Hiya

We currently have NSX-V deployed across 2 sites. We have no edge devices or virtual switches in either site. We have a NSX manager installed in each Vcenter instance at both sites. We only have a DFW at both sites. which we use to control traffic between Prod and DMZ & UAT(similar config).

There are Universal rules in the DFWs which are shared by both environments as well as normal rules used locally.

We are wanting to upgrade to NSX-T but the migration coordinator doesn't support migration of Universal rules and we have been told is only any good for one environment.

We are going to opt for the lift and shift approach. But the documentation isn't easy to follow.

We will not be going for the Federation topology as this would require to many recourses and we are hoping to go with the multisite.

We are going to build a lab to practice, but could do with some sort of step by step.

A single NSX-T will look after both Vcenter environments, but I have some questions:

What will happen to the universal rules, will they exist after the migration?

We have a DFW at each location will this become condensed and we will only have one after migration?

We have been told we can use advanced options to migrate the FW rules, but this can only be done once and that would be for one site not 2?

We were initially hoping to use the migration coordinator to export and import the rules into NSX-T which is non service effecting, but this is designed for one site?

As I 've said, I've looked through the documents, but I'm struggling with a plan.

It may not be possible for someone answer all my questions, but if someone could help that would be great!

Regards Mike