Can I proactively change the default firewall rule (or automatically include additional default rules) that are applied to all new NSX Edges?
To be clear:
thanks.
No, I don't believe this is possible.
If you are using automation you can change/add custom rules upon deployment. You can also write a script that would pull in the current Edge ID's and deploy custom rules to all the Edges.
I assume the used case for this would be to allow generic traffic like ICMP, DNS and NTP?
No, I don't believe this is possible.
If you are using automation you can change/add custom rules upon deployment. You can also write a script that would pull in the current Edge ID's and deploy custom rules to all the Edges.
I assume the used case for this would be to allow generic traffic like ICMP, DNS and NTP?
Through Vcenter there is no such option. The only option through is to Enable/Disable the EDGE firewall after deployment.
If you want to create custom firewall for EDGE then you have use API after creation of EDGE To push the basic configuration which you want to push.