< Back
New-NsxEdgeFirewallRule
Post
NAME New-NsxEdgeFirewallRule
SYNOPSIS
Creates a new NSX Edge firewall rule on the specified ESG.
SYNTAX
New-NsxEdgeFirewallRule [-EdgeFireWall] <XmlElement> -Name <String> [-Comment <String>] -Action <String> [-Source
<Object[]>] [-SourceVnic <String[]>] [-DestinationVnic <String[]>] [-NegateSource] [-Destination <Object[]>]
[-NegateDestination] [-Service <Object[]>] [-Disabled] [-EnableLogging] [-AboveRuleId <Int32>] [-Connection
<PSObject>] [<CommonParameters>]
DESCRIPTION
An NSX Edge Service Gateway provides all NSX Edge services such as firewall,
NAT, DHCP, VPN, load balancing, and high availability. Each NSX Edge virtual
appliance can have a total of ten uplink and internal network interfaces and
up to 200 subinterfaces. Multiple external IP addresses can be configured
for load balancer, site???????????????to???????????????site VPN, and NAT services.
The NSX Edge provides layer 3/4 firewall services to protect connected
networks. the Edge firewall is separate from, and can be used to
complement the NSX distributed firewall.
The New-NsxEdgeFirewallRule cmdlet configures new firewall rules on
the specified Edge Services Gateway.
PARAMETERS
-EdgeFireWall <XmlElement>
Required? true
Position? 2
Default value
Accept pipeline input? true (ByValue)
Accept wildcard characters? false
-Name <String>
Name of the new rule
Required? true
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-Comment <String>
Comment string for the new rule
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-Action <String>
Action of the rule - allow, deny or reject.
Required? true
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-Source <Object[]>
Source(s) of traffic to hit the rule. IP4/6 members are specified as string, any other member as the
appropriate VI or PowerNSX object.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-SourceVnic <String[]>
Source(s) vNics of traffic to hit the rule. Valid options are 0 - 9, internal, external, vse
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-DestinationVnic <String[]>
Destination(s) vNics of traffic to hit the rule. Valid options are 0 - 9, internal, external, vse
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-NegateSource [<SwitchParameter>]
Negate the list of sources hit by the rule
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-Destination <Object[]>
Destination(s) of traffic to hit the rule. IP4/6 members are specified as string, any other member as the
appropriate VI or PowerNSX object.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-NegateDestination [<SwitchParameter>]
Negate the list of destinations hit by the rule
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-Service <Object[]>
Services to hit the rule. Services must be marked for inheritance in global scope, or defined directly within
edge scope.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-Disabled [<SwitchParameter>]
Rule is created as disabled
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-EnableLogging [<SwitchParameter>]
Rule logging is enabled
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-AboveRuleId <Int32>
Existing RuleId above which to create new rule
Required? false
Position? named
Default value 0
Accept pipeline input? false
Accept wildcard characters? false
-Connection <PSObject>
PowerNSX Connection object
Required? false
Position? named
Default value $defaultNSXConnection
Accept pipeline input? false
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (https:/go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
OUTPUTS
RELATED LINKS
SYNOPSIS
Creates a new NSX Edge firewall rule on the specified ESG.
SYNTAX
New-NsxEdgeFirewallRule [-EdgeFireWall] <XmlElement> -Name <String> [-Comment <String>] -Action <String> [-Source
<Object[]>] [-SourceVnic <String[]>] [-DestinationVnic <String[]>] [-NegateSource] [-Destination <Object[]>]
[-NegateDestination] [-Service <Object[]>] [-Disabled] [-EnableLogging] [-AboveRuleId <Int32>] [-Connection
<PSObject>] [<CommonParameters>]
DESCRIPTION
An NSX Edge Service Gateway provides all NSX Edge services such as firewall,
NAT, DHCP, VPN, load balancing, and high availability. Each NSX Edge virtual
appliance can have a total of ten uplink and internal network interfaces and
up to 200 subinterfaces. Multiple external IP addresses can be configured
for load balancer, site???????????????to???????????????site VPN, and NAT services.
The NSX Edge provides layer 3/4 firewall services to protect connected
networks. the Edge firewall is separate from, and can be used to
complement the NSX distributed firewall.
The New-NsxEdgeFirewallRule cmdlet configures new firewall rules on
the specified Edge Services Gateway.
PARAMETERS
-EdgeFireWall <XmlElement>
Required? true
Position? 2
Default value
Accept pipeline input? true (ByValue)
Accept wildcard characters? false
-Name <String>
Name of the new rule
Required? true
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-Comment <String>
Comment string for the new rule
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-Action <String>
Action of the rule - allow, deny or reject.
Required? true
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-Source <Object[]>
Source(s) of traffic to hit the rule. IP4/6 members are specified as string, any other member as the
appropriate VI or PowerNSX object.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-SourceVnic <String[]>
Source(s) vNics of traffic to hit the rule. Valid options are 0 - 9, internal, external, vse
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-DestinationVnic <String[]>
Destination(s) vNics of traffic to hit the rule. Valid options are 0 - 9, internal, external, vse
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-NegateSource [<SwitchParameter>]
Negate the list of sources hit by the rule
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-Destination <Object[]>
Destination(s) of traffic to hit the rule. IP4/6 members are specified as string, any other member as the
appropriate VI or PowerNSX object.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-NegateDestination [<SwitchParameter>]
Negate the list of destinations hit by the rule
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-Service <Object[]>
Services to hit the rule. Services must be marked for inheritance in global scope, or defined directly within
edge scope.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-Disabled [<SwitchParameter>]
Rule is created as disabled
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-EnableLogging [<SwitchParameter>]
Rule logging is enabled
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-AboveRuleId <Int32>
Existing RuleId above which to create new rule
Required? false
Position? named
Default value 0
Accept pipeline input? false
Accept wildcard characters? false
-Connection <PSObject>
PowerNSX Connection object
Required? false
Position? named
Default value $defaultNSXConnection
Accept pipeline input? false
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (https:/go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
OUTPUTS
RELATED LINKS