I have nothing under Security Policies.

What I need to export/import is what is listed under Groups and Tags

  Security Groups

   IP Sets

   MAC Sets

    Service

   Service Groups

Reply
0 Kudos
Alex_Romeo
Leadership
Leadership
‎04-02-2020 01:09 PM

Hi,

this and the official manual, I don't think you can do what you say.

https://docs.vmware.com/en/VMware-NSX-Data-Center-for-vSphere/6.4/nsx_64_admin.pdf

ARomeo

Blog: https://www.aleadmin.it/
Reply
0 Kudos