Create an NIC-based Firewall Rule

To create a Firewall rule, follow these steps:

1. In the DCD, go to Menu > Virtual Data Centers.

2. Select the data center to activate firewall.

3. In the Workspace, select a Virtual Machine with a NIC.

4. From the Inspector pane, open the Network tab.

5. Open the properties of the NIC to manage its Firewall Rules.

6. Click Manage Rules.

7. Click Create Firewall Rule and choose from the following type of Firewall rules to add from the drop-down list:

• TCP Rule

• UDP Rule

• ICMP Rule

• ICMPv6 Rule

• VRRP Rule

• GRE Rule

• AH Rule

• ESP Rule

• Any Protocol

8. Enter values for the following in a Firewall rule:

• Name: Enter a name for the rule.

• Direction: Choose the traffic direction between Ingress and Egress.

• Source MAC: Enter the Media Access Control (MAC) address to be passed through by the firewall.

• Source IP/CIDR: Enter the IP address to be passed through by the Firewall.

• Destination IP/CIDR: If you use virtual IP addresses on the same network interface, you can enter them here to allow access.

• Port Range Start: Set the first port of an entire port range.

• Port Range End: Set the last port of a port range or enter the port from Port Range Start if you only want this port to be allowed.

• ICMP Type: Enter the ICMP Type to be allowed. Example: 0 or 8 for echo requests (ping) or 30 for traceroutes.

• ICMP Code: Enter the ICMP Code to be allowed. Example: 0 for echo requests.

• IP Version: Select a version from the drop-down list. By default, it is Auto.

9. (Optional) You can add Firewall rules from an existing template by using Rules from Template. The Generic Webserver, Mailserver, Remote Access Linux, and Remote Access Windows are the types of Firewall rules you can add from the existing rules template.

10. Alternatively, you may import an existing rule set from the Clone Rules from other NIC.

11. Click Save to confirm creating a Firewall rule.