Como implementar uma NSX Edge Gateway (EN)

Discover how to deploy an NSX Edge Services Gateway with the vSphere interface

Last updated on 19th November 2021

Objective

The NSX Edge Services Gateway is a VMware appliance providing services such as Firewall, NAT, DHCP, VPN, Load Balancer and High Availability.

This guide explains how to deploy such an appliance

Requirements

Instructions

You're about to embark in the NSX appliance deployment adventure.

We'll guide you step by step on how to set up an Edge Services Gateway with a connection inside your environment as well as another to communicate with the outside.

First, in the vSphere interface, go to the Networking and Security dashboard.

Menu

On the left side, navigate to the NSX Edges section.

NSX

Click on + Add then click Edge Services Gateway.

AddNSX

The guided installation window pops up.

Basic Details

Fill in the basic information. Only the name is mandatory, the other fields are optional and will either be automatically created or be ignored if non applicable to your case.

When done, click Next.

Leave Deploy Edge Appliance VMchecked.
Unchecking it would create the rules and settings but nothing would be active until a VM is deployed.
We are leaving High Availibility out of our scope for now.

Basic

Settings

Now on the to the settings window.

  • The default administrator user name is filled in automatically but you can change it as you need.
  • Create and confirm a compliant password.
  • Auto Rule Generation will add firewall, NAT, and routing to enable control traffic to flow for these services.
  • The SSH access option allows console access on port 22 if needed. We recommend leaving it off by default and only open access as needed.
  • FIPS mode enforces encryption and security levels compliant with the United States Federal Information Processing Standards.
  • The logging level can be adapted to your needs.

Click Next

Settings

Deployment Configuration

Select the destination datacenter (if you only have one datacenter in vSphere, there is no choice possible), the size of the appliance (size will determine processing power and resource consumption) and hit the + button.

Deployment

In the next window, select where the appliance will live within the chosen datacenter.
Only Cluster/Resource Pool and Datastore are mandatory field (vSphere will select the best suited places for the rest if you do not input data).

Click Add.

add

Back in the Deployment Configuration window, click Next.

Interface

The Configure Interfaces is now before you.

Click on + Add

Interfaces

There are 2 types of interfaces:

  • Uplink will communicate with the outside of your network
  • Internal will be confined to your network

Let's name an interface and choose Uplink.

Click on the pencil symbol to select how it will connect out.

Outside

Typically, in the Distributed Virtual Port Group tab, the VM Network is the default outside access network (if you customized your environment, select accordingly).

Click OK.

Net

Back in the Interface configuration window, add a primary IP and subnet prefix for the interface.

Click OK.

addIP

Add a second interface. This time it will be an Internal one.

Click on the pencil symbol again to select the network the interface will be part of.

Also, add the primary IP and subnet prefix for the vNIC.

Inside

Interfaces are ready. Review and click Next.

Ready

Default Gateway

Configure the Default Gateway for external access. This is not mandatory and can be disabled to be done later.

Click Next

Gateway

Firewall Default Policy

Enable or disable Firewall Default Policy and click Next.

Firewall

Review

Review the configuration and hit that Finish button.

Review

The Gateway will deploy. It will show a "Busy" and "Installing" status until done.
If the deployment fails, it will show you basic error message and link to the full logs in the Failed section.

Installing

After some time, your appliance will show as "Deployed".

Final

Congratulations and welcome to the world of NSX!

Go further

Join our community of users on https://community.ovh.com/en/.


Esta documentação foi-lhe útil?

Não hesite em propor-nos sugestões de melhoria para fazer evoluir este manual.

Imagens, conteúdo, estrutura... Não hesite em dizer-nos porquê para evoluirmos em conjunto!

Os seus pedidos de assistência não serão tratados através deste formulário. Para isso, utilize o formulário "Criar um ticket" .

Obrigado. A sua mensagem foi recebida com sucesso.


Estes manuais também podem ser úteis...

OVHcloud Community

Aceda ao seu espaço comunitário. Coloque as suas questões, procure informações e interaja com outros membros do OVHcloud Community.

Discuss with the OVHcloud community

Em conformidade com a alteração à Diretiva 2006/112/CE, os preços com IVA podem variar de acordo com o país de residência do cliente
(por defeito, os preços com IVA apresentados incluem o IVA português em vigor).